27-08-2014, 10:32 AM
GOOGLE HACKING ON SEMINAR REPORT
GOOGLE HACKING.docx (Size: 244.42 KB / Downloads: 15)
INTRODUCTION
Google hacking is a hacking technique that utilizes google search and another google services to find security holes or vulnerabilities on a site's configuration and any information on it.
Google hacking can be done by using advanced operators in the Google search bar to locate specific strings of text within search results. Simply, any advanced operators provided by google can be used to help us to find a vulnurable sites.
Here's an explanation of google hacking from wikipedia :
"Google hacking is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.
Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. The following search query would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, e.g., "Powered by XOOPS 2.2.3 Final".
The following search query will locate all websites that have the words "admbook" and "version" in the title of the website. It also checks to ensure that the web page being accessed is a PHP file.
intitle:admbookintitle:versionfiletype:php
Another technique is searching for insecure coding practices in the public code indexed by Google Code Search or other source code search engines.
One can even retrieve the username and password list from Microsoft FrontPage servers by inputting the given microscript in Google search field:
"#-Frontpage-" inurl:administrators.pwd
Devices connected to the Internet can be found. A search string such as inurl:"ViewerFrame?Mode=" will find public web cameras
HACKING
Hackers(or external attackers) try to compromise computers and sensitiveinformation for ill-gotten gains — usually from the outside — as anunauthorized user. Hackers go for almost any system they think they cancompromise. Some prefer prestigious, well-protected systems, but hackinginto anyone’s system increases their status in hacker circles.
Hackerhas two meanings:
• Traditionally, a hacker is someone who likes to tinker with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work — bothmechanically and electronically.
• In recent years, hackerhas taken on a new meaning — someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information,often making other people miserable
PHASES TO PERFORM MALICIOUS HACKING
a) Reconnaissance
Refers to a preparatory phase where an attacker seeks to gatheras much information as possible about the target of evaluationprior to launching an attack. Passive reconnaissance involves monitoring network data forpatterns and clues. Active reconnaissance involves probing the network for
● Accessible hosts
● Open ports
● Location of routers
● Operating system details (if possible services)
Footprinting is a blueprinting of the security profile of anorganization, undertaken in a methodological manner. Scanning – refers to a pre-attack phase when the hacker scansthe network with specific information gathered duringfootprinting. Enumeration involves active connections to systems anddirected queries
b) Scanning
This stage of a hack can be considered to be a logical extensionof active reconnaissance. Get a single point of entry to launch an attack and could bepoint of exploit when vulnerability of the system is detected.
Objectives of port scanning are the following.
● Open ports
● Host operating system
● Software or service versions
● Vulnerable software version
HACKTIVISM AND HACKER CLASSES
Hacktivism refers to the idea of hacking with or for a cause. It comprises of hackers with a social or political agenda. It aims at sending a message through their hacking activity and gaining visibility for their cause and themselves. Common targets include government agencies, MNCs, or any other entity perceived as bad or wrong by these groups or individuals. It remains a fact, that gaining unauthorized access is a crime, no matter whatever the intention is.
The hackers can be classified into 4 major classes. They are the following
WEB SEARCH ENGINES
A web search engine is a software system that is designed to search for information on the World Wide Web. The search results are generally presented in a line of results often referred to as search engine results pages(SERPs). The information may be a specialist in web pages, images, information and other types of files. Some search engines also mine data available in databases or open directories. Unlike web directories, which are maintained only by human editors, search engines also maintain real-time information by running an algorithm on a web crawler
The very first tool used for searching on the Internet was Archie.[3] The name stands for "archive" without the "v". It was created in 1990 by Alan Emtage, Bill Heelan and J. Peter Deutsch, computer science students atMcGill University in Montreal. The program downloaded the directory listings of all the files located on public anonymous FTP (File Transfer Protocol) sites, creating a searchable database of file names; however, Archie did not index the contents of these sites since the amount of data was so limited it could be readily searched manually.
