Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Hacking for Penetration Testers

timothy posted more than 9 years ago | from the google-thyself dept.

Google 138

Corey Nachreiner writes "Until recently, I considered myself a Google power-user; so much so that I often call Google my "second brain." Whenever I stumble upon a computing dilemma I can't solve, I submit an advanced query to my second brain, Google, and let it supply the answers. That's why I was So There when Johnny Long released his recent book, Google Hacking for Penetration Testers . I heard Johnny's lively, light-hearted presentation to a packed house at the BlackHat Briefings last summer in Las Vegas. It was the hit of the show, but in one hour he could only present a few of his startling findings about Google hacking. After reading Johnny's book, I've learned a ton more and realized I wasn't quite as Google-savvy as I thought. As with my real brain, I've only been using about ten percent of my Google-brain's capacity." Read on for the rest of Nachreiner's review.

According to its cover, Johnny Long's book focuses primarily on revealing the "Dark Side" of Google -- a promise it delivers in spades. But I can also heartily recommend Google Hacking to newbies who simply want to learn how to harness Google's full potential.

The first few chapters of the book walk you through Google's interfaces and features, then introduce you to Google's advanced operators and techniques you can use to refine your Google searches. Instead of submitting basic searches that leave you arduously parsing hundreds of results for your desired answer, you quickly learn to submit powerful queries that almost instantly yield the results you intend. Even as an experienced Google user, I learned a lot from Google Hacking's early chapters. For Google neophytes, this alone makes the book worth its price.

However, we all know Slashdotters really want this book in order to learn how hackers misuse Google. Well, you won't be disappointed. As soon as Long has taught you to submit advanced queries, he wastes no time in showing you the techniques l33t Google hax0rs use to exploit the search engine's power. For example, did you know you can use Google as a free proxy server? By submitting a specially-crafted, English-to-English translation query, you can capitalize on Google's translation service to anonymously submit all your Web requests. This simple hack just scratches the surface of Google's malicious potential.

Most Web surfers don't realize the sheer amount of extremely sensitive information available for the harvesting on the Internet. In that sense, Google Hacking is eye-popping. Do you want to find misconfigured Web servers that publicly list their directory contents? A quick Google search does the trick. Or, suppose you found some new exploit code that only works against a particular version of IIS 5.0. Submit a quick Google query for a helpful list of possible targets. Do you want to harvest user logins, passwords (for example, mySQL passwords in a connect.inc file), credit card numbers, social security numbers or any other potentially damaging tidbit that Web users and administrators accidentally leak onto the Internet? Google Hacking shows you how, with highly refined searches gleaned from the community contributing to the Google Hacking database (GHDB) found on Long's Web site.

While Long's book discloses these and many other potentially malicious Google searching techniques, it does so responsibly, with the goal of prevention in mind. Only the less damaging search strings are fully revealed. Long saves the juicier (read: more dangerous) hacks for your own discovery. Long even obfuscates the sensitive results of the more damaging search strings in order to protect the innocent incompetents he refers to as "googledorks." After showing you how hackers subvert Google to their malicious intent, Long dedicates a chapter to how Web administrators can configure their Web servers securely in order to prevent sensitive data from making it into a Google Hacker's clutches.

Though I've gushed about the book so far, I will quibble with its inconsistent tone. Some of its chapters target readers having different levels of technical understanding. While the book starts out in a voice easy enough for even the most novice user to understand, some of the later chapters, on topics such as document grinding, database digging, and query automation, jump drastically and use language and techniques that only programmers or Unix power-users would understand. In addition, the humor that made Johnny's live presentation so memorable shows up in his book, but in scant supply; frankly, more jokes would be welcome.

But these negatives are mere nits. Whether you're a penetration tester wanting to exploit Google, a Web administrator wanting to protect yourself from information leaks, or even a newbie wanting to harness Google's full potential, Google Hacking for Penetration Testers makes an excellent resource. If you, too, use Google as a second brain, pick up Johnny Long's book and learn how to exploit this powerful search engine to its full capacity.


Corey Nachreiner, Network Security Analyst for WatchGuard's LiveSecurity Service, writes about network security on the free RSS news feed, WatchGuard Wire (browsable version, RSS feed.) You can purchase Google Hacking for Penetration Testers from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cancel ×

138 comments

Nice website (3, Informative)

maotx (765127) | more than 9 years ago | (#12204838)

Personally I've been using his site [ihackstuff.com] for a while now. It is great site with user submitted hacks and a community review. It really is amazing what is on Google and knew a book was coming to exploit it.
Besides being able to find sensitive files, [google.com] hidden portals, [google.com] and vulnerable servers, [google.com] it is also a good way to get free porn. [google.com]

The exploits are just really advanced searches like the one below.

