"Google Dork"? Now some website security trivia

[petermeadit]

Did you know that hackers find vulnerable sites by using something called a "Google Dork"? It's a crafted search that exposes websites running a vulnerable theme, plugin or application in the Google search results. A recent example of this is the Ghost theme vulnerability I mentioned above. In the exploit that has been published online, hackers include a Google Dork to find websites running this theme. In the case of Ghost, hackers use the following crafted search to find vulnerable sites:

inurl:wp-content/themes/Ghost/

As you can see the above search yields about 20,000 results, enough to keep a hacker busy probing sites for quite some time.

(Above information taken from media release for the popular WordPress security plugin Wordfence http://www.wordpress.org/plugins/wordfence/)

Had some hacked sites this week and I just dunno, Google Dorks and Ghosts... Geeez!

 

[FirstPageResults]

Google hacking for penetrating testing was a good read back in the day. Loads of advanced search parameters to learn.

In 2008 the infamous hacking group cDc released a program called Googlag Scanner that enabled anyone to scan for vunerabilities on a mass scale (you can get databases of dorks for all types of setups). Was a handy tool for penetration testing (and script kiddies).

Sometimes people use dorks to find vunerable sites, and then post them up on hacking forums for others who are learning to have a go (I've fixed a few sites like this over the years). But in reality the work is mostly automated by bots.

Bottom line is that if you don't update then you're a sitting duck. It's not so much some pimply faced kid you need worry about - It's the criminal gangs that infect sites with malware on a mass scale for profit.

 

[petermeadit]

...Bottom line is that if you don't update then you're a sitting duck. It's not so much some pimply faced kid you need worry about - It's the criminal gangs that infect sites with malware on a mass scale for profit...

Yep agree. Also, no matter how many updates you do, it is hard to stop dumb users. Like users who have weak cPanel passwords and then hand them out via email to every tom dick and harry.

Then they the hosting provider shuts them down for malware on their site, and they then start complaining about the web hosting being poor quality.

This goes back to the old Mechanic and his Customer problem. I mean sure check the water and oil, but don't try and change the coil unless you know what you are doing. Same with DIY webmasters.

 

[FirstPageResults]

Spot on.

I've signed a lot of customers up to a regular maintenace program whereby updates are maintained. Most people sign up, but roughly 20% choose to ignore for what ever reason. Having said that, if you don't sign up, then I don't want you on my server!

Happy to bill at full rate to fix any problems

The new WordPress auto updates are move in the right direction though.