Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Project Un1c0rn Wants To Be the Google For Lazy Security Flaws

Unknown Lamer posted about 3 months ago | from the always-blame-wordpress dept.

Security 43

Daniel_Stuckey (2647775) writes "Following broad security scares like that caused by the Heartbleed bug, it can be frustratingly difficult to find out if a site you use often still has gaping flaws. But a little known community of software developers is trying to change that, by creating a searchable, public index of websites with known security issues. Think of Project Un1c0rn as a Google for site security. Launched on May 15th, the site's creators say that so far it has indexed 59,000 websites and counting. The goal, according to its founders, is to document open leaks caused by the Heartbleed bug, as well as 'access to users' databases' in Mongo DB and MySQL. According to the developers, those three types of vulnerabilities are most widespread because they rely on commonly used tools. For example, Mongo databases are used by popular sites like LinkedIn, Expedia, and SourceForge, while MySQL powers applications such as WordPress, Drupal or Joomla, and are even used by Twitter, Google and Facebook."

cancel ×

43 comments

Sorry! There are no comments related to the filter you selected.

Derp (0)

Anonymous Coward | about 3 months ago | (#47212819)

What a stupid fucking name. Something only a true dork could come up with.

Leet speak? (1)

Anonymous Coward | about 3 months ago | (#47212821)

Seriously? Way to instantly lose all credibility in educated people's eyes

Re:Leet speak? (0)

Anonymous Coward | about 3 months ago | (#47212957)

I just read Unicorn and didn't notice leet speak until you pointed it out.

Re: Leet speak? (1)

Teranolist (3658793) | about 3 months ago | (#47213335)

"...educated people's..." - clearly you don't belong to them

Re:Leet speak? (1)

Project Un1c0rn (3691013) | about 3 months ago | (#47214875)

You don't get sarcasms nor irony, don't you ? I don't blame you, I have trouble finding those myself ;)

Needs a different name. (1)

Anonymous Coward | about 3 months ago | (#47212881)

Given it's a listing of security flaws, and the use of automation in malware, etc, I think it should be Project Un1cr0n.

Almost useful (3, Interesting)

Anonymous Coward | about 3 months ago | (#47212885)

Ok, you've got Google's list of everything, Un1c0rn's list of everything unsafe. What I want is the subset of Google's list that is not on Un1c0rn's list.

Someone hack together that metasearch tool and I'll (anonymously) support you.

Re:Almost useful (2)

Project Un1c0rn (3691013) | about 3 months ago | (#47214937)

That's insightful man ! Thanks, glad I came to collect ideas !

Seriously? (2)

Doug Otto (2821601) | about 3 months ago | (#47212929)

The search engine on that site returned 7800 sites when I searched on a single IP address. Maybe the site is useful but the signal to noise ratio is WAY too low to bother with.

Re:Seriously? (0)

Anonymous Coward | about 3 months ago | (#47212977)

I concur. Searching a non-mainstream FQDN produced thousands of results. Something is broken.

Re:Seriously? (2)

ADRA (37398) | about 3 months ago | (#47212981)

Well to be fair, some hosting companies have like a million sites hosted off a single IP, so not exactly irrelevant unless you know its a buggy scanner. Maybe the introduction of better summarization and breakdown tools are needed to enhance the tool, but hell anything takes time to work well for public consumption.

Re:Seriously? (5, Informative)

Iarwain Ben-adar (2393286) | about 3 months ago | (#47213103)

Try putting quotes around your IP address. You'll get better results.

Re:Seriously? (2)

just_another_sean (919159) | about 3 months ago | (#47213159)

Thanks, that did the trick. I too was getting a lot of results when searching for very specific host names. Quotes around either an IP or host name reduced the results to zero (which is obviously what I was hoping for!). And just to test further I put quotes around a random result that did show up in my initial searches and it just came up once, as expected.

I wouldn't depend it as the only means of double checking a site but it's a good edition to the tool belt. And it should only get better if they don't get sued out of existence.

I predict... (4, Insightful)

Chris Mattern (191822) | about 3 months ago | (#47212969)

If it's actually useful in uncovering sites with security defects, the owners will all be facing criminal indictments before the year is out.

Re:I predict... (2)

ThatAblaze (1723456) | about 3 months ago | (#47215137)

Not if they don't make any money. Punkspider [hyperiongray.com] has been available for over a year now, and it does much the same thing.

Usefullness Factor . . . (2)

tiberus (258517) | about 3 months ago | (#47212991)

Okay, so I want to visit a site. So I have to go search Un1c0rn to see if it's on the list? What about all the ad, video and other sites this sites gets content from? Seems like a plugin that uses data from the "your site is in a poor state" database would be much more practical. It could replace at risk content with a big WHOA! graphic...

Re:Usefullness Factor . . . (0)

Anonymous Coward | about 3 months ago | (#47220803)

do I hear a firefox / chromium pluggin comming?

A publicity stunt that marred by busted search (0)

Anonymous Coward | about 3 months ago | (#47212993)

Could not get fewer than 8000 matches either by using hostname or ip. with no way to get the results on one page, it's essentially useless.

Re:A publicity stunt that marred by busted search (1)

just_another_sean (919159) | about 3 months ago | (#47213255)

As some other poster pointed out add quotes around your search will give you the specific results you're looking for. It would be nice if they had a Search Help link or something but it does work better if you use the quotes...

Re: A publicity stunt that marred by busted search (1)

Teranolist (3658793) | about 3 months ago | (#47213399)

The heck? Did you ever use a search engine before?

Re: A publicity stunt that marred by busted search (1)

just_another_sean (919159) | about 3 months ago | (#47213881)

Uh, yeah. But I haven't had to use quotes, pluses, minuses or any other "advanced" crap like that in years. What search engine are you using that still requires such tricks to get good results?

I'll give these guys a pass because the project's young but a little, helpful link that says "pretend you're using google 15 years ago" wouldn't hurt.

Re: A publicity stunt that marred by busted search (2)

Project Un1c0rn (3691013) | about 3 months ago | (#47214649)

The search functionnality is provied by a third-party software. That's what allows us to run quickly on such small hardware for now (fast indexing), but it's clearly not friendly with user inputs. We noted this is the main concerns about our users right now and will do some research on how to improve it ! Thanks

Re: A publicity stunt that marred by busted search (1)

just_another_sean (919159) | about 3 months ago | (#47214861)

You're welcome and thank you! This looks like quite a nice project, I wish you success. I am short now but will drop by and donate when I can.

Re: A publicity stunt that marred by busted search (1)

omnichad (1198475) | about 3 months ago | (#47215707)

If the 3rd-party software is extensible in any way, making it so that a period is not considered a space/separator character would do the trick for almost all these sorts of problems.

Project Un1c0rn? (2)

fredrated (639554) | about 3 months ago | (#47213007)

Was this named by a five year old?

Re:Project Un1c0rn? (2)

fahrbot-bot (874524) | about 3 months ago | (#47213085)

Was this named by a five year old?

Probably, and that "OMGP0n1es" was taken.

Re:Project Un1c0rn? (1)

Project Un1c0rn (3691013) | about 3 months ago | (#47214781)

Thanks, p0n1es shall be the name of my minions :)

Re:Project Un1c0rn? (1)

lgw (121541) | about 3 months ago | (#47215535)

Pwn1es, clearly. Does this mean we'll need a "Pwn1es.txt" file to stop the crawler (for that matter are you ignoring robots.txt now?)

As is: worthless (1)

radioact69 (1220518) | about 3 months ago | (#47213027)

The search function is worthless, which pretty much makes the whole site worthless. Their data may be good, but if I can't find my site by hostname OR ip without paging through 243 pages of 10 sites at a time... Nope.

Re:As is: worthless (2)

just_another_sean (919159) | about 3 months ago | (#47213287)

Try this: add quotes to your search [slashdot.org]

Re:As is: worthless (1)

radioact69 (1220518) | about 3 months ago | (#47213391)

Added the quotes around my searches and went from way too many results to none. I guess that's a good thing.

Re:As is: worthless (2)

just_another_sean (919159) | about 3 months ago | (#47213847)

Yeah, that's what I was hoping for as well. Just to double check the quoting thing though, try this; do a search without the quotes, pick one "hit" from the results and then search for that with the quotes. The expected behavior is that you will get one result. That's what happened when I tried a couple of specific, quoted searches for host names and IP addresses that came back in previous, unquoted searches.

As I mentioned elsewhere I wouldn't count on this alone but it's a good addition to the other tools used to check hosts for problems.

Re: As is: worthless (3, Insightful)

Teranolist (3658793) | about 3 months ago | (#47213425)

Truly? Every second guy on /. is incapable of using a search bar correctly?

Re: As is: worthless (1)

just_another_sean (919159) | about 3 months ago | (#47215075)

You again? How about no one has typically had to use such techniques on a search engine since the '90s. Or are you still using AltaVista?

Re: As is: worthless (1)

Teranolist (3658793) | about 3 months ago | (#47216701)

It seems you never search for statements longer than two or three words... pity you

GCHQ (2)

q4Fry (1322209) | about 3 months ago | (#47213143)

So the gchq.gov.uk site [un1c0rn.net] that is on there: Honeypot?

Re:GCHQ (1)

Project Un1c0rn (3691013) | about 3 months ago | (#47214833)

I would say, check the data in there. If it's closed already it's probably a leak. If it's still open it's either : 1. Testing server with no important data 2. Honey pot servers, waiting for project like us to pick on them and collect our scanners IPs. 3. Really careless people

Un1c0rn (1)

westlake (615356) | about 3 months ago | (#47213411)

Project or password?

Well.. (1)

koan (80826) | about 3 months ago | (#47214059)

Shodan HQ?

Public Shaming (1)

hduff (570443) | about 3 months ago | (#47214563)

While surprisingly effective IRL, not so much on the Internet.

Re:Public Shaming (1)

Project Un1c0rn (3691013) | about 3 months ago | (#47214803)

It indeed is not ... Worrying right ?

Re:Public Shaming (1)

lgw (121541) | about 3 months ago | (#47215931)

Heck, "public shaming" is a fetish on the internet, if you go to the right sites. But then, so is everything. People are weird.

All for poop? (1)

malloci (467466) | about 3 months ago | (#47220387)

Maybe this was the real reason behind the name: http://www.myrecipes.com/recipe/unicorn-poop-cookies-214011/

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>