pulp google hacking
play

Pulp Google Hacking The Next Generation Search Engine Hacking - PowerPoint PPT Presentation

Jun 20, 2023 •341 likes •1.07k views

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat 2011 Las Vegas, NV Presen sented ed b by: Francis Brown Rob Ragan Stach & Liu, LLC www.stachliu.com Agenda O V E R V I E W

  1. Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 – Black Hat 2011 – Las Vegas, NV Presen sented ed b by: Francis Brown Rob Ragan Stach & Liu, LLC www.stachliu.com

  2. Agenda O V E R V I E W • Introduc ucti tion/B /Background und • Advan anced A d Attac acks • Google/Bing Hacking - Core Tools • NEW Diggity Attack Tools • Advanced ed D Defenses es • Google/Bing Hacking Alert RSS Feeds • NEW Diggity Alert Feeds and Updates • NEW Diggity Alert RSS Feed Client Tools • Futur uture Di Directi tions 2

  3. Introduction/ Background G E T T I N G U P T O S P E E D 3

  4. Open Source Intelligence S E A R C H I N G P U B L I C S O U R C E S OSI OSINT – is a form of intelligence collection management that involves finding, selecting, and acquiring information from pu publ blicly av y avai ailab able sources and analyzing it to prod oduce uce actiona nabl ble intel elligenc ence . 4

  5. Google/Bing Hacking S E A R C H E N G I N E A T T A C K S 5

  6. Google/Bing Hacking S E A R C H E N G I N E A T T A C K S Bing's source leaked! class Bing { public static string Search(string query) { return Google.Search(query); } } 6

  7. Attack Targets G O O G L E H A C K I N G D A T A B A S E • Advisories and Vulnerabilities (215) • Pages containing network or vulnerability data (59) • Error Messages (58) • Sensitive Directories (61) • Files containing juicy info (230) • Sensitive Online Shopping Info (9) • Files containing passwords (135) • Various Online Devices (201) • Files containing usernames (15) • Vulnerable Files (57) • Footholds (21) • Vulnerable Servers (48) • Pages containing login portals (232) • Web Server Detection (72) 7

  8. Google Hacking = Lulz R E A L W O R L D T H R E A T Lul LulzSec and Anony nymo mous s believed to use Goog oogle H Hacki cking g as a primary means of identifying vulnerable targets. Their releases have nothing to do with their goals or their lulz. It's purely based on whatever they find with their "google hacking" queries and then release it. -- A-Team, 28 June 2011 8

  9. Google Hacking = Lulz R E A L W O R L D T H R E A T 22: 22:14 <@k 14 <@kay ayla la> > Sooooo...using the link above and the google hack string. !Host=*.* intext:enc_UserPassword=* ext:pcf Take your pick of VPNs you want access too. Ugghh.. Aaron Barr CEO HBGary Federal Inc. 22: 22:15 15 <@k <@kay ayla> la> download the pcf file 22: 22:16 <@k 16 <@kay ayla> la> then use http://www.unix-ag.uni- kl.de/~massar/bin/cisco-decode?enc= to clear text it 22: 22:16 <@k 16 <@kay ayla> la> = free VPN 9

  10. Quick History G O O G L E H A C K I N G R E C A P Dates Event 2004 Google Hacking Database (GHDB) begins May 2004 Foundstone SiteDigger v1 released Jan 2005 Foundstone SiteDigger v2 released Feb 13, 2005 Google Hack Honeypot first release Feb 20, 2005 Google Hacking v1 released by Johnny Long Jan 10, 2006 MSNPawn v1.0 released by NetSquare Dec 5, 2006 Google stops issuing Google SOAP API keys Mar 2007 Bing disables inurl: link: and linkdomain: Nov 2, 2007 Google Hacking v2 released 10

