Using Google as a Website Vulnerability Scanner

Vulnerability and penetration testing tools can cost a lot of money, and Google is here to save you a lot of money. When done right, you can use the Google search to test your website for vulnerabilities.

Website Vulnerability Testing with Google Search

So you’re running a website and would like everybody on the internet to visit it, right? Yes you do! But have you ever wondered about the directory with the backup files or the folder with the phpmyadmin sql dumps you have put up for yourself only? Well, what if Google knows about them and shows them for everybody to see? Wouldn’t you freak out if you knew that there are the files with all your users’ data in them available on the internet?

Google has your back!

But Google will also shoot you in the back at the same time if you don’t secure your website’s sensitive directories. Oh, and don’t think a simple

User-agent: *
Disallow: /my_fricking_backup_files/

will do the trick.

Your first and foremost rule should be: Never (ever) place sensitive data in the publicly available folders on your web server. Move them our of the web root. Just do it. If its not in the web root (www or public_html), Google and other search engines can not find them. Just move them away from public and download them using FTP.

If you must put them into the web root (for whatever ungodly reason), password protect that directory. Here is how to do that.

Use Google to find website vulnerabilities

You can use our search tips (others call them Google Hacks or Google Dorks) to find out what Google knows about your site.

Check if Google knows about your precious backup directories.

If you have named your backup directory “backup”, you’re a fool. Seriously. Move on – get a new job. You know that you can use Google to find online backup directories, and here’s the code to use to check if Google finds them on your website:

"Index of /backup" inurl:"yoursite.com"

Well, does it show any results? No? Well, you’re fine. It does? Well, you’re finished. RENAME/REMOVE THAT DIRECTORY. NOW!

Check if Google knows about your database backups.

Same goes for the database backups / dumps. If you put them onto your web space, you’re a fool. Let me guess: Your users’ data is in there, including the email addresses, passwords and home address? Well, let’s find out if you’re a brainiac

Perform this Google search to find out if Google finds and database backup on your website.

filetype:sql intext:"phpMyAdmin SQL Dump -- version" inurl:yoursite.com

No results? Good

And you can do the same for all the other Google Hacks we have written about by simply adding inurl:yoursite.com

See if Google knows about your open phpMyAdmin (and users can access all your databases).
Use Google to search for vulnerable files on your server (such as user data lists)
You can even see if Google knows about your webcam or family photos

With these queries you can perform very simply and basic penetration testing tasks – well, basically just check whether you left the frick’ing doors open and told everybody about it. This is not in-depth penetration testing or vulnerability scanning! If you need/want to do a serious vulnerability scan or penetration test, hire a professional. These Google hacks are just the stuff the boy next door uses to find vacation photos of your daughter or wife:)

Not showing up on Google for these searches does not mean your website or server is safe!

Hire a professional penetration tester if you want to be safe.

Read More Post