"http://*:*@www"bangbus

If you use google correctly (0, Funny)

Anonymous Coward | more than 9 years ago | (#12204939)

You can find out that at the end of episode 3, Quigon becomes yoda's master and teaches him how to become that force ghost thingy.

MOD PARENT UP! (-1)

Anonymous Coward | more than 9 years ago | (#12204966)

Informative++

Re:Nice website (1)

fr1kk (810571) | more than 9 years ago | (#12204957)

Wow. I hope you know you just FUBAR'd someones webserver. awesome.

Re:Nice website (4, Interesting)

maotx (765127) | more than 9 years ago | (#12205248)

Wow. I hope you know you just FUBAR'd someones webserver. awesome.

If you say so. The Samba server exploit only returns one result (which is at members.lycos mind you), the hidden portals are in public domain, and as for the sensitive files bit: it's out there on the Internet anyway (as in public information). It is one thing to hand over the keys to a server (exploit research required), it's another to hand out public information.

Re:Nice website (0)

Anonymous Coward | more than 9 years ago | (#12205070)

Egad! Now 100,000 /.ers will screw with these peoples SAMBA installs?

Re:Nice website (0)

Anonymous Coward | more than 9 years ago | (#12205123)

Another interesting search string we tried a friday afternoon at work - somebody must have seriously messed up somewhere: NATO RESTRICTED [google.com] ..... ok, better click that AC thingy now.

Re:Nice website (1)

xutopia (469129) | more than 9 years ago | (#12205133)

"Penetration Testers".... sooo funny :)

HAhaha can't resist (0)

Anonymous Coward | more than 9 years ago | (#12205177)

Bend over so I can "penetration test" your "security hole."

Not that it's funny enough to burn karma over...

Re:HAhaha can't resist (1, Funny)

jellybear (96058) | more than 9 years ago | (#12205359)

lol lol Johnny Long lol lol

Re:Nice website (0)

Anonymous Coward | more than 9 years ago | (#12205647)

I'll be "penetration testing" my wife tonight!

Re:Nice website (0)

Anonymous Coward | more than 9 years ago | (#12206317)

Does she know? Maybe she has another test scheduled.

Re:Nice website (1)

Koiu Lpoi (632570) | more than 9 years ago | (#12205563)

Free Porn? What are you thinking man? You're stealing from the working-woman here! I mean, out of the words of a porn star: "Everyone thinks being a porn star is easy and glamorous, but it's a lot of hard work!"

dead (2, Informative)

John Seminal (698722) | more than 9 years ago | (#12205593)

ah man, now all those passwords are dead.

Re:Nice website (0)

Anonymous Coward | more than 9 years ago | (#12205625)

thx for the pr0n

Re:Nice website (1)

happymedium (861907) | more than 9 years ago | (#12205813)

Holy ke-rapp... I just did the vulnerable servers search and the SAMBA settings for members.lycos.co.uk showed up! Anyone here care to mess with those crazy Brits*?

(*No offense intended to the British people in particular. If it had been members.lycos.es I would have said "crazy Hispanics," etc, etc.)

Re:Nice website (0, Funny)

Anonymous Coward | more than 9 years ago | (#12206076)

(*No offense intended to the British people in particular. If it had been members.lycos.es I would have said "crazy Hispanics," etc, etc.)

Spaniards live in Spain. Hispanics live in Latin America. And "Hispanic" isn't even nationality!

Sheesh...Americano loco!

"index of" inurl:recycler = useless (1)

bogie (31020) | more than 9 years ago | (#12205969)

especially when you add -gentoo to the search and then find out of the 9 hits out there none of them are interesting.

I'm all for google hacking, especially where axis webcams are concerned, but that just isn't a useful one.

There is still of ton of fun stuff out there though. Too bad about ISP's wising up and filtering ports though. Boy did it used to be fun to scan entire networks that had F&P sharing enabled with no firewall or ISP filter in the way. It used to be as simple as fire up your program, pick and range or IPs, and laugh as 1,000s of boxes we directly open to the Internet.