  11. Quick History…cont. G O O G L E H A C K I N G R E C A P Dates Event Mar 2008 cDc Goolag - gui tool released Sept 7, 2009 Google shuts down SOAP Search API Nov 2009 Binging tool released by Blueinfy Dec 1, 2009 FoundStone SiteDigger v 3.0 released 2010 Googlag.org disappears April 21, 2010 Google Hacking Diggity Project initial releases Nov 1, 2010 Google AJAX API slated for retirement Nov 9, 2010 GHDB Reborn Announced – Exploit-db.com July 2011 Bing ceases ‘&format=rss’ support 11

  12. Advanced Attacks W H A T Y O U S H O U L D K N O W 12

  13. Diggity Core Tools S T A C H & L I U T O O L S Google Diggity • Uses Google J le JSON/ATO TOM A API • Not blocked by Google bot detection • Does not violate Terms of Service • Required to use Bing Diggity • Uses Bing 2.0 SOAP API • Company/Webapp Profiling • Enumerate: URLs, IP-to-virtual hosts, etc . • Bing Hacking Database (BHDB) • Vulnerability search queries in Bing format 13

  14. New Features D I G G I T Y C O R E T O O L S Google Diggity - New API • Updated to use Googl oogle J JSON ON/ATOM AP API • Due to deprecated Google AJAX API Misc. Feature Uprades • Auto-update for dictionaries • Output export formats • Now also XLS and HTML • Help File – chm file added 14

  15. New Features D O W N L O A D B U T T O N Download Buttons for Google/Bing Diggity • Download actual files from Google/Bing search results Downloads to default: C:\DiggityDownloads\ • • Used by other tools for file download/analysis: FlashDiggity, DLP Diggity, MalwareDiggity,… • 15

  16. New Features A U T O - U P D A T E S SLDB Updates in Progress • Example: SharePoint Google Dictionary • http://www.stachliu.com/resources/tools/sharepoint-hacking-diggity- project/#SharePoint – GoogleDiggity Dictionary File 16

  17. Google Diggity D I G G I T Y C O R E T O O L S 17

  18. Bing Diggity D I G G I T Y C O R E T O O L S 18

  19. Bing Hacking Database S T A C H & L I U T O O L S Example - Bing vulnerability search: BHDB – Bing Hacking Data Base GHDB query • • First ever Bing hacking database • "allintitle:Netscape FastTrack Server Home Page" BHDB version • • Bing hacking limitations • intitle:”Netscape FastTrack Server Home Page" Disabled inurl rl:, li link nk: and li link nkdomain: • directives in March 2007 No support for ext: t:, allin inti titl tle:, allinu inurl: • Limited fil ilety type: : functionality • Only 12 extensions supported • 19

  20. Hacking CSE’s A L L T O P L E V E L D O M A I N S 20

  21. N E W G O O G L E H A C K I N G T O O L S Code Search Diggity 21

  22. Google Code Search V U L N S I N O P E N S O U R C E C O D E • Regex search for vulnerabilities in indexed public code, including popular open source code repositories: • Example: SQL Injection in ASP querystring • select.*from.*request\.QUERYSTRING 22

  23. CodeSearch Diggity A M A Z O N C L O U D S E C R E T K E Y S 23

  24. N E W G O O G L E H A C K I N G T O O L S Bing LinkFromDomainDiggity 24

  25. Bing LinkFromDomain D I G G I T Y T O O L K I T 25

  26. Bing LinkFromDomain F O O T P R I N T I N G L A R G E O R G A N I Z A T I O N S 26

  27. N E W G O O G L E H A C K I N G T O O L S Malware Diggity 27

  28. MalwareDiggity D I G G I T Y T O O L K I T 1. Leverages Bing’s linkfromdomain: search directive to find off-site links of target applications/domains 2. Runs off-site links against Google’s Safe Browsing API to determine if any are malware distribution sites 3. Return results that identify malware sites that your web applications are directly linking to 28

  29. Mass Injection Attacks M A L W A R E G O N E W I L D Malware Distribution Woes – WSJ.com – June2010 • Popular websites victimized, become malware distribution sites to their own customers 29

  30. Mass Injection Attacks M A L W A R E G O N E W I L D Malware Distribution Woes – LizaMoon – April2011 • Popular websites victimized, become malware distribution sites to their own customers 30