The rise of Gopher (created in 1991 by Mark McCahill at the University of Minnesota) led to two new search programs, Veronica and Jughead. Like Archie, they searched the file names and titles stored in Gopher index systems. Veronica (Very Easy Rodent-Oriented Net-wide Index to Computerized Archives) provided a keyword search of most Gopher menu titles in the entire Gopher listings. Jughead (Jonzy's Universal GopherHierarchy Excavation And Display)
HOW SEARCH ENGINES WORK
Web search engines work by storing information about many web pages, which they retrieve from the page's HTML. These pages are retrieved by a Web crawler (sometimes also known as a spider) — an automated Web browser which follows every link on the site. The site owner can make exclusions by using robots.txt. The contents of each page are then analyzed to determine how it should be indexed (for example, words can be extracted from the titles, page content, headings, or special fields called meta tags). Data about web pages are stored in an index database for use in later queries. A query from a user can be a single word. The index helps find information relating to the query as quickly as possible.[12] Some search engines, such as Google, store all or part of the source page (referred to as a cache) as well as information about the web pages, whereas others, such as AltaVista, store every word of every page they find.[citation needed] This cached page always holds the actual search text since it is the one that was actually indexed, so it can be very useful when the content of the current page has been updated and the search terms are no longer in it.[12] This problem might be considered a mild form of linkrot, and Google's handling of it increases usability by satisfying user expectations that the search terms will be on the returned webpage. This satisfies the principle of least astonishment, since the user normally expects that the search terms will be on the returned pages. Increased search relevance makes these cached pages very useful as they may contain data that may no longer be available elsewhere
Meta Search Engines
A metasearch engine is a search tool[1] that sends user requests to several other search engines and/or databases and aggregates the results into a single list or displays them according to their source. Metasearch engines enable users to enter search criteria once and access several search engines simultaneously. Metasearch engines operate on the premise that the Web is too large for any one search engine to index it all and that more comprehensive search results can be obtained by combining the results from several search engines. This also may save the user from having to use multiple search engines separately.
Examples of meta search engines are:
• Blingo - English
• Yippi - English
• Dogpile –English
• Kayak & side step- Multilingual
GOOGLE SEARCH
Google Search (or Google Web Search) is a web search engine owned by Google Inc. Google Search is the most-used search engine on the World Wide Web,[4] handling more than three billion searches each day.[5][6]
The order of search on Google's search-results pages is based, in part, on a priority rank called a "PageRank". Google Search provides many options for customized search, using Boolean operators such as: exclusion ("-xx"), alternatives ("xx OR yy"), and wildcards ("x * x").[7]
The main purpose of Google Search is to hunt for text in publicly accessible documents offered by web servers, as opposed to other data, such as with Google Image Search. Google Search was originally developed byLarry Page and Sergey Brin in 1997.[8] Google Search provides at least 22 special features beyond the original word-search capability.[9] These include synonyms, weather forecasts, time zones, stock quotes, maps, earthquake data, movie showtimes, airports, home listings, and sports scores. There are special features for dates, including ranges,[10] prices, temperatures, money/unit conversions, calculations, package tracking, patents, area codes,[9] and language translation of displayed pages. In June 2011, Google introduced "Google Voice Search" and "Search by Image" features for allowing the users to search words by speaking and by giving images.
PageRank
Google's rise to success was in large part due to a patented algorithm called PageRank that helps rank web pages that match a given search string.[14] When Google was a Stanford research project, it was nicknamed BackRub because the technology checks backlinks to determine a site's importance. Previous keyword-based methods of ranking search results, used by many search engines that were once more popular than Google, would rank pages by how often the search terms occurred in the page, or how strongly associated the search terms were within each resulting page. The PageRank algorithm instead analyzes human-generated linksassuming that web pages linked from many important pages are themselves likely to be important. The algorithm computes a recursive score for pages, based on the weighted sum of the PageRanks of the pages linking to them. PageRank is thought to correlate well with human concepts of importance. In addition to PageRank, Google, over the years, has added many other secret criteria for determining the ranking of pages on result lists, reported to be over 250 different indicators,[15] the specifics of which are kept secret to keep spammers at bay and help Google maintain an edge over its competitors globally
Search Syntax
Google's search engine normally accepts queries as a simple text, and breaks up the user's text into a sequence of search terms, which will usually be words that are to occur in the results, but one can also use Booleanoperators, such as: quotations marks (") for a phrase, a prefix such as "+" , "-" for qualified terms (no longer valid, the '+' was removed from Google on October 19, 2011),or one of several advanced operators, such as "site:". The webpages of "Google Search Basics" describe each of these additional queries and options (see below: Search options). Google's Advanced Search web form gives several additional fields which may be used to qualify searches by such criteria as date of first retrieval. All advanced queries transform to regular queries, usually with additional qualified term.