Re:Nice website (2, Interesting)

ruvreve (216004) | more than 9 years ago | (#12206116)

It's not free, but it's cheap (as in beer) and automated (as in no hands required)

http://www.pornsnatcher.com/

Johnny Long? Porn Star? (2, Funny)

Anonymous Coward | more than 9 years ago | (#12204842)

With a name like that, he should be!

Check the title... (-1, Redundant)

Seoulstriker (748895) | more than 9 years ago | (#12204866)

Google Hacking for Penetration Testers

Woah.

Re:Johnny Long? Porn Star? (1)

Ass, Ltd. Ho! (714400) | more than 9 years ago | (#12205164)

NEW YORK - The open source Linux operating system gets lots of media hype, but it hasn't caught on with medium-size businesses, a new study says.

Only 27% of midsize companies use Linux, while another 10% say they will evaluate Linux in the next three years, according to a survey of 1,422 firms conducted by Info-Tech Research Group of London, Ontario.

"This was surprising to us," says Frank Koelsch, executive vice president of strategy and research at Info-Tech, who authored the report. "We were expecting to find more interest and more buying intentions among our respondents."

Some 48% of respondents said they have no interest in Linux, and 15% said they're not sure whether they'll evaluate Linux in the future.

So much for the notion that Linux is going to take over the world and kill Microsoft.

"Almost half of the people we surveyed say they have no interest at all in Linux. That doesn't exactly indicate a hot market. The survey is a dose of reality amid all the media hype," Koelsch says.

Info-Tech focuses its research solely on midsize companies, which it defines as those with $1 billion or less in annual sales.

Koelsch says most midsize companies already use Microsoft products, which they can't replace entirely with Linux. So if they want to use Linux, they'll have to operate two types of systems instead of one, and most don't want the extra expense.

Companies have figured out that although Linux was once touted as a "free" operating system, in fact distributors such as Red Hat (nasdaq: RHAT - news - people ) and SuSE, a division of Novell (nasdaq: NOVL - news - people ), charge money for their products. Red Hat also charges hefty maintenance fees that have risen sharply over the years.

A spokeswoman for Red Hat says Info-Tech's results don't square with what Red Hat is seeing in the market. "We are finding massive adoption of Linux in all sizes of companies," she says.

Linux zealots will no doubt suspect this is just another Microsoft public relations ploy, but Koelsch insists Microsoft had nothing to do with this study. "It's completely independent research," he says.

Koelsch joined Info-Tech eight months ago after 20 years running Canadian operations for market researcher Gartner Group. He's worked in high-tech since 1972--so he's not exactly new to tech, or to doing research.

Nevertheless, within two hours of releasing a press release about this report, Info-Tech received e-mail messages from Linux fans saying that Koelsch doesn't know what he's talking about.

"We put this [report] out this afternoon, and already we've had negative responses to what is essentially a statistical analysis of a representative sample across many industries," Koelsch says. "It's interesting how religious some people are regarding Linux."

Koelsch insists his firm is not anti-Linux. "We couldn't care less. We simply report what our respondents tell us."

10 percent Google yes, your brain, no. (-1, Redundant)

yagu (721525) | more than 9 years ago | (#12204844)

While you may be using only ten percent of Google, you're certainly using more than ten percent of your own brain.... That (only using ten percent of our brains) [snopes.com] is an urban myth.

Re:10 percent Google yes, your brain, no. (0, Redundant)

yagu (721525) | more than 9 years ago | (#12204879)

Mes apologies! Mod me redundant.... I just realized the submitter linked to the snopes myth buster for the urban myth. Color me embarrassed.

Which is why author linked to Snopes... (2, Funny)

lxw56 (827351) | more than 9 years ago | (#12204896)

Which is why author linked to Snopes...

Re:10 percent Google yes, your brain, no. (1, Funny)

Anonymous Coward | more than 9 years ago | (#12204909)

yes, but you apparently only use 10% of your brain. you failed to notice the submitter linked to the snopes article in his write-up.

Re:10 percent Google yes, your brain, no. (0)

Anonymous Coward | more than 9 years ago | (#12206051)

Has anyone noticed that the snopes article tends to use the terms "brains" and "minds" interchangably?

submitter is a douche (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12204852)

anybody else thing submitter is a douche?

i mean, using Google as a verb is fine. but this whole second brain thing is more than a little self-indulging

Re:submitter is a douche (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12204875)

giant douche or turd sandwich?

