Home Blog

The Golden Age of Hacking !


Based on everything we know, this truly seems to be the golden age of Hacking. To sum
things up, it is a great time to be a hacker. Because there are so many possible systems
to break into and most of them have such weak security, attackers can pick and choose
which machines to go after. To make matters worse, most companies have insufficient
information or resources to track these attackers, so even if they are detected, their
chances of getting caught are slim. No one polices the Internet, and in terms of
knowledge and experience, attackers have the upper hand. Not only is it a good time to

be a hacker, but it is a good time to be a security professional. There is plenty of work
and a whole lot of challenges ahead.
A recent and well-known example of hacking attacks happened in February of 2000.
Several large sites on the Internet were attacked within in a short period of time. The
type of attack was a distributed Denial of Service attack in which company websites
became unreachable to legitimate users. These attacks will be discussed in detail in
Chapter 6, “Denial of Service Attacks.” From a business perspective, this had a large
impact on the victim companies. For one company, an online bookstore, the attack
resulted in lost revenue—not only did the company lose sales, but it lost customers.
Let’s look at an example. If a customer, intending to buy something online, tries to
connect to a company’s web site at 10:00 p.m. and the web browser displays the
message “Website Unavailable,” he might try back at 10:45 p.m. When the customer
tries again at 11:30 p.m. and still receives the same message, more than likely, the
customer will go to a competitor to buy the product. With the amount of competition on
the Internet, if a customer cannot access a site in a matter of seconds, he will quickly
give up and go to a different site.
Ironically, companies were so afraid of the Y2K problem that they dumped large sums of
money into fixing it. In several cases, it seemed like a waste because the problem was
overestimated and hyped by the media. Now there is a problem far worse, but companies
are looking the other way. They do not want to invest the money.
There are several reasons why so many companies are vulnerable, but one of the main
reasons is lack of awareness. Companies have not realized and still do not realize the
threat. One of my goals in writing this book is to make people aware of the threat and
the tools that exist to protect their sites. Ignorance is deadly, but knowledge is power. If
an attacker breaks into your house with an arsenal of guns and you have no weapons,
you cannot defend yourself. On the other hand, if you are properly trained on weapons
and know the limitations of the weapons the intruder is using, you have an upper hand.
This is the exact purpose of this book. Giving IT professionals the tools and techniques
attackers use to break into sites, equips them with the proper defenses.

Safe Search Certify URLs !


Feed URLs into Google’s Safe Search to determine whether they
point at questionable content…

Only three things in life are certain: death, taxes , and
accidentally visiting a once family-safe web site that now
contains text and images that would make a horse blush.
A s you probably know if you’ve ever put up a web site, domain
names are registered for finite lengths of time. Sometimes
registrations accidentally expire; sometimes businesses fold
and allow the registrations to expire; sometimes other
companies take them over.
Other companies might jus t want the domain name, some
companies want the traffic that the defunct site generated, and
in a few cases , the new owners of the domain name try to hold it
hostage, offering to sell it back to the original owners for a great
deal of money. (T his doesn’t work as well as it used to because
of the dearth of Internet companies that actually have a great
deal of money.)
When a site isn’t what it once was , that’s no big deal. When it’s
not what it once was and is now X-rated, that’s a bigger deal.
When it’s not what it once was , is now X-rated, and is on the link
list of a site you run, that’s a really big deal.
But how to keep up with all the links ? You can vis it each link
periodically to determine if it’s s till okay, you can wait for
hysterical emails from site visitors , or you can jus t not worry
about it. O r you can put the Google AP to work.
T his program lets you check a list of U RLs in Google’s
Safe Search mode. If they appear in the Safe Search mode,
they’re probably okay. I f they don’t appear, they’re either not in
Google’s index or not “safe” enough to pas s through Google’s
filter. T he program then checks the U RLs missing from a
Safe Search with a nonfiltered search. I f they do not appear in a
nonfiltered search, they’re labeled as unindexed. I f they do
appear in a nonfiltered search, they’re labeled as “suspect.”

How to Run the Hacks !