  31. Mass Injection Attacks M A L W A R E G O N E W I L D Malware Distribution Woes – willysy.com - August2011 • Popular websites victimized, become malware distribution sites to their own customers 31

  32. Malware Diggity D I G G I T Y T O O L K I T 32

  33. Malware Diggity D I G G I T Y T O O L K I T 33

  34. Malware Diggity D I A G N O S T I C S I N R E S U L T S 34

  35. N E W G O O G L E H A C K I N G T O O L S DLP Diggity 35

  36. DLP Diggity L O T S O F F I L E S T O D A T A M I N E 36

  37. DLP Diggity M O R E D A T A S E A R C H A B L E E V E R Y Y E A R Google Results for Common Docs 513,000,000 600,000,000 500,000,000 400,000,000 260,000,000 2004 300,000,000 2007 84,500,000 2011 200,000,000 46,400,000 17,300,000 42,000,000 100,000,000 16,100,000 2011 30,100,000 10,900,000 2,100,000 2007 0 969,000 1,720,000 PDF 2004 DOC XLS TXT 37

  38. DLP Diggity D I G G I T Y T O O L K I T 38

  39. N E W G O O G L E H A C K I N G T O O L S FlashDiggity 39

  40. Flash Diggity D I G G I T Y T O O L K I T • Google fo for S r SWF WF files on target domains Example search : filetype:swf site: example.com • • Downlo load ad SWF files to C:\DiggityDownloads\ • Disas assemble mble SWF files and an analy alyze for Flash vulnerabilities 40

  41. N E W G O O G L E H A C K I N G T O O L S DEMO DEMO 41

  42. GoogleScrape Diggity D I G G I T Y T O O L K I T GoogleScrape Diggity • Uses Google mobile interface Light-weight, no advertisements • Violates Terms of Service • • Bot detection avoidance Distributed via proxies • Spoofs User-agent and Referer • headers Random &userip= = value • Across Google servers • 42

  43. N E W G O O G L E H A C K I N G T O O L S Baidu Diggity 43

  44. BaiduDiggity C H I N A S E A R C H E N G I N E • Fighting back 44

  45. Advanced Defenses P R O T E C T Y O N E C K 45

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Google Hacking 19 September 2013 Updated August 2015 #s Google's cache is over 95 Petabytes

Google Hacking 19 September 2013 Updated August 2015 #s Google's cache is over 95 Petabytes

Google Hacking 19 September 2013 Updated August 2015 #s Google's cache is over 95 Petabytes Google crawls 300 cached entries per host by default (If the site's SEO ranking is higher, then Google crawls deeper) Getting Google To Scan For You

1.39k views • 114 slides
Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de

Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de

Outline Google Hacking Privacy Searches Countermeasures Future Work Conclusion Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de Department of Computer Science, University of Mannheim (on leave to the

389 views • 21 slides
ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
Canfor Pulp ALC Land Use Application Prince George City Council January 4, 2016 Pulp

Canfor Pulp ALC Land Use Application Prince George City Council January 4, 2016 Pulp

Canfor Pulp ALC Land Use Application Prince George City Council January 4, 2016 Pulp Operations -- Canada Pulp Mills 2 4 1 3 1 Intercontinental 5 6 2 Northwood 3 Prince George Key Products 4 Taylor 5 Canfor Pulp

880 views • 11 slides
Lord of the Bing Taking Back Search Engine Hacking From Google and Bing 29 July 2010 Presented

Lord of the Bing Taking Back Search Engine Hacking From Google and Bing 29 July 2010 Presented

Lord of the Bing Taking Back Search Engine Hacking From Google and Bing 29 July 2010 Presented by: Francis Brown and Rob Ragan Stach &amp; Liu, LLC www.stachliu.com Agenda O V E R V I E W Introduction Advanced Attacks

780 views • 53 slides
modern kraft pulp mill 7th INTERNATIONAL COLLOQUIUM ON EUCALYPTUS PULP May 26-29, 2015 Vitria,

modern kraft pulp mill 7th INTERNATIONAL COLLOQUIUM ON EUCALYPTUS PULP May 26-29, 2015 Vitria,

