Company
LOGO
Search Engine Hacking
Steve at SnakeOilLabs dot com
Search Engine Hacking
Search Engine Hacking
1. What is SEH?
1. What is SEH?
2. Tools Armoury
2. Tools Armoury
3. Exploiting SEH
3. Exploiting SEH
4. Countermeasures
4. Countermeasures
Search Engine Hacking
What is SEH?
Definition: Search Engine Hacking (SEH)
Function: noun
SEH is the malicious use of indexing
technologies in order to identify, fingerprint
and exploit at-risk systems, data and people.
In other words: Using Search Engines and
other indexing facilities to find juicy
information and 0wnable b0x3n/w4r3z/d00dz
What is SEH?
How much data are we talking about?
/>
Search Engine Hacking
Search Engine Hacking
Search Engine Hacking
What is SEH?
Only now there’s much more to contend with
IRC Search Engines
Bit Torrent/P2P Search engines
FTP Search engines
Flickr.com
Blogs
Your.application.here/search/
Oh, and Google
But there’s more…
(Whaddya mean you only thought there was Google?)
What is SEH?
What is SEH?
Tools Armoury
Tools Armoury
•
SiteDigger
•
Apollo
•
Wikto
•
Athena
Tools Armoury
SiteDigger ()
•
The ‘original’ Google Scanning tool (other than a web browser,
of course)
•
Requires a Google API Key
•
Uses FSDB and GHDB
•
Searches deliberately restricted
•
The ‘Internet Scanner’ of SEH tools
Tools Armoury
SiteDigger
Tools Armoury
SiteDigger
Tools Armoury
SiteDigger
•
Pros
•
Slick Reporting
•
Well maintained
•
FSDB sometimes outdated, but well categorized
•
Cons
•
Needs Google API Key
•
Google-Specific
•
Restricted searches means stuff gets missed
•
Overall
•
A good tool, ultimately crippled by restrictions
Tools Armoury
Apollo ( />•
Written by Mimi & Spark of the Good Cat Studio.
•
No Google Key required, but still Google only
•
No restrictions on Search
•
Similar functionality to SiteDigger, minus the snazzy reporting
Tools Armoury
Tools Armoury
Apollo
•
Pros
•
No restrictions
•
No Google API Key needed
•
Auto update GHDB
•
Cons
•
Google-Specific
•
Clunky interface
•
No direct link in results
•
Overall
•
Better than SiteDigger, but needs better reporting interface
Tools Armoury
Wikto
( />•
Port of Nikto to Windows with bells and whistles
•
Google Hacking functionality a la GooScan
•
Needs Google API Key
•
Site orientated
•
Requires registration with Foundstone’s portal!!!!
Tools Armoury
Wikto
•
Uses a ‘Googler’ to identify directories worth investigating
Tools Armoury
Wikto
Tools Armoury
Wikto
•
‘BackEnd’ module imports data from Googler for use in data
mining…
Tools Armoury
Wikto