Yahoo! Hacking ala MSN and Google Hacking

Digg this

Much like MSN hacking, and the ever popular Google hacking, Yahoo! As well exposes really cool data the same way that MSN and Google do as well. Now that all three major search engines provide the same interesting data, information security people need to be aware of what is stored in the Yahoo! URL database as well. The process of using search engines for targeting and profiling vulnerabilities within search engines is common across all the big three.

Search for admin.dat
http://search.yahoo.com/search?ei=UTF-8&p=inurl%3Aadmin.dat&xargs=0&pstart=1&fr=sexp-rd&b=11

Search for config.php
http://search.yahoo.com/search?p=inurl%3Aconfig.php&ei=UTF-8&fr=sexp-rd&x=wrt

Search for admin.php
http://search.yahoo.com/search?p=inurl%3Aadmin.php&ei=UTF-8&fr=sexp-rd&x=wrt

search for set up admin user in Pivot
http://search.yahoo.com/search?p=%22set+up+the+administrator+user%22+inurl%3Apivot&prssweb=Search&ei=UTF-8&fr=sexp-rd&x=wrt

Search for index of cgi-bin
http://search.yahoo.com/search?p=index+of+cgi-bin&prssweb=Search&ei=UTF-8&fr=sexp-rd&x=wrt

And so on, most of the Google hacks that translate over to MSN also translate over to Yahoo! As well. This makes the search surface much more interesting as the attacker can distribute their searches across multiple search engines by script and using wget to bring the results to them and then digest the data off line. Or bouncing the search for vulnerabilities long a number of various routes including TOR to obscure the search patterns and not push out any particular pattern to the searches.


As we see the ramifications of privacy in search engines, and we deal with the security ramifications of what are in the big three search engines security personnel in companies need to be realistic in their view points about that data. If it is there, the target will most likely not know that they are being rec
onned via the search engines that hold data about the vulnerabilities in their web sites.

Security people need to be doing this kind of work on a regular basis so that they know what is in the search engines and "think bad act good" actions on this process. While we do want data in the search engines, configuring the web server, only leaving pages that are essential on the web server, off loading administrative functions to other boxes that are not going to be scanned by a search engine are
all good ways of approaching the issue in the longer run. If the software will not work without everything being exposed, then it is really is time to move on to something else.

The Johnny I
hack stuff web site contains some really good base searches for Google hacking, that are easily transplanted over to MSN and Yahoo with minor modifications. These mods are easy enough to change and the script to run multiple queries against multiple search engines is also something that is easily programmed.

I'll do more MSN hacking and Yah
oo hacking throughout the rest of the week to help folks learn how to use the data in search engines to better secure their networks.

Related Posts by Categories



Widget by Scrapur | Scrap Book