Re:submitter is a douche (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12204907)

I don't want either. I'm joining PETA

Of course you may use only 10% of your brain (-1, Redundant)

mandrake*rpgdx (650221) | more than 9 years ago | (#12204858)

but the rest of us, who don't actually believe every urban myth we here, know that we use our full brain capacity at all times.

Re:Of course you may use only 10% of your brain (1)

muellerr1 (868578) | more than 9 years ago | (#12204934)

I use 90% of my brain to look for aliens [berkeley.edu] .

Re:Of course you may use only 10% of your brain (0)

Anonymous Coward | more than 9 years ago | (#12205281)

You're right on track to become the next Star Wars kid...

Re:Of course you may use only 10% of your brain (2, Funny)

jcuervo (715139) | more than 9 years ago | (#12205362)

Be interesting if Google used their spare/idle servers for SETI@Home or something.

Re:Of course you may use only 10% of your brain (0)

Anonymous Coward | more than 9 years ago | (#12205098)

100% brainpower and still can't remember correct spelling of hear...

Re:Of course you may use only 10% of your brain (1, Redundant)

SpyPlane (733043) | more than 9 years ago | (#12205100)

Um, did you click on that link??? It was a link to a urban myth site that debunked the 10% rumor. I guess you use less of your brain than you advertised.

Re:Of course you may use only 10% of your brain (1)

StevisF (218566) | more than 9 years ago | (#12205111)

Apparently you need to allocate more of your brain capacity to grammar.

Heh (3, Funny)

aftk2 (556992) | more than 9 years ago | (#12204863)

Penetration testing?

In that sense, Google Hacking is eye-popping

That's what she said!

</rimshot>

Re:Heh (-1, Offtopic)

aftk2 (556992) | more than 9 years ago | (#12205025)

Someone finds my post insightful. And they say us Slashdotters don't understand women!

Well then... (0)

Anonymous Coward | more than 9 years ago | (#12205260)

You must be one of those skull-penetrators.

Re:Heh (1)

menace3society (768451) | more than 9 years ago | (#12205897)

Penetration testing?
In that sense, Google Hacking is eye-popping
That's what she said!
</rimshot>

You're not kidding.

Re:Heh (0)

Anonymous Coward | more than 9 years ago | (#12206289)

Yeah, my second brain loves to do penetration tests.

Quagon becomes Yoda's master (-1, Troll)

Anonymous Coward | more than 9 years ago | (#12204872)

at the end of episode 3 and teaches him how to use the force to become that force ghost thing. I thought you might like to know. FP.

Yea? Well... (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12204883)

I was so, like, don't go there! and shit. And he was all, like, in your face 'G'! and shit. It was like sick! and shit.

You're not alone!!! (2, Funny)

bogaboga (793279) | more than 9 years ago | (#12204894)

Yes, you are not alone. Many, amd more especially here at slashdot think [and believe] they know more than they actually do!

Re:You're not alone!!! (5, Funny)

Spodlink05 (850651) | more than 9 years ago | (#12204960)

Yes, you are not alone. Many, amd more especially here at slashdot think [and believe] they know more than they actually do!

I know I do.

Stop using porn keywords. (4, Funny)

FreeLinux (555387) | more than 9 years ago | (#12204919)

Instead of submitting basic searches that leave you arduously parsing hundreds of results for your desired answer

Dude, stop searching for porn. I usually feel really lucky if my search produces more than a single page of results.

Google google g0ogle google go0gle google google (-1, Offtopic)

stratjakt (596332) | more than 9 years ago | (#12204940)

gOO

Gol

google google google!!

1) Google
2) ?
3) Google

Google google, google google!

Re:Google google g0ogle google go0gle google googl (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#12205082)

You should change your sig...

"I don't need no instructions to know how to GOOGLE!!!!"

Re:Google google g0ogle google go0gle google googl (0)

Anonymous Coward | more than 9 years ago | (#12206527)

Nah, he should just change his sig. Period.

Wow easy buddy (-1, Troll)

Anonymous Coward | more than 9 years ago | (#12205004)

If you refer to google as your second brain and put that much effort into your slashdot submission, you need to get outside more.

I mean... holy shit dude, relax, its just google.

Penetration? (-1, Redundant)

WaldoXX (803727) | more than 9 years ago | (#12205009)

Is Google Hacking penetration applicable to girls too? If so where can I get a copy?!

Ha! (-1)

Anonymous Coward | more than 9 years ago | (#12205010)

"Until recently, I considered myself a Google power-user; so much so that I often call Google my "second brain."..."

Otherwise known as a "Google Whore"

apache.leakage.org on the list (1)

Tibor the Hun (143056) | more than 9 years ago | (#12205013)

I see that apache.leakage.org is on the list of misconfigured servers.

I didn't think that was possible;)

Re:apache.leakage.org on the list (4, Informative)

klossner (733867) | more than 9 years ago | (#12205453)

It would be surprising if leakage.apache.org were on the list. But leakage.org is just a random site in Malaysia.

Re:apache.leakage.org on the list (2, Funny)

Tibor the Hun (143056) | more than 9 years ago | (#12205592)

oh crap, now i feel like a dumbass.

This is ironic (4, Interesting)

955301 (209856) | more than 9 years ago | (#12205024)


One of the first links I checked out from the google results he lists is apparantly some ddos [dc.spec.pl] perpetrator's weapons list page.

Go Figure.

Re:This is ironic (1)

StarCharter (768335) | more than 9 years ago | (#12205112)

And you left it intact?

GeoCamming (5, Interesting)

Schrockwell (867776) | more than 9 years ago | (#12205033)

Here [hackaday.com] is a cool article on Hackaday that describes GeoCamming, another Google exploit.
I like to find interesting cameras and then use NeoTrace [neotrace.com] to trace the addresses to find out exactly where the camera is. It's quite fun.

Re:GeoCamming (0)

Anonymous Coward | more than 9 years ago | (#12205153)

You can do what NeoTrace does with tracert and whois.

Hell, most tracerts include easily readable hops like "bb1-p1-0.crsfca.sbcglobal.net" -- San Francisco, california.

amazon link (2, Informative)

Anonymous Coward | more than 9 years ago | (#12205042)

Re:amazon link (2, Informative)

Anonymous Coward | more than 9 years ago | (#12205215)

The mod found this "informative," but I find it opportunistic. This is an associate link. Wouldn't be as bad had "gtelnetworks-20" posted it under their own user ID I s'pose, but as it stands, this AC is just looking to make a buck.

Re:amazon link (1, Interesting)

Anonymous Coward | more than 9 years ago | (#12206324)

I posted the link and I wasn't looking to make a buck. The link is not tied into any affiliate program. Even though the link could be misconstrued as an affiliate, at least it didn't produce a 404.

Penetration testing (5, Funny)

ehiris (214677) | more than 9 years ago | (#12205057)

My roommate is dating a penetration tester from my work. You should have seen the look on her face when he told her what he does for a living.

How did someone come up with this name for a profession anyways?

Re:Penetration testing (0)

Anonymous Coward | more than 9 years ago | (#12205193)

How did someone come up with this name for a profession anyways?
Sexually repressed geeks, what can we say? :P

Wait!!! (0)

Anonymous Coward | more than 9 years ago | (#12205945)

Wait .... Girls read slashdot??

<i>Now what sites can I visit??</i>
I don't know what to say anymore.

Re:Wait!!! (0)

Anonymous Coward | more than 9 years ago | (#12206149)

This leads me to an acronym.

RTFC - Read The Fucking Comment.

Re:Penetration testing (1)

MyDixieWrecked (548719) | more than 9 years ago | (#12206221)

That's like when I worked in offset printing. The guys who set the film up are called "strippers."

I'd gotten so used to the term that whenever I'd refer to "the strippers in the back, at work..." it'd catch me offguard when people would say "you've got stippers at work? where do you work again?"

Too bad all the strippers were guys. it woulda been nice to have a female stripper there.

Bunch of Tools. (0)

Anonymous Coward | more than 9 years ago | (#12206571)

In my field of work, we also have strippers [google.com] some of which are pictured on the web.

Some of my coworkers even passed around a pair of dikes. [answers.com]

I also found this interesting ... (3, Informative)

Anonymous Coward | more than 9 years ago | (#12205075)

Seems like Google itself isn't immune to hacking [gregduffy.com] either ...

Google Proxy server (3, Informative)

objekt (232270) | more than 9 years ago | (#12205094)

For example, did you know you can use Google as a free proxy server? By submitting a specially-crafted, English-to-English translation query, you can capitalize on Google's translation service to anonymously submit all your Web requests.

Too bad Google doesn't translate graphics, which some web pages are full of.