The programmatic hacks in this book run either on the command line (that’s Terminal for M ac O S X folk, DO S command window for Windows users ) or as C GI scripts dynamic pages living on your web site, accessed through your web browser. Command-Line Scripts Running a hack on the command line invariably involves the following steps : 1. Type the program into a garden-variety text editor: Notepad on Windows , TextEdit on M ac O S X, vi or Emacs on U nix/Linux, or anything else of the sort. Save the file as directed usually as s criptname.pl (the pl bit stands for Perl, the predominant programming language used in Google Hacks ). Alternatively, you can download the code for all of the hacks online at http://www.oreilly.com/catalog/googlehks2, a ZIP archive filled with individual scripts already saved as text files . 2. Get to the command line on your computer or remote server. In M ac O S X, launch the Terminal (Applications Utilities Terminal). In Windows , c lick the Start button, select Run…, type command, and hit the Enter/Return key on your keyboard. In Unix .well, we’ll jus t assume you know how to get to the command line. 3. Navigate to where you saved the script at hand. T his varies from operating system to operating system, but usually involves something like cd ~/Desktop (that’s your Desktop on the M ac ). 4. Invoke the script by running the programming language’s interpreter (e.g., Perl) and feeding it the script (e.g., s criptname.pl) like so: $ perl scriptname.pl 5. Most often, you’ll also need to pas s along some parameters your search query, the number of results you’d like, and so forth. Simply drop them in after the script name, enclosing them in quotes if they’re more than one word or if they include an odd character or three: $ perl scriptname.pl ‘”much ado about nothing” script’ 10 6. T he results of your script are almost always sent straight back to the command-line window in which you’re working, like so: $ perl scriptname.pl ‘”much ado about nothing” script’ 10 1. “Amazon.com: Books: Much Ado About Nothing: Screenplay .”


2. “Much Ado About Nothing Script”


The bit signifies that we’ve cut off the output for brevity’s sake. 7. To s top output s c rolling off your screen faster than you can read it, on most systems you can “pipe” (read: redirect) the output to a little program called more: $ perl scriptname.pl | more Hit the Enter/Return key on your keyboard to s c roll through line by line, the space bar to leap through page by page. You’ll also sometimes want to direct output to a file for safekeeping, importing into your spreadsheet application, or displaying on your web site. T his is as easy; refer to the code shown next. $ perl scriptname.pl > output_filename.txt A nd to pour some input into your script from a file, s imply do the opposite: $ perl scriptname.pl < input_filename.txt Don’t worry if you can’t remember all of this ; each hack has a “Running the Hack” section, and some even have a “T he Results ” section that shows you jus t how it’s done

Advanced Search in Google !

auto draft Advanced Search in Google ! 1477154817 1989 1024x760

The Google Advanced Search goes well beyond the capabilities of the default simple search,
providing a powerful fill-in form for date searching, filtering, and more.
Google’s default simple search allows you to do quite a bit, but not all. The Google Advanced
Search (http://www.google.com/advanced_search?hl=en) page provides more options such as date
search and filtering, with “fill in the blank” searching options for those who don’t take naturally to
memorizing special syntaxes.
Most of the options presented on this page are self-explanatory, but we’ll take a quick look at the
kinds of searches that you really can’t do with any ease using the simple search’s single text-field
1.6.1 Query Word Input
Because Google uses Boolean AND by default, it’s sometimes hard to logically build out the
nuances of just the query you’re aiming for. Using the text boxes at the top of the Advanced
Search page, you can specify words that must appear, exact phrases, lists of words, at least one of
which must appear, and words to be excluded.
1.6.2 Language
Using the Language pull-down menu, you can specify what language all returned pages must be in,
from Arabic to Turkish.
1.6.3 Filtering
Google’s Advanced Search further gives you the option to filter your results using Safe Search.
Safe Search filters only explicit sexual content (as opposed to some filtering systems that filter
pornography, hate material, gambling information, etc.). Please remember that machine filtering
isn’t 100% perfect.
1.6.4 File Format
The file format option lets you include or exclude several different Microsoft file formats,
including Word and Excel. There are a couple of Adobe formats (most notably PDF) and Rich
Text Format as options here too. This is where the Advanced Search is at its most limited; there
are literally dozens of file formats that Google can search for, and this set of options represents
only a small subset.
1.6.5 Date
Date allows you to specify search results updated in the last three months, six months, or year.
This date search is much more limited than the date range: syntax [Hack #11], which can give you
results as narrow as one day, but Google stands behind the results generated using the date option
on the Advanced Search, while not officially supporting the use of the date range search.
The rest of the page provides individual search forms for other Google properties, including news
search, page-specific search, and links to some of Google’s topic -specific searches. The news
search and other topic specific searches work independently of the main advanced search form at
the top of the page.
The advanced search page is handy when you need to use its unique features or you need some
help putting a complicated query together. Its “fill in the blank” interface will come in handy for
the beginning searcher or someone who wants to get an advanced search exactly right. That said,
bear in mind it is limiting in other ways; it’s difficult to use mixed syntaxes or build a single
syntax search using OR. For example, there’s no way to search for (site: edu OR
site: org) using the Advanced Search.
Of course, there’s another way you can alter the search results that Google gives you, and it doesn’t
involve the basic search input or the advanced search page. It’s the preferences page.

