E-Book, Englisch, 560 Seiten
Gardner / Long / Brown Google Hacking for Penetration Testers
1. Auflage 2011
ISBN: 978-0-08-048426-6
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
E-Book, Englisch, 560 Seiten
ISBN: 978-0-08-048426-6
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
"A self-respecting Google hacker spends hours trolling the Internet for juicy stuff. Firing off search after search, they thrive on the thrill of finding clean, mean, streamlined queries and get a real rush from sharing those queries and trading screenshots of their findings. I know because I've seen it with my own eyes. As the founder of the Google Hacking Database (GHDB) and the Search engine hacking forums at http://johnny.ihackstuff.com, I am constantly amazed at what the Google hacking community comes up with. It turns out the rumors are true-creative Google searches can reveal medical, financial, proprietary and even classified information. Despite government edicts, regulation and protection acts like HIPPA and the constant barking of security watchdogs, this problem still persists. Stuff still makes it out onto the web, and Google hackers snatch it right up. Protect yourself from Google hackers with this new volume of information.
-Johnny Long
.Learn Google Searching Basics
Explore Google's Web-based Interface, build Google queries, and work with Google URLs.
.Use Advanced Operators to Perform Advanced Queries
Combine advanced operators and learn about colliding operators and bad search-fu.
.Learn the Ways of the Google Hacker
See how to use caches for anonymity and review directory listings and traversal techniques.
.Review Document Grinding and Database Digging
See the ways to use Google to locate documents and then search within the documents to locate information.
.Understand Google's Part in an Information Collection Framework
Learn the principles of automating searches and the applications of data mining.
.Locate Exploits and Finding Targets
Locate exploit code and then vulnerable targets.
.See Ten Simple Security Searches
Learn a few searches that give good results just about every time and are good for a security assessment.
.Track Down Web Servers
Locate and profile web servers, login portals, network hardware and utilities.
.See How Bad Guys Troll for Data
Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.
.Hack Google Services
Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more."
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;Google Hacking for Penetration Testers, Volume 2;4
3;Copyright Page;5
4;Contents;14
5;Chapter 1. Google Searching Basics;22
5.1;Introduction;23
5.2;Exploring Google's Web-based Interface;23
5.3;Building Google Queries;34
5.4;Working With Google URLs;43
5.5;Summary;65
5.6;Solutions Fast Track;65
5.7;Links to Sites;66
5.8;Frequently Asked Questions;67
6;Chapter 2. Advanced Operators;70
6.1;Introduction;71
6.2;Operator Syntax;72
6.3;Introducing Google's Advanced Operators;74
6.4;Colliding Operators and Bad Search-Fu;102
6.5;Summary;107
6.6;Solutions Fast Track;107
6.7;Links to Sites;111
6.8;Frequently Asked Questions;112
7;Chapter 3. Google Hacking Basics;114
7.1;Introduction;115
7.2;Anonymity with Caches;115
7.3;Directory Listings;121
7.4;Going Out on a Limb: Traversal Techniques;131
7.5;Summary;137
7.6;Solutions Fast Track;137
7.7;Links to Sites;139
7.8;Frequently Asked Questions;139
8;Chapter 4. Document Grinding and Database Digging.;142
8.1;Introduction;143
8.2;Configuration Files;144
8.3;Log Files;151
8.4;Database Digging;155
8.5;Automated Grinding;171
8.6;Google Desktop Search;174
8.7;Summary;177
8.8;Solutions Fast Track;177
8.9;Links to Sites;178
8.10;Frequently Asked Questions;179
9;Chapter 5. Google's Part in an Information Collection Framework;182
9.1;Introduction;183
9.2;The Principles of Automating Searches;183
9.3;Applications of Data Mining;217
9.4;Collecting Search Terms;233
9.5;Summary;243
10;Chapter 6. Locating Exploits and Finding Targets;244
10.1;Introduction;245
10.2;Locating Exploit Code;245
10.3;Locating Exploits Via Common Code Strings;247
10.4;Locating Code with Google Code Search;248
10.5;Locating Malware and Executables;251
10.6;Locating Vulnerable Targets;255
10.7;Summary;281
10.8;Solutions Fast Track;281
10.9;Links to Sites;282
10.10;Frequently Asked Questions;283
11;Chapter 7. Ten Simple Security Searches That Work;284
11.1;Introduction;285
11.2;site;285
11.3;intitle:index, of;286
11.4;error | warning;286
11.5;login | logon;288
11.6;username | userid I employee.ID I "your username is " ;289
11.7;password I passcode I "your password is";289
