Slashdot Mirror

← Back to Stories (view on slashdot.org)

The "Google Hack" Honeypot

Posted by CmdrTaco on from the so-many-malicious-robots-hitting-us-every-day dept.

An anonymous reader writes "On the heels of Google Hacking for Penetration Testers, and Johnny Long's talks at Blackhat/Defcon over the weekend, comes the "Google Hack" Honeypot, a honeypot designed to lure in malicious search engine activity. They had a second release of their tools on monday, according to their site."

4 of 108 comments (clear)

  1. Huh? Not all of these... by sH4RD · · Score: 4, Interesting

    GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)

    How is that a problem? Look at their demo page. Whoopdeedoo. Now I can stare at a SquirrelMail login screen. Still haven't gotten access to much of anything that I'm not supposed to. Heck, there are plenty of websites offering e-mail through SquirrelMail. Whatever...

    --
    WASTE - The Secure P2P
  2. OK, I'll admit my density. by idontgno · · Score: 2, Interesting
    What am I missing here? A honeypot attracts would-be attackers with a false target to allow them to try their every wile against the honeypot while the pot's admins record every move.

    How do you honeypot Google? I'm fairly sure the nice folks at GoogleCorp aren't going to let you stick your honeypot in the way of the real thing. If the hacks in question are just malicious queries, how do you get the 1334 hax0rs to use your oh-so-attractive honeypot when every schmoe can type "www.google.com" into their attack script?

    Where's the flaw in my thinking? If you're not honeypotting the search, what's left?

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  3. Why aren't Google being responsible? by Anonymous Coward · · Score: 1, Interesting

    So how come Google don't do anything about the hacks themselves?

    With some hacks, like the URL based ones, it seems unlikely that removing them would affect any legitimate search.

    The conclusions by courts in the open wireless networks seemed to be that the openess(physically) of a network was irrelevant - if it was private(in the mind of the owner) then you're not alowed in. So Google is not only sniffing out private networks they are also broadcasting them to the world!

  4. 'Bad guy' not so bad by Anonymous Coward · · Score: 1, Interesting

    The problem here is that I can't see a way of using Google that would mean truly illegal website cracking (vocabulary lesson: 'cracking' as in dismantle security measures; and not 'hacking' as in improving the linux kernel).

    For example, the following "crack-search" example: 'intitle:index.of "parent directory" *.mp3', this only is useful if you mistakenly have left your http server on, I don't think the 'bad guy' is doing anything bad by using this, it is you who should disable your http server, or Google who should stop indexing this sites.

    Can somebody enlighten me with an example of using Google to truly crack a website, rather than just using blatantly available services?