Google Hacking
Google hacking is a method of using structured queries in
google to gather information on an organization. An experienced and intelligent hacker will
spend the time gathering information on a target prior to attacking. Because of this, security professionals need
to be aware of all the different types of information that can be gathered on
their organization by the use of google hacking. The more information an attacker is able to
gather on the target, which could be your organization, the more likely they
are to be successful.
Google operates the most widely used search engine on the
internet. Most people search google
using keywords and google returns the most relevant websites based on their
algorithm. Most people aren’t aware that
google also has special keywords and operators that can assist someone in
finding very specific information.
Here is a table of some of the more commonly used
keywords:
|
Keyword
|
Description
|
|
allinanchor
|
Restrict your search to web pages that have all of the terms you are
looking for in the anchor of the page
|
|
allintext
|
Restrict your search to web pages that have all of the terms you are
looking for in the text of the page
|
|
allintitle
|
Restrict your search to web pages that have all of the terms you are
looking for in the title of the page
|
|
allinurl
|
Restrict your search to web pages that have all of the terms you are
looking for in the url of the page
|
|
filetype
|
Restrict your search to web pages that have the filetype you specify
(filetype:pdf)
|
|
inanchor
|
Restrict your search to pages that have the terms you specify in the
anchor of the page
|
|
intext
|
Restrict your search to pages that have the terms you specify in the
text of the page
|
|
intitle
|
Restrict your search to pages that have the terms you specify in the
title of the page
|
|
inurl
|
Restrict your search to pages that have the terms you specify in the
url of the page
|
These can be used together to gather much more specific
information. For example, the search
filetype:xls
inurl:email.xls
would be useful when searching for an excel file that
contains email addresses.
A social engineering attacker might try this search to
gather useful information:
Intitle:”resume” filetype:doc
I did this search:
intitle:"resume" filetype:doc
intext:"director"
This returns word documents that are resumes containing the
word “director”. I opened one and am
given personal information on an individual including his full name, address,
phone numbers, and email address. This
also can tell me if that individual is still working at a company and in what
capacity. This is all very valuable
information for a social engineering attack.
Comments
Post a Comment