We all know` (4, Funny)

KSobby (833882) | more than 9 years ago | (#12205130)

We all know that a male geek's second brain most certainly isn't Google (unless that is a clever nick name he bestowed upon it). I can just imagine wil wheaton shuddering at being linked to this thought as well as all the spam geared towards "natural google enhancement".

JCrawl (0)

Anonymous Coward | more than 9 years ago | (#12205146)

Server Error
The server encountered an internal error and was unable to complete your request.

JRun closed connection.

Is this the vaunted Java Skippy Cool Enterprise Beanie Weenie I have heard so much about?

Re:JCrawl (0, Offtopic)

stankulp (69949) | more than 9 years ago | (#12205172)

Shameless Kharma whore bump.

book on amazon (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#12205163)

Google Hacking for Penetration Testers [amazon.com]

(the link on /. to a review seems to be broken)

I wanna be a tester (-1, Troll)

ValuJet (587148) | more than 9 years ago | (#12205223)

Penetration testing sounds like a really fun job. How can I get a job like that and what do the women look like?

Re:I wanna be a tester (2, Interesting)

pete6677 (681676) | more than 9 years ago | (#12205524)

Considering how male dominated the computer field is, I'd say they'd be mostly dudes. I'll take a pass on this job.

Re:I wanna be a tester (0)

Anonymous Coward | more than 9 years ago | (#12205841)

Penetration testing sounds like a really fun job. How can I get a job like that and what do the women look like?

Poor ValuJet. He just wanted a laugh not to be branded a troll. What humorless jerk modded him down? Oh yes, a humorless, sexless jerk on Slashdot. Perhaps it was a lesbian. Laugh once in a while!

obvious (1, Redundant)

Quixote (154172) | more than 9 years ago | (#12205224)

Right now the server [ihackstuff.com] is undergoing some severe penetration testing, and from the looks of it, not doing too well...

Interesting, but... (2, Funny)

A Sea and Cake (874933) | more than 9 years ago | (#12205261)

What I really want to see abused is AskJeeves. That smarmy little morpion really bugs me for some reason.

Penetration Tester (3, Funny)

cccpkgb (793118) | more than 9 years ago | (#12205275)

My new dream job!

Penetration Tester (5, Funny)

DarkHand (608301) | more than 9 years ago | (#12205277)

Sounds more like a cheesy pickup line to me: "Excuse me Miss, I'm Mr. Jones with the Office of Penetration Testing. You've been scheduled for a security checkup."

Re:Penetration Tester (1)

austad (22163) | more than 9 years ago | (#12206167)

It seems we've found a backdoor.

Johnny is a great presenter (2, Informative)

Anonymous Coward | more than 9 years ago | (#12205309)

I've been fortunate to live and work in the same area as Johnny Long, and have heard him locally a couple of times. The most memorable was when he was a guest speaker at a security class while I was working on my masters degree. His demo on pen testing was great. If you ever get the chance, listen to him speak.

I'd imagine his book is just as lively, informative, and insightful. I'm buying to when I get home. I've had it in my saved list for a while now.

apache.leakage.org (1)

thinkninja (606538) | more than 9 years ago | (#12205316)

An Apache mirror running Microsoft-IIS/6.0.

*boogle*

Re:apache.leakage.org (1)

fcw (17221) | more than 9 years ago | (#12206595)

I forget -- is the boogle a D&D dance of bamboozlement, or is it the instrument played by the Boogie-Woogie Bugle Boy?

Uu uhhh huh (-1, Offtopic)

syntap (242090) | more than 9 years ago | (#12205382)

he said penetration testes... uuh huh.

Misread (0)

jim_v2000 (818799) | more than 9 years ago | (#12205587)

Did anyone else read this as "Penetration Teasers"?

Google as a proxy... (2, Insightful)

HanClinto (621615) | more than 9 years ago | (#12205637)

Correct me if I'm wrong, but Google doesn't do anything to the image references -- so that if you want to anonymously browse a website through Google, wouldn't you also have to turn image loading off on your browser? I mean, sure it'll work for text, but I didn't think this was exactly uncommon knowledge?

Also, I don't think Google translates the hyperlinks to work within the translation-page does it? So you would have to copy out any URL's that you wanted to go to and re-enter them into your translation query.

Can someone please tell me what's so special about this l33t "specially formed English-to-English translation" method? I mean, how much better can it be than just typing in the URL you want and choosing "Korean to English" in the drop-down?