Special Features
Besides the main search-engine feature of searching for text, Google Search has more than 22 "special features" (activated by entering any of dozens of trigger words) when searching:[9][10][30]
• weather – The weather conditions, temperature, wind, humidity, and forecast,[9] for many cities, can be viewed by typing "weather" along with a city for larger cities or city and state, U.S. zip code, or city and country for smaller cities (such as: weather Lawrence, Kansas; weather Paris; weather Bremen, Germany).
• stock quotes – The market data[9] for a specific company or fund can be viewed, by typing the ticker symbol (or include "stock"), such as: CSCO; MSFT; IBM stock; F stock (lists Ford Motor Co.); or AIVSX (fund). Results show inter-day changes, or 5-year graph, etc. This does not work for many stock names which are one letter long, such as Macy's (M), or are common words, such as Diamond Offshore (DO) or Majesco (COOL).
• time – The current time in many cities (worldwide),[9] can be viewed by typing "time" and the name of the city (such as: time Cairo; time Pratt, KS).
• sports scores – The scores and schedules, for sports teams,[9] can be displayed by typing the team name or league name into the search box.
• unit conversion – Measurements can be converted,[9] by entering each phrase, such as: 10.5 cm in inches; or 90 km in miles
• currency conversion – A money or currency converter can be selected,[9] by typing the names or currency codes (listed by ISO 4217): 6789 Euro in USD; 150 GBP in USD; 5000 Yen in USD; 5000 Yuan in lira(the U.S. dollar can be USD or "US$" or "$", while Canadian is CAD, etc.).
• calculator – Calculation results can be determined,[9] as calculated live, by entering a formula in numbers or words, such as: 6*77 +pi +sqrt(e^3)/888 plus 0.45. The user is given the option to search for the formula, after calculation. The calculator also uses the unit and currency conversion functions to allow unit-aware calculations. For example, "(3 EUR/liter) / (40 miles/gallon) in USD / mile" calculates the dollar cost per mile for a 40 mpg car with gas costing 3 euros a liter. The caret "^" raises a number to an exponent power, and percentages are allowed ("40% of 300").[10] Following the convention used in discrete mathematics, Google's calculator evaluates 0^0 to 1.[31]
The calculator also can calculate digital storage arithmetic (the calculation of bytes). For example, putting in 400MB + 489MB + 1.5GB yields the result 2425MB, or 2.37GB. This is useful since bytes are binary (power of 2), and not decimal as regular numbers are (power of 10).
• numeric ranges – A set of numbers can be matched by using a double-dot between range numbers (70..73 or 90..100) to match any positive number in the range, inclusive.[10] Negative numbers are treated as using exclusion-dash to not match the number.
• dictionary lookup – A definition for a word or phrase can be found,[9] by entering "define" followed by a colon and the word(s) to look up (such as, "define:philosophy")
Error messages
Some searches will give a 403 Forbidden error with the text
"We're sorry...
... but your query looks similar to automated requests from a computer virus or spyware application. To protect our users, we can't process your request right now.
We'll restore your access as quickly as possible, so try again soon. In the meantime, if you suspect that your computer or network has been infected, you might want to run a virus checker or spyware remover to make sure that your systems are free of viruses and other spurious software.
