Saturday, 21 October 2017

Practical example of hacking with google

Welcome to my home, make yourself a copy of my keys and come in whenever you want. Shocking, right? Well it could be that without realizing what you are doing on your website, only that instead of keys you will be giving your access keys . An oversight I can leave your system completely exposed.
In this article we will see a very particular and very practical application of yesterday's post on how to do advanced searches in google . The key is that Google is able to track our website to the last corner and if by carelessness we have left visible part of sensitive code we will be giving it to anyone who requires it. 

Practical example of hacking with google - Hacking in less than 1 minute

As some of you will know when we install a web application, whether a wordpress, a drupal, a joomla or any site that requires a connection to a database, sooner or later we have to define a configuration file in which we store in plain text the keys so that the application can connect to the database and work with it. Usually these files are in protected directories, but there are cases, especially in web applications created from 0 in which for an oversight this is not so and are publicly accessible with the risk that this entails. Obviously the usual thing is that this does not happen, but we can always try this trick as it is really easy to apply and we can let you see interesting things.
We will look for this example the function mysql_connect , is a function that is used to connect to the database, this function requires that we pass both the user and the password and it will be in "inc" file types. So we will tell google that we want the inc file types that contain the mysql_connect function, so we set up the following query: 
filetype: inc intext: mysql_connect
Search mysql_connect function in configuration files
We focus on the first result for the example that comes to us, serve as an example, (from here we advise that we will contact the administrators of this site to warn them of the problem).
Mysql_connect function in configuration file
And if we look closely we will see 3 fields. The first  Localhost  refers to the server, we must look for how to connect from localhost, it is not worth launching the connections from our pc (at least in principle, because it could also be that your mysql server accepts connections from outside. this case is real estate, is the username to connect to the database, and the third field is the  password , which in this case is durpango.
Okay, we have already seen that we have all 3 fields, but the question now is.

How do we use the username and password to connect to your database?

We will find answers to this question as we advance in the course, for today we will give the easiest. PhpMyadmin is normally used to manage the databases So the step now is to see if you really have it installed and try to open it by accessing the most obvious url that comes to mind: / phpmyadmin
PhpMyadmin access form
And bingo, you have it installed, now we introduce the user / password pair that we have obtained from the previous function and .... We have full access to the management of your database. Later we will see how phpMyadmin works, if you know it is not necessary to tell you that we already have full control of the page.
Phpmyadmin database management interface
As you see google squeeze  can serve us to take control of a website in less than 1 minute. And you, do you have your passwords exposed in a post-it 2.0?

1 comment:

  1. Are you interested in the service of a hacker to get into a phone, facebook account, snapchat, Instagram, yahoo, Whatsapp, get verified on any social network account, increase your followers by any amount, bank wire and bank transfer. Contact him on= hackintechnology@gmail.com +12132951376(WHATSAPP)

    ReplyDelete