Management of chloride levels in a modern kraft pulp mill 7th INTERNATIONAL COLLOQUIUM ON EUCALYPTUS PULP May 26-29, 2015 Vitria, ES, Brazil Introduction 50% 50% Veracel is a joint venture of Stora Enso and Fibria. Located in

338 views • 23 slides
Biorefining trends Potential and challenges in the kraft pulp mills Marcelo Hamaguchi 7 th ICEP

Biorefining trends Potential and challenges in the kraft pulp mills Marcelo Hamaguchi 7 th ICEP

Biorefining trends Potential and challenges in the kraft pulp mills Marcelo Hamaguchi 7 th ICEP International Colloquium on Eucalyptus Pulp May 26-29, 2015 Vitria, ES Focus of R&amp;D in transition Wood Pulp Woodhandling Fiber

682 views • 19 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation &amp; privilege escalation 4. Maintaining access &amp; covering tracks

960 views • 62 slides
WiMAX Hacking 2010 Pierce, Goldy, and aSmig feat. sanitybit DEFCON 18 Updated slides, code, and

WiMAX Hacking 2010 Pierce, Goldy, and aSmig feat. sanitybit DEFCON 18 Updated slides, code, and

WiMAX Hacking 2010 Pierce, Goldy, and aSmig feat. sanitybit DEFCON 18 Updated slides, code, and discussion at https://groups.google.com/group/wimax-hacking The Technology WiMAX: a broadband wireless Internet technology 802.16, similar

983 views • 34 slides
Scanning (and some other no-tech hacking) Todays Class Scanning the Internet for research

Scanning (and some other no-tech hacking) Todays Class Scanning the Internet for research

Scanning (and some other no-tech hacking) Todays Class Scanning the Internet for research Scanning the Internet for research Other no-tech hacking Definitions: domain name: google.com unm.edu a registrable

542 views • 19 slides
IMPROVING DEINKED PULP IMPROVING DEINKED PULP QUALITY BY OXIDATION WITH QUALITY BY OXIDATION

IMPROVING DEINKED PULP IMPROVING DEINKED PULP QUALITY BY OXIDATION WITH QUALITY BY OXIDATION

IMPROVING DEINKED PULP IMPROVING DEINKED PULP QUALITY BY OXIDATION WITH QUALITY BY OXIDATION WITH TEMPO TEMPO by Julie Leroux Centre intgr en pte et papier Universit du Qubec Trois-Rivires Outline Outline Introduction

628 views • 28 slides
arXiv:1706.03762v5 [cs.CL] 6 Dec 2017 Llion Jones Aidan N. Gomez ukasz Kaiser

arXiv:1706.03762v5 [cs.CL] 6 Dec 2017 Llion Jones Aidan N. Gomez ukasz Kaiser

Attention Is All You Need Ashish Vaswani Noam Shazeer Niki Parmar Jakob Uszkoreit Google Brain Google Brain Google Research Google Research avaswani@google.com noam@google.com nikip@google.com usz@google.com

295 views • 15 slides
5 things you might not know about Pulp Fiction WARNING The rest of this presentation does

5 things you might not know about Pulp Fiction WARNING The rest of this presentation does

A P ULP F ICTION Presentation By: Montana Boucher-Burnet 5 things you might not know about Pulp Fiction WARNING The rest of this presentation does contain serious spoilers for the movie Pulp Fiction. 1. Made up Bible verse Did

562 views • 17 slides
Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1 Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or

692 views • 47 slides
Tapani Vuorinen tapani.vuorinen@aalto.fi 7th International Colloquium on Eucalyptus Pulp May

Tapani Vuorinen tapani.vuorinen@aalto.fi 7th International Colloquium on Eucalyptus Pulp May

The Future of Eucalyptus Pulp Bleaching Technology Tapani Vuorinen tapani.vuorinen@aalto.fi 7th International Colloquium on Eucalyptus Pulp May 26-29, 2015 Vitria, ES, Brazil Outline Aim Advances in pulp bleaching technology

