Thursday, December 25, 2008

Hacking into Google

There's alot to learn about hacking into Google.

So-called Google hacking - named after the search engine - relies on employing carefully crafted combination of search terms to unveil potentially confidential files.

There are numerous ways to exploit vulnerabilities and mount attacks that allow access to the back end of ecommerce websites. Google can do the same thing but puts it in hands of amateurs.

Google can be also used to conduct reconnaissance on vulnerable systems without sending packets to a target. Hacking into Google, attackers can map domains or get a list of vulnerable servers using the search engine. You could get the same data using other techniques but this is mapping with stealth and style.

He showed how this approach is limited because changing the case of queries defeated its first version. Google fixed that - but splitting queries into multiple operators still works. Even when Google fixes this further query manipulation will still be possible.

The technique can be turned on its head by security pros to find and fix potential security holes, the main theme of Johnny Long's well-received Google hacking for penetration testers presentation, a title taken from his book on the subject. South African firm Sensepost has developed a number of applications to automate this process.

Google-hacking has been picked up as a technique by virus writers. Recent worms have taken advantage of Google to automate the search for vulnerable machines. In response, Google has started blocking "evil queries", a technique Long described as the "Google Dork Detection System".

No comments: