this is a foobar-temporary-name, not for some tutorial 'how to 1,2,3', but
for tutorial of 'how to think about possibilities of vulnerability'.
Questions?
No? thanks. Go.
Trick 1. What is the purpose?
Answer: Cash. Hacktivism. Stupidity.
Trick 2. Most 'common' ways of hacking?
In my opinion - the most dangerous bug, is input-vulnerabilities kind of bugs.
(code/php injections, others rce - I'm calling it all: 'rce' ;))
So 'most dangerous' and 'most simple to re-script'.
Trick 3. No sample, just idea.
'What if' an attacker will go to google.com search bar, and few ideas about
how to connect parameters of 'google-hacks', to find _really_ useful things, maybe will
change your site to one of those already 'h4ck3d'?
hm...
ok. ;]
simple arsenal: 5 parameters:
(param:example)#
site:com # find sites.COM
site:com -site:com.br # find sites.COM without .com.br
site:org intext:findme # find all sites.ORG with 'findme' word
ext:php # find all php type of files (extensions)
intitle:motel # find all pages contains 'title' with motel word
Great.
If you have some knowledge about writting php pages,
you can get few simple ideas right now.
As a coder you saw 'few times' some error-messages,
for example 'Error in line...' whatever.
Remember those errors from MySQL? ;>
Maybe this simple example will refresh your memory:
site:r0x intext:"SQL.Syntax" ext:php intext:error
ok not bad, but not so good also. ;)
Upgrade:
intext:"SQL.Syntax" ext:php intext:error inurl:".php?*=2"site:stillr0x
this google-dork actually gives you 'few' vulnerable to sqlinjection attacks
sites, so b patient and think what you're doing. if you're doing anything with this ideas,
do NOT do bad things and remember to test it only against your sites.
Remember. ;)
More? here.
o/
i think this blog will be so helpful for IT
ReplyDelete---------------------------
Thank you
mark
Aricho IT