Why Google Hacks ?


Hacks are generally considered to be “quick-and-dirty
solutions to programming problems or interesting techniques for
getting a task done. But what does this kind of hacking have to
do with Google?
Considering the size of the Google index, there are many times
when you might want to do a particular kind of search but you get
too many results for the search to be useful. O r you may want to
do a search that the current Google interface does not support.
T he idea of Google Hacks is not to give you some exhaustive
manual of how every command in the Google syntax works
(although we do give this more than a fair shake), but rather to
show you some tricks for making the best use of a search, show
off jus t what’s possible when you automate your queries with a
little programming know-how, and shine a light into some of the
overlooked corners of Google’s offerings . In other words , hacks .

T he combination of Google’s myriad services and over four
billion pages of constantly shifting data can do strange things to
your imagination and give you lots of new perspectives on how
best to search. T his book goes beyond the instruction page to
the idea of hacks : tips , tricks , and techniques you can use to
make your Google searching experience more fruitful, more fun,
or (in a couple of cases ) jus t more weird.

Understanding the Need to Hack Your Own Systems Do You Know How !


The law of averages works against security. With the increased number of
hackers and their expanding knowledge, and the growing number of system
vulnerabilities and other unknowns, eventually, all computer systems and
applications will be hacked or compromised in some way. Protecting your
systems from the bad guys — and not just the generic vulnerabilities that
everyone knows about — is absolutely critical. When you know hacker tricks,
you find out how vulnerable your systems really are.
Hacking preys on weak security practices and undisclosed vulnerabilities.
Firewalls, encryption, and passwords can create a false feeling of safety.
These security systems often focus on high-level vulnerabilities, such as
basic access control, without affecting how the bad guys work. Attacking
your own systems to discover vulnerabilities helps make them more secure.
Ethical hacking is the only proven method of greatly hardening your systems
from attack. If you don’t identify weaknesses, it’s only a matter of time before
the vulnerabilities are exploited.
As hackers expand their knowledge, so should you. You must think like them
and work like them to protect your systems from them. As the ethical hacker,
you must know the activities that hackers carry out and how to stop their
efforts. Knowing what to look for and how to use that information helps you
to thwart hackers’ efforts.
You don’t have to protect your systems from everything. You can’t. The only
protection against everything is to unplug your computer systems and lock
them away so no one can touch them — not even you. But doing so is not the
best approach to information security and it’s certainly not good for business.
What’s important is to protect your systems from known vulnerabilities and
common attacks.

Anticipating all the possible vulnerabilities you’ll have in your systems and
business processes is impossible. You certainly can’t plan for all possible
attacks — especially the unknown ones. However, the more combinations
you try and the more you test whole systems instead of individual units, the
better your chances are of discovering vulnerabilities that affect your information systems in their entirety.
Don’t take ethical hacking too far, though; hardening your systems from
unlikely attacks makes little sense. For instance, if you don’t have a lot of foot
traffic in your office and no internal Web server running, you might not have
as much to worry about as an Internet hosting provider might have. Your
overall goals as an ethical hacker are…
✓ Prioritize your systems so you can focus your efforts on what matters.
✓ Hack your systems in a nondestructive fashion.
✓ Enumerate vulnerabilities and, if necessary, prove to management that
vulnerabilities exist and can be exploited.
✓ Apply results to remove the vulnerabilities and better secure your

Defining hacker !

Defining hacker ! Untitled design 1024x576

Defining malicious user !


Malicious users — meaning a rogue employee, Contractor, intern, or other
user who abuses his or her privileges — is a common term in security circles
and in headlines about information breaches. A long-standing statistic states
that insiders carry out 80% of all security breaches. Whether this number
is accurate is still questionable, but based on what I’ve seen and numerous
annual surveys, undoubtedly an insider problem makes up the majority of all
computer breaches.
The issue is not necessarily users “Hacking” internal systems, but rather
users who abuse the computer access privileges they’ve been given. Users
ferret through critical database systems to glean sensitive information,
e-mail confidential client information to the competition or other third parties, or delete sensitive files from servers that they probably didn’t need to
have access to in the first place. There’s also the occasional ignorant insider
whose intent is not malicious but who still causes security problems by
moving, deleting, or corrupting sensitive information.
Malicious users are often ethical hackers’ worst enemies because they know
exactly where to go to get the goods and don’t need to be computer savvy to
compromise sensitive information. These users have the access they need
and the management trusts them without question.