UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
August
Su M Tu W Th F Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#879 - 01/11/05 06:21 PM SiteDIgger v2.0 - making google hacking easy.
Digital Geek Offline
UGN Super Poster

Registered: 09/18/02
Posts: 553
Loc: Cluj-Napoca, Romania
Foundstone, a division of McAfee, released SiteDigger v2.0 which is a free tool that searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.

What you need:

1. A copy of SiteDigger v2.0 .

2. You need the Microsoft .NET Framework Version 1.1

3. Your very own Google API Key which can be obtainted by going to http://www.google.com/apis . You can skip step one, and just create an account and after you validate it, you receive an e-mail with the key.

SiteDigger v2.0 comes with two databases. The Foundstone SignatureDatabase (175 signatures) that contains easy to understand signature descriptions and the signatures are broken into categories and the Google Hacking Database (784 signatures) which contains the latest signatures which are not categorized. You can also submit a new signature with your descriptions and comments.

Now, I know that a similar program can be written by anyone with some decent coding skills so this program it's not something amazing and neither is the concept of google hacking and I also know that this tool was designed with security in mind and that is designed to let one know if his website is secure or not and it's for personal use only and can't be used for illegal pourposes, and all that crap that comes in the disclaimer, BUT releasing a free tool that can test in a minute or two any website against almost 1000 possible vulnerabilities can be used to do a lot of damage if it falls in the hands of some lame ass scriptkiddie.

So if you have a website, you'd better get this tool, before they do !

Top
Sponsored Links
      
#880 - 01/12/05 06:22 AM Re: SiteDIgger v2.0 - making google hacking easy.
Ghost Offline


Registered: 06/16/03
Posts: 807
Loc: Wisconsin
Sweet. I'm checking this tool out. Nice find DG.
_________________________
[[ GamerSupport ] [ UGN Security ] [ Evil Hosting ] [ Comic Relief ]
~[Ghost]

Top
#881 - 01/12/05 07:43 AM Re: SiteDIgger v2.0 - making google hacking easy.
Digital Geek Offline
UGN Super Poster

Registered: 09/18/02
Posts: 553
Loc: Cluj-Napoca, Romania
When you use it, if the scan suddenly stops you need to remove the signature that made it stop from the sig list since google is now blocking some of the queries.

Top
#882 - 01/12/05 07:47 AM Re: SiteDIgger v2.0 - making google hacking easy.
pergesu Offline
UGN Elite Poster

Registered: 03/14/02
Posts: 1136
Loc: Pimpin the Colorizzle
It probably won't be long before most/all of those get blocked, or Google sets a maximum number of queries in a specified amount of time. They don't want tons of people taking advantage of this.

/me has never even heard of Google hacking

Top
#883 - 05/18/05 05:26 AM Re: SiteDIgger v2.0 - making google hacking easy.
Yaoiman1 Offline
Junior Member

Registered: 04/25/05
Posts: 1
Loc: Tonawanda
Hey! Thanks! I'm gonna have to check that out!

Top
#884 - 05/18/05 10:21 AM Re: SiteDIgger v2.0 - making google hacking easy.
Defcon Offline
Ass Clown

Registered: 03/04/02
Posts: 384
Loc: 508 or 207
Um, talk about bringing up old topics. I don't really see how that contributed to the overall conversation. All-in-all exceptionally bad form.

Since this is your first post, I'd let you slide with a warning.... but then I see that you've basically chosen a nice that screams "flamebait". For those readers not familiar with my brand of ranting, I'll give you a second to think about my point...
.
.
.
Quote:
The word Yaoi (pronounced /jaoi/, sound like "Yah-Oh-ee" rather than "Yow-ee" or "Ya-oy", all three vowels are pronounced) was originally used to refer to fan manga (such as doujinshi) that focused on homosexual relationships between male characters, especially two bishōnen - the manga equivalent of slash.
Compliments of Wikipedia.

Get a life man, jeez
Someone seal up this fucked up repugnant shit
_________________________
"Remember how much fun you had shooting spitwads at the teacher in seventh grade? Imagine applying that kind of attitude to actually fucking with Mitsubishi!"
- Jello Biafra

Top

Moderator:  Infinite 
Featured Member
Registered: 08/21/13
Posts: 1
Forum Stats
2146 Members
46 Forums
33865 Topics
69032 Posts

Max Online: 1567 @ 04/25/10 10:20 AM
Top Posters
UGN Security 27028
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Devo60, ali, lavos, Zanvin Green, Daktologist
2145 Registered Users
Who's Online
0 registered (), 305 Guests and 355 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!