351 views • 23 slides
Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June 15, 2017 Outline Drone Architectures RF Basics Information Gathering RF Hacking Tools Exploits &amp; Demos Q&amp;A Why? Wrights Law

485 views • 27 slides
Meeting of the EPA Science Advisory Board Meeting of the EPA Science Advisory Board Biogenic

Meeting of the EPA Science Advisory Board Meeting of the EPA Science Advisory Board Biogenic

Meeting of the EPA Science Advisory Board Meeting of the EPA Science Advisory Board Biogenic Carbon Emissions Panel Paul Noe Vice President for Public Policy October 25 2011 October 25, 2011 U.S. forests have national growth/drain ratio of

254 views • 6 slides
Partitioning Problem and Usage Lecture 8 CSCI 4974/6971 26 Sep 2016 1 / 14 Todays Biz 1.

Partitioning Problem and Usage Lecture 8 CSCI 4974/6971 26 Sep 2016 1 / 14 Todays Biz 1.

Partitioning Problem and Usage Lecture 8 CSCI 4974/6971 26 Sep 2016 1 / 14 Todays Biz 1. Reminders 2. Review 3. Graph Partitioning overview 4. Graph Partitioning Small-world Graphs 5. Partitioning Usage example 2 / 14 Todays Biz 1.

1.47k views • 102 slides
Near infrared spectroscopy: A rapid nondestructive method for measuring wood properties and its

Near infrared spectroscopy: A rapid nondestructive method for measuring wood properties and its

Near infrared spectroscopy: A rapid nondestructive method for measuring wood properties and its application to tree breeding L. R. Schimleck Warnell School of Forestry and Natural Resources The University of Georgia Overview Introduction

731 views • 39 slides
UFS Market Dynamics April 2018 Nor orth th Am Americ erican an UFS M FS Mar arket et Upda

UFS Market Dynamics April 2018 Nor orth th Am Americ erican an UFS M FS Mar arket et Upda

UFS Market Dynamics April 2018 Nor orth th Am Americ erican an UFS M FS Mar arket et Upda pdate te Improvi Imp ving ng mar market et co cond nditi ition ons s driv driven en by by str stron onge ger r de deman mand d

228 views • 11 slides
A Comparison of Linux Software Update Technologies Matt Porter, Konsulko Group Embedded Linux

A Comparison of Linux Software Update Technologies Matt Porter, Konsulko Group Embedded Linux

A Comparison of Linux Software Update Technologies Matt Porter, Konsulko Group Embedded Linux Conference Europe 2016 Overview Background of Linux software update Linux software update strategies Detailed look at each FOSS project

400 views • 26 slides
Rotary Press Revolutionizes Sludge Compaction Presented by: Ross Elliot VP &amp; GM Tecumseth

Rotary Press Revolutionizes Sludge Compaction Presented by: Ross Elliot VP &amp; GM Tecumseth

Rotary Press Revolutionizes Sludge Compaction Presented by: Ross Elliot VP &amp; GM Tecumseth Filtration Inc. Rotary Press Introduction Waste sludge dewatering issues Pulp and Paper mill sludge categories Mechanical dewatering

716 views • 28 slides
WEYERHAEUSER Earnings Release 3rd Quarter 2010 Forward-looking Statement This presentation

WEYERHAEUSER Earnings Release 3rd Quarter 2010 Forward-looking Statement This presentation

WEYERHAEUSER Earnings Release 3rd Quarter 2010 Forward-looking Statement This presentation contains statements concerning the companys future results and performance that are forward -looking statements within the meaning of the Private

613 views • 20 slides
Flexible and Scalable Acceleration Techniques for Low-Power Edge Computing 2nd Italian Workshop

Flexible and Scalable Acceleration Techniques for Low-Power Edge Computing 2nd Italian Workshop

Flexible and Scalable Acceleration Techniques for Low-Power Edge Computing 2nd Italian Workshop on Embedded Systems 8.9.2017 Universit degli Studi di Roma La Sapienza Francesco Conti 1,2 , Davide Rossi 1 , Luca Benini 1,2

873 views • 53 slides

More recommend