TORONTO. The term Google Hacking is not a new one – and it’s definitely an interesting topic to learn about how you can use Google to attack or protect sites.
That was the promise of the Googless session at SecTor run by OWASP researcher Christian Heinrich. Unfortunately Heinrich’s presentation was a little strung out and heavy on the obvious features of Google. So much so that by my estimation at least 40 percent of the people that were in the session when it began left before it ended.
From my point of view I gleaned at least one small tidbit. Heinrich has created a tool called TCP Input Text which extracts TCP Ports from Google Search Results. It’s an interesting little tool that could be used for profiling without triggering an IPS/IDS. He also demonstrated how his Google tool could be integrated with the NMAP security tool to get an even more accurate profile.
The new tool is part of an OWASP tools project – I’ll be keen to see how they evolve over time. Heinrich said that the Google hacking tools will be released in November of 2008 and will be published on Google Code itself.
Heinrich argued that the OWASP Google Hacking effort is not a violation of Google’s Terms of Service, though he did note that Google has complained to OWASP executives about the project.That said Heinrich claimed that Google has recently offered him a job as Google Security Team lead in Australia.