11.8;admin I administrator;290
11.9;-ext:html -ext:htm -ext:shtml -ext:asp -ext:php;292
11.10;inurl:temp I inurl:tmp | inurl:backup | inurl:bak;296
11.11;intranet | help.desk;296
11.12;Summary;298
11.13;Solutions Fast Track;298
11.14;Frequently Asked Questions;300
12;Chapter 8. Tracking Down Web Servers, Login Portals, and Network Hardware;302
12.1;Introduction;303
12.2;Locating and Profiling Web Servers;303
12.3;Locating Login Portals;330
12.4;Targeting Web-Enabled Network Devices;347
12.5;Locating Various Network Reports;348
12.6;Locating Network Hardware;351
12.7;Summary;361
12.8;Solutions Fast Track;361
12.9;Frequently Asked Questions;363
13;Chapter 9. Usernames, Passwords, and Secret Stuff, Oh My!;366
13.1;Introduction;367
13.2;Searching for Usernames;367
13.3;Searching for Passwords;373
13.4;Searching for Credit Card Numbers, Social Security Numbers, and More;382
13.5;Searching for Other Juicy Info;386
13.6;Summary;390
13.7;Solutions Fast Track;390
13.8;Frequently Asked Questions;391
14;Chapter 10. Hacking Google Services;394
14.1;AJAX Search API;395
14.2;Calendar;410
14.3;Blogger and Google's Blog Search;413
14.4;Signaling Alerts;423
14.5;Google Co-op;425
14.6;Google Code;431
15;Chapter 11. Google Hacking Showcase;440
15.1;Introduction;441
15.2;Geek Stuff;442
15.3;Cameras;459
15.4;Telco Gear;467
15.5;Power;472
15.6;Sensitive Info;476
15.7;Social Security Numbers;485
15.8;Beyond Google;493
15.9;Summary;498
16;Chapter 12. Protecting Yourself from Google Hackers;500
16.1;Introduction;501
16.2;A Good, Solid Security Policy;501
16.3;Web Server Safeguards;502
16.4;HackingYour Own Site;509
16.5;Getting Help from Google;536
16.6;Summary;538
16.7;Solutions Fast Track;538
16.8;Links to Sites;539
16.9;Frequently Asked Questions;540
17;Index;542
Chapter 2Advanced Operators Solutions in this chapter: Operator Syntax introducing Google’s Advanced Operators Combining Advanced Operators Colliding Operators and Bad Search-Fu Links to Sites Summary Solutions Fast Track Frequently Asked Questions Introduction
Beyond the basic searching techniques explored in the previous chapter, Google offers special terms known as advanced operators to help you perform more advanced queries. These operators, used properly can help you get to exactly the information you’re looking for without spending too much time poring over page after page of search results. When advanced operators are not provided in a query, Google will locate your search terms in any area of the Web page, including the title, the text, the Uniform Resource Locator (URL), or the like. We take a look at the following advanced operators in this chapter: intitle, allintitle inurl, allinurl filetype allintext site link inanchor daterange cache info related phonebook rphonebook bphonebook author group msgid insubject stocks define Operator Syntax
Advanced operators are additions to a query designed to narrow down the search results. Although they re relatively easy to use, they have a fairly rigid syntax that must be followed. The basic syntax of an advanced operator is operator:search_term. When using advanced operators, keep in mind the following: There is no space between the operator, the colon, and the search term. Violating this syntax can produce undesired results and will keep Google from understanding what it is you’re trying to do. In most cases, Google will treat a syntactically bad advanced operator as just another search term. For example, providing the advanced operator intitle without a following colon and search term will cause Google to return pages that contain the word intitle. The search term portion of an operator search follows the syntax discussed in the previous chapter. For example, a search term can be a single word or a phrase surrounded by quotes. If you use a phrase, just make sure there are no spaces between the operator, the colon, and the first quote of the phrase. Boolean operators and special characters (such as OR and +) can still be applied to advanced operator queries, but be sure they don’t get in the way of the separating colon. Advanced operators can be combined in a single query as long as you honor both the basic Google query syntax as well as the advanced operator syntax. Some advanced operators combine better than others, and some simply cannot be combined. We will take a look at these limitations later in this chapter. The ALL operators (the operators beginning with the word ALL) are oddballs. They are generally used once per query and cannot be mixed with other operators. Examples of valid queries that use advanced operators include these: intitle: Google This query will return pages that have the word Google in their title. intitle: “index of” This query will return pages that have the phrase index of in their title. Remember from the previous chapter that this query could also be given as intitle:index.of, since the period serves as any character. This technique also makes it easy to supply a phrase without having to type the spaces and the quotation marks around the phrase. intitle: “index of” private This query will return pages that have the phrase index of in their title and also have the word private anywhere in the page, including in the URL, the title, the text, and so on. Notice that intitle only applies to the phrase index of and not the word private, since the first unquoted space follows the phrase index of. Google interprets that space as the end of your advanced operator search term and continues processing the rest of the query. intitle: “index of” “backup files” This query will return pages that have the phrase index of in their title and the phrase backup files anywhere in the page, including the URL, the title, the text, and so on. Again, notice that intitle only applies to the phrase index of. Troubleshooting Your Syntax
Before we jump head first into the advanced operators, let’s talk about troubleshooting the inevitable syntax errors you’ll run into when using these operators. Google is kind enough to tell you when you’ve made a mistake, as shown in Figure 2.1. Figure 2-1. Google’s Helpful Error Messages In this example, we tried to give Google an invalid option to the as_qdr variable in the URL. (The correct syntax would be as_qdr=m3, as we’ll see in a moment.) Google’s search result page listed right at the top that there was some sort of problem. These messages are often the key to unraveling errors in either your query string or your URL, so keep an eye on the top of the results page. We’ve found that it’s easy to overlook this spot on the results page, since we normally scroll past it to get down to the results. Sometimes, however, Google is less helpful, returning a blank results page with no error text, as shown in Figure 2.2. Figure 2-2. Google’s Blank Error Message Fortunately, this type of problem is easy to resolve once you understand what’s going on. In this case, we simply abused the allintitle operator. Most of the operators that begin with all do not mix well with other operators, like the inurl operator we provided. This search got Google all confused, and it coughed up a blank page. Notes from the Underground… But That’s What I Wanted! As you grom in your Google-Fu, you will undoubtedly want to perform a search that Google’s syntax doesn’t allow. When this happens, you’ll have to find other ways to tackle the problem. For now though, take the easy route and play by Google’s rules. Introducing Google’s Advanced Operators
Google’s advanced operators are very versatile, but not all operators can be used everywhere, as we saw in the previous example. Some operators can only be used in performing a Web search, and others can only be used in a Groups search. Refer to Table 2.3, which lists these distinctions. If you have trouble remembering these rules, keep an eye on the results line near the top of the page. If Google picks up on your bad syntax, an error message will be displayed, letting you know what you did wrong. Sometimes, however, Google will not pick up on your bad form and will try to perform the search anyway. If this happens, keep an eye on the search results page, specifically the words Google shows in bold within the search results. These are the words Google interpreted as your search terms. If you see the word intitle in bold, for example, you’ve probably made a mistake using the intitle operator. Intitle and Allintitle: Search Within the Title of a Page
From a technical standpoint, the title of a page can be described as the text that is found within the TITLE tags of a Hypertext Markup Language (HTML) document. The title is displayed at the top of most browsers when viewing a page, as shown in Figure 2.3. In the context of Google groups, intitle will find the term in the title of the message post. Figure 2-3. Web Page Title As shown in Figure 2.3, the title of the Web page is “Syngress Publishing.” It is important to realize that some Web browsers will insert text into the title of a Web page, under certain circumstances. For example, consider the same page shown in Figure 2.4, this time captured before the page is actually finished loading. Figure 2-4. Title Elements Injected by Browser This time, the...
