Tenacious Diggity - Skinny Dippin in a Sea of Bing
1 like5,371 views
The document provides an overview of the Diggity project, focusing on advanced attacks and new attack tools for exploiting vulnerabilities through search engines like Google and Bing. It discusses tools like portscan diggity, code search tools, and the Bing hacking database, highlighting their functionalities and recent updates. Additionally, it addresses data security concerns and the importance of advanced defenses against potential data leaks and exploits.
Tenacious Diggity - Skinny Dippin in a Sea of Bing
- 1. Tenacious Diggity Skinny Dippin' in a Sea of Bing 29 July 2012 – DEF CON 20 – Las Vegas, NV Presented by: Francis Brown & Rob Ragan Stach & Liu, LLC www.stachliu.com
- 2. 2
- 3. Agenda OVERVIEW • Introduction/Background • Advanced Attacks • NEW Diggity Attack Tools • Advanced Defenses • NEW AlertDiggity Cloud Database • Future Directions 3
- 4. Introduction/Background GETTING UP TO SPEED 4
- 5. Diggity Tools PROJECT OVERVIEW 5
- 6. Diggity Tools ATTACK TOOLS Tool Descrip,on GoogleDiggity Tradi,onal Google hacking tool BingDiggity Bing equivalent of tradi,onal Google hacking tool FlashDiggity Adobe Flash security scanning tool DLPDiggity Data loss preven,on scanning tool LinkFromDomain Bing footprin,ng tool based on off-‐site links CodeSearch Diggity Open-‐source code vulnerability scanning tool MalwareDiggity Malware link detec,on tool for off-‐site links 6
- 7. Diggity Tools NEW ATTACK TOOLS Tool Descrip,on PortScan Diggity Passive port scanning via Google NotInMyBackYard Easily find your info in 3rd party sites BHDB 2.0 New Bing Hacking DB now as affec,ve as Google Bing BinaryMalware Find malware via Bing’s indexing of executables CodeSearch REBORN Brought back from the dead SHODAN Diggity Easy interface to SHODAN search engine 7
- 8. Diggity Scraping NEW ACROSS ALL ATTACK TOOLS 8
- 9. Diggity Scraping PROXIES SPECIFICATION 9
- 10. Diggity Scraping MANUAL PROXIES SPECIFICATION 10
- 11. Advanced Attacks WH AT YOU SHOULD KNOW 11
- 12. NEW GOOGLE HACKING TOOLS PortScan Diggity 12
- 13. PortScanning TARGETING HTTP ADMIN CONSOLES Searching for web admin interfaces on non-standard HTTP ports 13
- 14. PortScanning TARGETING PORT RANGES Searching for specific port ranges 14
- 15. PortScanning TARGETING VULNERABILITY Targeting specific HTTP ports example 15
- 16. PortScan Diggity TARGETING HTTP ADMIN CONSOLES 16
- 17. NEW GOOGLE HACKING TOOLS NotInMyBackYard 17
- 18. Data Leaks on 3rd Party Sites SENSITIVE INFO EVERYWHERE Verizon - 2012 Data Breach Investigation Report 18
- 19. PasteBin Leaks PASSWORDS IN PASTEBIN.COM POSTS • Twitter feed tracking passwords leaked via PasteBin 19
- 20. Cloud Docs Exposures PUBLIC CLOUD SEARCHING Public cloud storage document exposures 20
- 21. Cloud Docs Exposures ROBOTS.TXT IS DEAD Personal photo galleries exposed 21
- 22. Data Loss In The News MAJOR DATA LEAKS • Yale Alumni 43,000 SSNs Exposed in Excel Spreadsheet 22
- 23. NotInMyBackYard L O C A T I O N, L O C A T I O N, L O C A T I O N Cloud storage: Public presentations sharing sites: • Google Docs/Drive, DropBox, • slideshare.net, prezi.com, Microsoft SkyDrive, Amazon S3 present.me Social networking sites: Public charts and graphs sharing sites: • Facebook, Twitter, LinkedIn • ratemynetworkdiagram.com, gliffy.com Public document sharing sites: • scribd.com, 4shared.com, Video sharing sites: issuu.com, docstoc.com, • vimeo.com, dailymotion.com, metacafe.com, youtube.com PasteBin and text sharing sites: • pastebin.com, pastie.org, … 23
- 24. NotInMyBackYard PASTEBIN EXAMPLE 24
- 25. NotInMyBackYard XLS IN CLOUD EXAMPLE 25
- 26. Cloud Docs Exposures PUBLIC CLOUD SEARCHING Public cloud storage document exposures 26
- 27. NEW GOOGLE HACKING TOOLS Bing Hacking Database v2.0 27
- 28. Bing Hacking Database v2.0 STACH & LIU TOOLS BHDB v2.0 – Updates • Bing hacking database • Bing hacking limitations • Disabled inurl:, link: and linkdomain: directives in March 2007 • No support for ext:, allintitle:, allinurl: • Limited filetype: functionality • Only 12 extensions supported • UPDATES (2012) • ext: functionality now added • inurl: work around by using instreamset:url: • New BHDB 2.0 • Several thousand more Bing dorks! 28
- 29. NEW GOOGLE HACKING TOOLS BingBinaryMalwareSearch (BBMS) 29
- 30. Bing Malware Search TARGETING MALWARE Targeting known malware signatures 30
- 31. Google vs Bing Size MORE BANG FOR YOUR SEARCH 31
- 32. NEW GOOGLE HACKING TOOLS CodeSearch Diggity 32
- 33. Google Code Search VULNS IN OPEN SOURCE CODE • Regex search for vulnerabilities in indexed public code, including popular open source code repositories: • Example: SQL Injection in ASP querystring • select.*from.*request.QUERYSTRING 33
- 34. CodeSearch Diggity AMAZON CLOUD SECRET KEYS 34
- 35. Cloud Security N O P R O M I S E S . . .N O N E Amazon AWS Customer Agreement • http://aws.amazon.com/agreement/#10 35
- 36. Cloud Crawling CREATE YOUR OWN SEARCH ENGINES 36
- 37. NEW GOOGLE HACKING TOOLS SHODAN Diggity 37
- 38. SHODAN HACKER SEARCH ENGINE • Indexed service banners for whole Internet for HTTP (Port 80), as well as some FTP (23), SSH (22) and Telnet (21) services 38
- 39. SHODAN FINDING SCADA SYSTEMS 39
- 40. SHODAN FINDING SCADA SYSTEMS 40
- 41. SHODAN Diggity FINDING SCADA SYSTEMS 41
- 42. Advanced Defenses PRO TECT YO NECK 42
- 43. Diggity Alert DB DATA MINING VULNS Diggity Alerts Database 43
- 44. Future Directions WH AT W ILL HAPPEN 44
- 45. Diggity Dashboards COMING SOON Google Charts Mobile BI Apps 45
- 46. DLP Reporting PRACTICAL EXAMPLES 46
- 47. Questions? Ask us something We’ll try to answer it. For more info: Fran Brown Rob Ragan (@sweepthatleg) Email: [email protected] Project: [email protected] Stach & Liu, LLC www.stachliu.com
- 48. Thank You Stach & Liu Google Hacking Diggity Project info: http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/ 48