View
227
Download
0
Category
Preview:
Citation preview
8/6/2019 Slides Tatli
1/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
Google Reveals Cryptographic Secrets
Emin Islam Tatltatli@th.informatik.uni-mannheim.de
Department of Computer Science, University of Mannheim
1. Kryptowochende, 01-02 July 2006
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
http://find/http://goback/8/6/2019 Slides Tatli
2/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
Outline
1 Google Hacking
2 Crytographic Secrets
3 Automatic Tools
4 Countermeasures
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
http://find/http://goback/8/6/2019 Slides Tatli
3/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
MotivationAdvanced Search ParametersExamples of Google Hacking
Motivation
Google has the index size over 20 billion entries
try to search -"fgkdfgjisdfgjsiod"
We use google to search anythingBut hackers also use google to search something
called Google Hackingvulnerable servers, files and applications, files containingusernames-passwords, sensitive directories, online devices, etc.
Google Hacking Database [1]
1413 entries in 14 groups (byJuly 2006)
What about Cryptographic Secrets?
In this talk, we find out cryptographic secrets with google
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
http://find/http://goback/8/6/2019 Slides Tatli
4/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
MotivationAdvanced Search ParametersExamples of Google Hacking
Advanced Search Parameters
[all]inurl
[all]intext
[all]intitle
site
ext, filetype
symbols: "-", "|", "."
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
O li
http://find/http://goback/8/6/2019 Slides Tatli
5/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
MotivationAdvanced Search ParametersExamples of Google Hacking
Examples of Google Hacking I
Unauthenticated programs
"PHP Version" intitle:phpinfo inurl:info.php
Applications containing SQL injection & path modificationvulnerabilities
"advanced guestbook * powered" inurl:addentry.php
intitle:"View Img" inurl:viewimg.php
Security Scanner Reports
"Assessment Report" "nessus" filetype:pdf
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
O tli
http://find/http://goback/8/6/2019 Slides Tatli
6/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
MotivationAdvanced Search ParametersExamples of Google Hacking
Examples of Google Hacking II
Private data listings
"index of private|privat|ozel"
phone address email intitle:"Curriculum Vitae"
Database applications&error files
"Welcome to phpmyadmin ***" "running on * as
root@*" intitle:phpmyadmin
"mysql error with query"
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
O tline
http://find/http://goback/8/6/2019 Slides Tatli
7/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
MotivationAdvanced Search ParametersExamples of Google Hacking
Examples of Google Hacking III
Online Devicesinurl:"hp/device/this.LCDispatcher"
intitle:liveapplet inurl:LvAppl
"Please wait....." intitle:"SWW link"
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
Outline Hashed Passwords
http://find/http://goback/8/6/2019 Slides Tatli
8/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
Hashed PasswordsSecret KeysPublic KeysPrivate KeysEncrypted MessagesSigned Messages
Cryptographic Secrets
1 Hashed Passwords
2 Secret Keys
3 Public Keys
4 Private Keys
5 Encrypted Messages
6 Signed Messages
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
Outline Hashed Passwords
http://find/http://goback/8/6/2019 Slides Tatli
9/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
Hashed PasswordsSecret KeysPublic KeysPrivate KeysEncrypted MessagesSigned Messages
Hashed Passwords
Hashed passwords in dump files
"create table" "insert into""pass|passwd|password" (ext:sql | ext:dump |
ext:dmp)
intext:"password|pass|passwd"
intext:"md5|sha1|crypt" (ext:sql | ext:dump |
ext:dmp)
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
Outline Hashed Passwords
http://find/http://goback/8/6/2019 Slides Tatli
10/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
Hashed PasswordsSecret KeysPublic KeysPrivate KeysEncrypted MessagesSigned Messages
Secret Keys
Secret keys in Kerberos
inurl:"kdc.conf" ext:conf
inurl:"slave datatrans" OR inurl:"from master"
Java keystores
keystore ext:ks
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
Outline Hashed Passwords
http://find/http://goback/8/6/2019 Slides Tatli
11/26
OutlineGoogle Hacking
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
Hashed PasswordsSecret KeysPublic KeysPrivate KeysEncrypted MessagesSigned Messages
Public Keys
PGP public keys
"BEGIN PGP PUBLIC KEY BLOCK" (ext:txt | ext:asc |ext:key)
Public keys in certificates
"Certificate:Data:Version" "BEGIN CERTIFICATE"(ext:crt | ext:asc | ext:txt)
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
Outline Hashed Passwords
http://find/http://goback/8/6/2019 Slides Tatli
12/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
Secret KeysPublic KeysPrivate KeysEncrypted MessagesSigned Messages
Private Keys
PGP private keys"BEGIN (DSA|RSA)" ext:key