Original Book Title (1)

mrkitty (584915) | more than 9 years ago | (#12205670)

'How to be malicious with search engines'. BTW this is nothing new. Google '1997 Simple Nomad hack faq' which explains using search engines (at the time altavista) to do exactly what this 'groundbreaking book' says!

google proxy (5, Informative)

Kallahar (227430) | more than 9 years ago | (#12205677)

*** WARNING ***
When doing a google translation proxy, remember two things:
1) The images that you load from the target page do *not* use the proxy. So if they want to track you down, all they have to do is look for the next few image loads following the google load for the main page.
2) en|en translations stand out in the logs, since it's not a normal translation option. You should use (for example) de|en. It'll fail on every german word and show the original word, which is english.

MOD PARENT UP (0)

Anonymous Coward | more than 9 years ago | (#12206178)

Compared with the (imo rather poor) info given in the book review, I think the parent post is well informed and shows a 'hackish' mindset.

1) Google cache + translation may be used to fetch pages without querying the real server yourself, but images (and probably css and javascript URIs) will point to the original server. Why not use an anonymous http (or socks) proxy in one of the 'usual' countries? Or one of proxy networks built around onion-routing? Anyone skilled in 'the craft' certainly could.

2) If you leave traces in logfiles, be sure that they don't stand out like shell-code in an apache log. The proposed way of using a 'sensible' translation request which would fail and fallback to the original words is way better than en|en. Why didn't the author of the book write about that? This (fallback) behaviour can't be that secret; I knew about it and hardly use google translation.

3) I don't know the book, but judging from the review it seems to spend quite some time listing queries for server status/directory pages and certain file names. Is this really worth being printed on dead trees?

Re:google proxy (2, Informative)

wwwrench (464274) | more than 9 years ago | (#12206569)

Why not just use tor [eff.org] for anonymous internet use (browsing, sshing etc.). It's free and doesn't place full trust in a single node.

another article (3, Interesting)

zanthas (550256) | more than 9 years ago | (#12205713)

The register had a mirrored [theregister.co.uk] article from security focus. It walks you through the basic idea behind the book.

Legal Liabilities... (1)

John Seminal (698722) | more than 9 years ago | (#12205714)

I wonder what the legal ramifications are if someone uses google to break into a website? Or is google has a cache of a website that does not want a cache to exist?? For example, google has since done away with it, but when news.google went public, you could get a cache to any newspaper you wanted, even if the newspaper required a subscription. I wonder what would happen if google stuck to their guns, said we are keeping all content cached, and the newspapers sued. Who would win?

Since there is so much potential for abuse, I wonder if soon government will "wiretap" google, waiting for certain kinds of searches and then zeroing in the person who did the search. For example, what if some teen in highschool did a search for "anarchist cookbook". Would that be enough to have the police go talk with him, or watch him, or get a search warrent? What if they then find gasoline, and *gasp* styrofome cups in his garadge?? Can they charge him with conspiracy to make napalm? Or worse, what if I want a chem lab in my basement, do I have a right to it, to conduct my own research?

It would be like what the city of chicago is going. First they banned all guns in the city. Then they sued the gun manufacturers whenever a gun was used for a crime in their city limits. The City of Chicago argues "hey, we banned it, and you keep selling it to people who do illegal things in chicago, you have no safegaurds".

I wonder if there is a search engine out there that is opt-in only, does not link to spam or places that don't sell stuff but only link to places that sell (deceptivly I might add too). Maybe some search engine where users can moderate returns, like we do at slashdot. When you search for "baseball", with each hit you get to moderate how good of a search return it is. I have alot of ideas. Maybe I should not post them here, maybe I should talk to a patent lawyer first.

Re:Legal Liabilities... (1)

FuturePastNow (836765) | more than 9 years ago | (#12205847)

The site was insecure to begin with. Google just makes it easier to find.

wiretap google? (3, Funny)

bani (467531) | more than 9 years ago | (#12206060)

I wonder if soon government will "wiretap" google

What makes you think they haven't already?

Sounds fun. (1)

ShyGuy91284 (701108) | more than 9 years ago | (#12205919)

I remember when I worked at a bank, we were told of penetration tests that happened there. The whole concept of being payed to sneak around and try to gain access to what your not supposed to have seems like a fun concept to me.

It's not fair (0)

Anonymous Coward | more than 9 years ago | (#12206117)

Come on guys give me a chance. Your using up all the bandwidth by the time i get to the decent pron sites :(
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...