Submit Your Site For Free!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

SysAdminNews
SecurityProNews
ITmanagement










Security Pen Testing - Google Hacking

By Dan Morrill
Expert Author
Article Date: 2007-04-12

If you are a security pen tester, you should know about the Google Hacking Database over at Johnny I Hack Stuff.

There are a number of sites that deal with search engines and using them to discover vulnerabilities in systems and services that the site owners might not even be aware of.

The first and Primary one is the Johnny I hack stuff web site, while others like Billy I Hack Stuff are knock offs with their own spin on how Google hacking translates over to MSN/Live, Yahoo, Ask and Clusty. In general though, if you are not "Google hacking" your own site, then you should be.

The command set is fairly easy type in your hack and limit it by site:something.com or your domain name. For example filetype:xls site:Someone.com will look up all the spreadsheets that are on the site someone.com.

In general this is a vital skill for security pen testers to know because the bad folks are already doing this and have been doing it for years. The entire process is so well known that for the security team not to know this puts the company at a disadvantage in terms of finding out what is on the web server.

Some simple scripts are:

Find all files ending in torrent, with the name Microsoft at the pirate bay would look like this

http://www.google.com/search?source=ig&hl=en&q=microsoft+
filetype%3Atorrent+site%3Athepiratebay.org

Or finding all the flash swf files on myspace would look like this: filetype:swf site:myspace.com

http://www.google.com/search?hl=en&q=filetype%3Aswf+site%3Amyspace.com

Another fun one is the inurl:confidential intitle:personnel to find confidential personnel iforamtion and it looks something like this:

http://www.google.com/search?hl=en&q=inurl%3Aconfidential+intitle%3Apersonnel

Variation on the theme is the in text:Confidential in text: copyright looking for confidential copyrighted text files

http://www.google.com/search?hl=en&q=in+text%3AConfidential+in+text%3A+copyright

These are the kinds of things that people are looking for all the time on Google and other search engines. Well worth checking out this kind of recon, because it can include your companies camera security network, files, tax information, personnel information, sales information, and a host of other information that was not properly secured.

It is a neat trick that all security engineers and security pen testers should be doing when they do their quarterly audits of their companies web sites. You never know what you will find. It is also better that you find it rather than someone else finding it.

Comments
About the Author:
Dan Morrill runs Techwag, a site all about his views on social media, education, technology, and some of the more interesting things that happen on the internet. He works at CityU of Seattle as the Program Director for the Computer Science, Information Systems and Information Security educational programs.

Newsletter Archive | Article Archive | Submit Article | Advertising Information | About Us | Contact

SysAdminNews is an iEntry, Inc. ® publication © All Rights Reserved Privacy Policy and Legal