"BEGIN PGP PRIVATE KEY BLOCK" inurl:txt|asc
"index of" "secring.gpg"
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
Outline Hashed Passwords
http://find/http://goback/8/6/2019 Slides Tatli
13/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
Secret KeysPublic KeysPrivate KeysEncrypted MessagesSigned Messages
Encrypted Messages
PGP encrypted files
-"public|pubring|pubkey|
signature|pgp|and|or|release" ext:gpg
More encrypted files
-intext:"and" (ext:enc | ext:axx)
XML encrypted elements
"ciphervalue" ext:xml
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
Outline Hashed Passwords
http://find/http://goback/8/6/2019 Slides Tatli
14/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
Secret KeysPublic KeysPrivate KeysEncrypted MessagesSigned Messages
Signed Messages
Signed emails
"BEGIN PGP SIGNED MESSAGE" "From" "Date"
"Subject" (ext:eml | ext:txt | ext:asc)
File signatures
-"and|or" "BEGIN PGP SIGNATURE" ext:asc
PGP signed messages
"BEGIN PGP SIGNED MESSAGE" -"From" (ext:txt |
ext:asc | ext:xml)
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineG l H ki
Gooscan
http://find/http://goback/8/6/2019 Slides Tatli
15/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
GooscanSitediggerGoolinkAdvancedDorkGoogle Advanced Operations Toolbar
Automatic Tools
1 Gooscan
2 Sitedigger
3 Goolink
4 AdvancedDork
5
Google Advanced Operation Toolbar
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineG l H ki
Gooscan
http://find/http://goback/8/6/2019 Slides Tatli
16/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
SitediggerGoolinkAdvancedDorkGoogle Advanced Operations Toolbar
Gooscan [7]
a Unix/Linux script to check google hacking queries against
your system
uses GHD [1]
to execute:$ gooscan -t www.google.de -q "BEGIN (DSA|RSA)
ext:key" -s de -o output.html
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
Gooscan
http://find/http://goback/8/6/2019 Slides Tatli
17/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
SitediggerGoolinkAdvancedDorkGoogle Advanced Operations Toolbar
Sitedigger [6]
free from Foundstonecompany
supports both GHD andFoundstones own hackingdatabase
for a given host, all entries inthe database are queried
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
Gooscan
http://find/http://goback/8/6/2019 Slides Tatli
18/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
SitediggerGoolinkAdvancedDorkGoogle Advanced Operations Toolbar
Goolink [5]
Goolink queries Google for aparticular chosen search fromGHD
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
Gooscan
http://find/http://goback/8/6/2019 Slides Tatli
19/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
SitediggerGoolinkAdvancedDorkGoogle Advanced Operations Toolbar
AdvancedDork [2]
not specific to googlehacking
a Firefox extension for googlesearches
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
GooscanSi di
http://find/http://goback/8/6/2019 Slides Tatli
20/26
Google HackingCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
SitediggerGoolinkAdvancedDorkGoogle Advanced Operations Toolbar
Google Advanced Operations Toolbar [3]
a Firefox extensionprovides a shortcut of Googles advanced search functions
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
http://find/http://goback/8/6/2019 Slides Tatli
21/26
g gCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
Security Measures
1 Use automatic tools to check your system
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
http://find/http://goback/8/6/2019 Slides Tatli
22/26
g gCrytographic Secrets
Automatic ToolsCountermeasures
Conclusion
Security Measures
1 Use automatic tools to check your system
2 Use Robot Exclusion Standart (robots.txt)
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
http://find/http://goback/8/6/2019 Slides Tatli
23/26
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
Security Measures
1 Use automatic tools to check your system
2 Use Robot Exclusion Standart (robots.txt)
3 Install and manage Google Honeypot [4]
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
http://find/http://goback/8/6/2019 Slides Tatli
24/26
OutlineGoogle Hacking
C hi S
8/6/2019 Slides Tatli
25/26
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
References I
Google Hacking Database. http://johnny.ihackstuff.com
AdvancedDork- A Firefox extension for google searchs.http://johnny.ihackstuff.com
Google Advanced Operation Toolbar.https://addons.mozilla.org/firefox/1258/
Google Hack Honeypot Project. http://ghh.sourceforge.net
Goolink- Security Scanner.www.ghacks.net/2005/11/23/goolink-scanner-beta-preview/
SiteDigger v2.0 - Information Gathering Tool.http://www.foundstone.com
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
OutlineGoogle Hacking
C t hi S t
http://find/http://goback/8/6/2019 Slides Tatli
26/26
Crytographic SecretsAutomatic Tools
CountermeasuresConclusion
References II
Gooscan - Google Security Scanner.http://johnny.ihackstuff.com
Emin Islam Tatl (University of Mannheim) Google Reveals Cryptographic Secrets
http://find/http://goback/Recommended