Linux Today: Linux News On Internet Time.

More on LinuxToday

Q&A: Google hacking

Mar 12, 2010, 16:02 (0 Talkback[s])
(Other stories by Mirko Zorz)


Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers

[ Thanks to An Anonymous Reader for this link. ]

"Let's say you're doing a penetration test. What kind of information about a target can you find out by using Google?

'Anything connected to the web, is indexed by Google. Even administrator's portals of devices connected to the web, such as printers and webcams are crawled and discovered by Google. You'll be surprised by how many unprotected webcams are connected to the internet, streaming live video from people's living rooms, or university dormitories.

"By using Google, one can find out more about a configuration or version of a web server, web technology, such as PHP or .NET, and also well known web application, such as Wordpress. Having access to a configuration of specific software, or its version, can be enough to help me start an attack. Unfortunately when web and network administrators encounter specific application problems, they seek for support from public forums where they tend to post extra configuration and setup information. Such information exposure can be enough to help a hacker know more about the actual web application he wants to attack."

Complete Story

Related Stories: