Embed Size (px)
Citation preview
Gathering data with
15 March 2017 Thibaut BATAL 1
16
_
Agenda
●Why ?
●Examples
●How to use Google
●How to perform a vulnerability search/collect sensitive
data
●How to protect our customers15 March 2017 Thibaut BATAL 2
16
_
Why ?
●Attacking someone
●Penetration Testing Execution Standard framework
●1 - Pre-engagement Interactions
●2 - Intelligence Gathering
●3 - Threat Modeling
●4 - Vulnerability Analysis
●5 - Exploitation
●6 - Post Exploitation
●7 - Reporting
_15 March 2017 Thibaut BATAL 3
16
Why ?
●Staying in the deep web
_15 March 2017 Thibaut BATAL 4
16
Examples – Access to printers
_
Printer's tasks list
Printer's home page
15 March 2017 Thibaut BATAL 6
16
7
Examples – Private cameras
_15 March 2017 Thibaut BATAL
16
8
Examples – Private cameras
_15 March 2017 Thibaut BATAL
16
Examples – City's water fountain
_15 March 2017 Thibaut BATAL 9
16
How to use Google
_
Google's advanced search page
15 March 2017 Thibaut BATAL 10
16
How to - Basics
●32 words, case insensitive
the fox and the crow
●Wildcards : dot . and asterisk *
*fox.*.crow
●Double quotes
"this is a sentence"
●AND (redundant)
fox AND crow == fox crow
●OR/|
fox OR crow == fox|crow
15 March 2017 Thibaut BATAL 11_
16
How to - Basics
●Not : - -
-sheep fox crow
●Force : +
+the fox +and +the crow
●No order of operations
●No parenthesis but for advanced keywords
15 March 2017 Thibaut BATAL 12_
16
How to - Advanced●advanced_operator:keyword
●ALL operators must be once and cannot be mixed with others (AND
doesn't work)
15 March 2017 Thibaut BATAL 13_
16
How to - Advanced
●Site : read domain from right to left ! (starting .com, .fr,...)
site:cvut.cz
●Filetype/ext
filetype:pdf == ext:pdf
●Numrange/.. : need 2 numbers separated by a dash –
numrange:10-20 == 10..20
●Daterange : 2 dates separated by a dash -
●Must be in Julian date : number of days that have passed since January
1, 4713 B.C.
●Must be used with other operators
●If Google crawls an obscure page once, it could never do it again
15 March 2017 Thibaut BATAL 14_
16
How to – Advanced - Others
●Cache : needs an url or hostname
●Related : needs an url or hostname ; cannot be used with others
operators
●Info : needs an url or hostname ; cannot be used with others operators
15 March 2017 Thibaut BATAL 15_
16
How to – Advanced – Others – Life's tools
●Define, location, movie, source, stocks, weather...
15 March 2017 Thibaut BATAL 16_
16
Thanks !
_
References
Google Hacking for Penetration Testers, by Johnny LONG, Bill
GARDNER and Justin BROWN
The Hacker Playbook, by Peter KIM
www.exploit-db.com/google-hacking-database
www.google.com
www.googleguide.com
www.pentest-standard.org
www.robotstxt.org
http://www.talktohacker.com/2014/08/how-to-use-google-for-advanced-
hacking.html
15 March 2017 Thibaut BATAL 17
16
