Feeds

Hacking Google for fun and profit

Mayhem, mischief and Xmas lights

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

Insecure websites are not the only venues at risk from Google-hacking. Network hardware can be hacked, cached printing pages can be perused and security cameras snooped on thanks to evolutions in attack techniques that are dumbing down network attacks.

So-called Google hacking - named after the search engine - relies on employing carefully crafted combination of search terms to unveil potentially confidential files. The technique not particularly recent (we first wrote about it more than two years ago); but it's evolving to become an even greater source of mischief.

Security consultant Johnny Long, of CSC, told delegates at the Black Hat conference in Amsterdam on Thursday, 31 March that network defenders needed to stay on top of the latest Google-hacking techniques to keep ahead of the "bad guys".

There are numerous ways to exploit vulnerabilities and mount attacks that allow access to the back end of ecommerce websites. "Google can do the same thing but puts it in hands of amateurs," said Long. This dumbing down of cracking opens the way to numerous attacks. Hunting for credit card numbers on insecure servers or network passwords is bad enough but the problem doesn't stop there.

Using screen grabs, Long showed how routers with default passwords could be located and turned off. The same approach allows the cache of insecure printers to be browsed, enabling hackers to view or download potentially sensitive documents. Insecure UPS systems, time lapse security cameras and even PBX telephony systems can also be nobbled. Police reports from crimes at US universities can be searched for references to social security numbers. Nothing is sacred.

"Hackers can get to into HomeSear web control and turn off the lamps, fridge or air filter in someone's home. You can even turn off someone's Xmas lights, now that’s evil" Long said.

Stealth mode

Google can be also used to conduct reconnaissance on vulnerable systems without sending packets to a target. Attackers can map domains or get a list of vulnerable servers using the search engine. "You could get the same data using other techniques but this is mapping with stealth and style," Long said.

The technique can be turned on its head by security pros to find and fix potential security holes, the main theme of Long's well-received Google hacking for penetration testers presentation, a title taken from his book on the subject. South African firm Sensepost has developed a number of applications to automate this process.

Google-hacking has been picked up as a technique by virus writers. Recent worms have taken advantage of Google to automate the search for vulnerable machines. In response, Google has started blocking "evil queries", a technique Long described as the "Google Dork Detection System".

He showed how this approach is limited because changing the case of queries defeated its first version. Google fixed that - but splitting queries into multiple operators still works. Even when Google fixes this further query manipulation will still be possible. "Never assume Google will protect you," he said. ®

Related stories

The Google attack engine
Google closes Blogger security holes
BBC throws strop at 'Ceefax Google'

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.