We apologize for the inconvenience, and hope we'll see you again on Google."sometimes followed by a CAPTCHA prompt
The screen was first reported in 2005, and was a response to the heavy use of Google by search engine optimization companies to check on ranks of sites they were optimizing. Google says the message is triggered only by high volumes of requests from a single IP address, however the use of the "allintext" operator a few times in a period of minutes has the same effect. Google apparently uses the Google cookie as part of its determination of refusing service.[33]
In June 2009, after the death of pop superstar Michael Jackson, this message appeared to many internet users who were searching Google for news stories related to the singer, and was assumed by Google to be a DDoS attack, although many queries were submitted by legitimate searchers.
Google Doodles
Doodles are the fun, surprising, and sometimes spontaneous changes that are made to the Google logo to celebrate holidays, anniversaries, and the lives of famous artists, pioneers, and scientists.
In 1998, before the company was even incorporated, the concept of the doodle was born when Google founders Larry and Sergey played with the corporate logo to indicate their attendance at the Burning Man festival in the Nevada desert. They placed a stick figure drawing behind the 2nd "o" in the word, Google, and the revised logo was intended as a comical message to Google users that the founders were "out of office." While the first doodle was relatively simple, the idea of decorating the company logo to celebrate notable events was born.
Two years later in 2000, Larry and Sergey asked current webmaster Dennis Hwang, an intern at the time, to produce a doodle for Bastille Day. It was so well received by our users that Dennis was appointed Google's chief doodler and doodles started showing up more and more regularly on the Google homepage. In the beginning, the doodles mostly celebrated familiar holidays; nowadays, they highlight a wide array of events and anniversaries from the Birthday of John James Audubon to the Ice Cream Sundae.
Over time, the demand for doodles has risen in the U.S. and internationally. Creating doodles is now the responsibility of a team of talented illlustrators (we call them doodlers) and engineers. For them, creating doodles has become a group effort to enliven the Google homepage and bring smiles to the faces of Google users around the world
GOOGLE HACKING
Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet. There are generally two types of vulnerabilities to be found on the Web: software vulnerabilities and misconfigurations. Although there are some sophisticated intruders who target a specific system and try to discover vulnerabilities that will allow them access, the vast majority of intruders start out with a specific software vulnerability or common user misconfiguration that they already know how to exploit, and simply try to find or scan for systems that have this vulnerability. Google is of limited use to the first attacker, but invaluable to the second.
When an attacker knows the sort of vulnerability he wants to exploit but has no specific target, he employs a scanner. A scanner is a program that automates the process of examining a massive quantity of systems for a security flaw. The earliest computer-related scanner, for example, was a war dialer; a program that would dial long lists of phone numbers and record which ones responded with a modem handshake
Google Hack Honeypots
Google Hack Honeypot is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a “Google Hack” honeypot. It is designed to provide reconnaissance against attackers that use search engines as a hacking tool against your resources. GHH implements honeypot theory to provide additional security to your web presence.
Google has developed a powerful tool. The search engine that Google has implemented allows for searching on an immense amount of information. The Google index has swelled past 8 billion pages [February 2005] and continues to grow daily. Mirroring the growth of the Google index, the spread of web-based applications such as message boards and remote administrative tools has resulted in an increase in the number of misconfigured and vulnerable web apps available on the Internet.
These insecure tools, when combined with the power of a search engine and index which Google provides, results in a convenient attack vector for malicious users. GHH is a tool to combat this threat.
GHH is powered by the Google search engine index and the Google Hacking Database (GHDB) maintained by the johnny.ihackstuff.com community.
This is where the Google Hack Honey pot comes in. The idea behind a Google Hack Honey pot is that it places an invisible link onto your Web site. Just like the case with a poorly constructed application, visitors to your site will never see this link, but Google will. However, instead of providing access to backend data, the link directs would-be hackers to a PHP script that logs their activity. Your site's real backend is never exposed through this link.
The best part is that you can get the Google Hack Honey pot for free. It is available and downloadable through GNU public license.
CONCLUSION
Google, Friend or Enemy?
Google is everyone’s best friend (yours and hackers) that is Google has more features and options which a normal Google user can imagine which can be used by the hackers to compromise systems. Information gathering and vulnerability identification are the tasks in the first phase of a typical hacking scenario
Positive, stealth and huge data collection
Google can do more than just search