Google_Hacking_PISA.pdf

(520 KB) Pobierz
HaCkinG
What is that?
HaCkinG
Anthony L@I,
CISSP, CISM, CISA
M@rco Leung,
SCJP, OCP
0xD8.0x30.0x3.0x12
Presented by Anthony LAI & Marco
Leung, 2005
1
• Your developed web application is on the
web. Meanwhile, your ignored vulnerabilities
and setting are also there
• Google is a great tools for searching like a
well-trained anti-drugs dog on the web.
• Reminder: We are not liable for your
intrusive and malicious action and intention.
Presented by Anthony LAI & Marco
Leung, 2005
2
How
works?
Google Search Engine
• Advanced Search Operators
site:
filetype:
cache:
link:
restrict search to a specific web site
search within the content of particular file type
displays the version of a web page
search word within hyperlinks
searches words within a specific website, but ignores the URLs and page
titles
search words within the title of a document
search words within the URL of a document
Presented by Anthony LAI & Marco
Leung, 2005
4
intext:, allintext:
intitle:, allintitle:
inurl:, allinurl:
Presented by Anthony LAI & Marco
Leung, 2005
3
Presented by Anthony LAI & Marco
Leung, 2005
5
Presented by Anthony LAI & Marco
Leung, 2005
6
Different Categories of Queries
• Programmer/Developer Bad Practice(s)
• Operating System Vulnerability and
Information Exposure
(Configuration file, default
admin access path)
Example (1)
"A syntax error has occurred" filetype:ihtml intext:LOGIN -"[removed]"
• Application server security
• Database-related information exposure
(Setup
queries, database maintenance etc)
• Others
Presented by Anthony LAI & Marco
Leung, 2005
7
Presented by Anthony LAI & Marco
Leung, 2005
8
Example (2)
filetype:ora tnsnames
Tools
• Using Web interface
– Athena
– GooScan
• Using Web Service API
– SiteDigger
Presented by Anthony LAI & Marco
Leung, 2005
9
Presented by Anthony LAI & Marco
Leung, 2005
10
Automated Tools - GooScan
Tools - Athena
Presented by Anthony LAI & Marco
Leung, 2005
11
Presented by Anthony LAI & Marco
Leung, 2005
12
Tools - SiteDigger
Tools - SiteDigger
• Version 2 features (tentative release 15
th
July)
Proxy support / Google appliance support
XML signatures in OASIS WAS format
Adding signatures for OWASP top 10
Signature contribution option
Raw search tab
Configurable # of results
Presented by Anthony LAI & Marco
Leung, 2005
13
Presented by Anthony LAI & Marco
Leung, 2005
14
Protection from Google Hackers (1)
• Keep your sensitive data off the web
• Consider removing your site from Google’s
index
• Use Meta tags
http://www.google.com/remove.html
– Prevent all robots from indexing a page
– Don’t put any secure information on a web site
Protection from Google Hackers (2)
• Use a robots.txt file
http://www.yoursite.com/robots.txt
Document to indicate which parts of the server should not be
accessed
– Remove entire website
• place the following robots.txt file:
User-agent: *
Disallow: /
– Prevent only Google robots from indexing a page
• <META NAME="ROBOTS" CONTENT="NOINDEX,
NOFOLLOW">
– Remove part of web site
– Allow robots to index the page, but don’t follow the
outgoing links
• <META NAME="ROBOTS" CONTENT="NOFOLLOW">
• <META NAME="GOOGLEBOT" CONTENT="NOINDEX,
NOFOLLOW">
• Remove all pages under a particular directory
User-agent: Googlebot
Disallow: /lemurs
• Remove all files of specific file type
User-agent: Googlebot
Disallow: /*.gif$
Presented by Anthony LAI & Marco
Leung, 2005
15
Presented by Anthony LAI & Marco
Leung, 2005
16
Countermeasures
• Keep sensitive data off the web!!
• Perform periodic Google Assessments
– Update robots.txt
– Use meta-tags: NOARCHIVE
http://www.google.com/remove.html.
SUMMARY
How Google works
Information disclosure with Google
Tools
Countermeasures
Presented by Anthony LAI & Marco
Leung, 2005
17
Presented by Anthony LAI & Marco
Leung, 2005
18

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin