Google Hacking for Penetration Testers 3rd Ed |
Page 2 of 2
Author: Johnny Long, Bill Gardner & Justin Brown
Chapter 8 Tracking Down Web Servers, Login Portals, and Network Hardware This chapter opens with a comparison of the mindset of hackers versus penetration testers. The latter are typically limited to testing in a given manner for a given system. Hackers have much wider scope, and a wider target base. Search queries are provided to identify types of web server (e.g. server.at “Apache/2.4.1.2”), together with those that expose directory listings. Details are provided on how to search for web servers based on the common error messages they expose. Another potential vulnerability is the default pages that administrators might use to test a web server, in some cases they can contain useful information that can be exploited. The chapter continues with a look at locating login portals, these might contain information revealing the product, version, file structure etc. The section ends with a brief look at locating and using various web utilities, especially the Network Query Tool – a search query is provided to identify web servers that have this tool installed, a potentially dangerous situation. The chapter ends with a look at locating network hardware, including webcams, printers, routers, and firewalls. This chapter provides useful instruction, with examples and search queries, to identify vulnerable web servers, login portals and network hardware. Chapter 9 Usernames, Passwords, and Secret Stuff, Oh My! The chapter opens with a discussion about sensitive information being accessible via Google searches, this includes passwords, credit card number, and government documents. The chapter discusses, with example searches, the following topics:
The result of these queries, illustrate how much sensitive data is freely available, from simple Google searches. Chapter 10 Hacking Google Services This short chapter provides details on how Google’s various services can be used to facilitate hacking. The services examined are:
Google Calendar often has useful information relating to users, telephone numbers, passwords, birthdays, pet’s names, conference calls etc. Signaling alerts can provide a degree of automation to your regular searches (e.g. monitor specific sites for vulnerabilities). Google Co-op allows you to create a powerful custom search engine. Chapter 11 Hacking Google Showcase This chapter is derived from the author’s conference presentations, showing the power of Google hacking. There’s a short discussion on some of the tools you might find useful (ping, finger, portscan, and various scripts). Areas covered include: applications, network devices, cameras, and telco equipment. The hack to control of power systems is particularly ‘interesting’. In many cases, suggestions for further hacks are provided. Chapter 12 Protecting Yourself from Google Hackers In many ways, all the previous chapters have been building towards this chapter, which discusses how you can protect yourself and your systems from Google hacking. The chapter opens with the need for a good security policy, this should identify the resources you are aiming to protect, the mechanisms of protection, and what to do in the case of a security breach. The chapter continues with a look at web server safeguards. Many of these are derived by fixing the vulnerabilities identified in the previous chapters, and include addressing:
The chapter then discusses hacking your own site. You should run the search queries given previously on your own site, and inspect each of the returned pages for vulnerabilities. Various tools can assist with this, including NIKTO and WIKTO. This chapter provides a useful overview of the approaches used in the previous chapters, and how they can be applied to your own sites to reduce their vulnerabilities. Conclusion This book aims to show you what information can be found via Google search queries, much of it never intended for a public audience (e.g. credit card numbers, passwords etc). Having identified various vulnerabilities, it highlights how these can be reduced. The book is an interesting read, with useful, well-written discussions, tips, screenshots, practical search examples, inter-chapter links, website links, and helpful chapter summaries. The book provides some useful template queries together with approaches to thinking about problems. The book does assume some IT knowledge and some tools (e.g. Tcpdump, MRTG, Nmap, ntop) are introduced with insufficient detail for the beginner, but this should be ok for many developers. The book is suitable for those wanting to get more out of Google searching, those wanting to protect their websites/data, hackers, and curious people. Sometimes the book felt a bit dated. Checking the table of contents with the previous 2007 edition of the book, shows they are around 90% the same. The screenshots should have titles, this would make subsequent searching easier. Overall, this is an interesting and informative read. In these times of frequent data breaches (e.g. eBay, Three, VTech), this should be required reading for anyone interesting in protecting data. Highly recommended.
|
||||||
Last Updated ( Tuesday, 05 January 2016 ) |