Google hacking exposes a world of security flaws

Using a technique popularized by security researcher Johnny Long, the Google search engine is used to send specially crafted queries to websites, which often oblige by returning information that most security administrators would prefer remain hidden or fixed.

For more information: Learn how to prevent Google hacking in this excerpt from Chapter 8 of "Steal this Computer Book 4.0," by Wallace Wang. Scott Sidel explains how malicious hackers use Google Code Search and how it affects the open source and commercial software communities. Discover how to use advanced operators and special searching techniques offered by Google to discover if corporate information has been exposed.

A typical example of such "Google hacking" would be to search for a particular PHP script used during development, but not removed from an operational system: inputting the phrase filetype:php inurl:"viewfile" -"index.php" -"idfil into Google unsurprisingly reveals a fair number of websites that fail to prevent such files from being viewed. This is but one of literally hundreds of security gaffes that Google can be used to uncover.

However, running hundreds of search queries one-by-one in order to "Google hack" a website can lead to carpal tunnel, which may be why cDc decided to automate the process by creating Goolag. The Goolag scanner is a standalone Windows application with a simple GUI. It uses a single XML-based configuration file for its settings. All the Google hacking queries (affectionately known as "dorks" within the industry) come with the distribution of the scanner and reside in a single file.

For those who have misgivings about installing software created by clever hackers, the cDc has published the full source code of Goolag; for the brave, simply download the executable and you can be Google hacking in mere minutes.

Running Goolag is simplicity itself, so resist the temptation to examine anything for which you don't have direct security responsibility. Then take the output of Goolag and get your Web developers busy fixing the flaws you will most likely find.

About the author:
Scott Sidel is an ISSO with Lockheed Martin.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Guest Commentary Eliminating the threat of spam email attacks Outsourcing IT services: Is it worth the security risk? How permanent is your storage solution? Honeypots can strengthen reconnaissance and lower intrusion noise Freedom of speech or lack of professional responsibility? This year compliance, next year control Senior security member explains his position on Abagnale Computer Security Institute's leader responds to Abagnale flap Spokesman or poster child? Microsoft needs a reality check Open Source Security Tools Will Cisco's plan to open access to the IOS improve network security? How secure is a mobile phone platform that has an open source framework? Tor network 'bridges' help evade blockers Should enterprises use open source productivity suites? Sourcefire CEO to step down Screencast: Opening up the Network Security Toolkit Enigmail: Wrapping email in a digital security blanket Barracuda enlists open source help in Trend Micro patent fight Making the NAC decision: Open source vs. commercial network access control products Secure file copying with WinSCP Penetration Testing and Ethical Hacking Screencast: Penetration testing with Metasploit IBM's Watchfire halts network research, focuses on Web apps Core Security selects former Sophos exec as new CEO RE:trace framework aids in OS X, Unix flaw discovery Getting started on a career in penetration testing Cyber insurer hopes to boost business with pen testing Information security book excerpts and reviews Core Security to offer Web application pen testing Will new Sulley framework take fuzzing to next level? Screencast: Google hacking, infosec style RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Back Orifice  (SearchSecurity.com) Blowfish  (SearchSecurity.com) Kermit  (SearchSecurity.com) Open Source Hardening Project  (SearchSecurity.com) Snort  (SearchSecurity.com) SnortSnarf  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.