full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] GHDB - Google Hacking Data

[Full-disclosure] GHDB - Google Hacking Database

From: pdp (architect) <pdp.gnucitizen_at_nospam>
Date: Mon May 21 2007 - 15:09:15 GMT
To: full-disclosure@lists.grok.org.uk, "WASC Forum" <websecurity@webappsec.org>, "webappsec @OWASP" <webappsec@lists.owasp.org>


GHDB (a.k.a. Google Hacking Database) is HTML/JavaScript wrapper application that uses advance JavaScript techniques to scrape information from Johnny's Google Hacking Database without the need for hosted server side scripts.

    In attempt to show the real dangers of AJAX APIs I've created completely harmless interface to Johnny's Google Hacking Database. Keep in mind that no service side scripts are required from my side. Also, keep in mind that all I am providing here is a single HTML page with a few JavaScript files to glue the interface together.

    The danger that I am trying to show here is that by mashing up a few services, attackers can create something which I would like to call a super worm. Super Worms, in terms of Web Application Security, are the successors of AJAX Worms! Original AJAX worms spread across a single domain, mimicking retro viral code: the worm does not leave the medium it infects. Super Worms can go further by exploiting other domains/mediums as well such as other websites, local and remote devices, etc.

    It took me 2 hours to put the application together. Most of the time I spent on the style sheets and the GUI. The core application functionalities were delivered within 5 minutes.

    Why this application is interesting you may ask? If I am not hosing any server side scripts on my side, and Johnny's johnny.ihackstuff.com does not provide any JSON export of the database either, how the heck I still manage to fetch the data? Well, I am using a screen scraper which is entirely based online. Online services are very Web2.0 so expect to see more of them very soon. For Web based malware, this means that they no longer need server side support. That is quite scary. -- pdp (architect) | petko d. petkov http://www.gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/