In this article, we will explain how anyone — and not just information technology experts — can find and access security cameras, passwords, system logs and other databases that were meant to be secret.
Before proceeding further, it is important to consider that performing the actions described in this article may or may not be illegal based on your local legislation. This information is being divulged to convey the importance of network security and educate the readers.
What Happened: Scanning networks, which include the internet itself, is one of the most common ways to find vulnerabilities and access data and services that were not meant to be accessible.
Traditionally it would be done from a command line with a tool like Nmap, but another well-known way to find this kind of weakness is by leveraging Google, a company that kindly scans the whole internet and indexes its findings doing most of the work for us.
See Also: Why Exchanging Financial Information Via Email Is So Risky – And How It's Gotten Worse
This kind of usage of Alphabet Inc.'s GOOG GOOGL search engine is usually called "Google Dorking" — dorks, a word describing "a contemptible, socially inept person" and in this case, referring to whoever managed to misconfigure the services you find with this technique. This approach leverages very specific search queries that use Google modifiers to find data that should have been private, but due to misconfiguration is public.
How To Do It: One example is searching for "allintext:username filetype:.env," which limits our results to only text files with the .env extension and searches for the word "username" in their content. This kind of search tends to find configuration files that contain usernames and passwords of external services such as emails or databases, often very secure and long alphanumerical passwords that would have been quite safe if they were not broadcasted in plain text for the whole world to see.
A much more unsettling example is the search query "intitle:"webcamXP 5"" which tells Google to only return results that contain exactly "webcamXP 5" in their title — this being the default title of the video feed page of a certain family of security camera products. This query returns ips and dynamic domain name service addresses that broadcast a video feed of a security camera for the whole world to see, with some particularly worrying instances showing a school's computer room or inside private properties.
This is particularly concerning when we consider that for those IP cameras to be exposed the network must have been so grossly misconfigured that one can only wonder what vulnerabilities some sensitive targets such as schools and airports may have. Other than a few instances such as the Pajala Airport in Sweden willingly broadcasting images from a security camera for the world to see, security cameras are usually meant to be private and hidden behind authentication or a firewall.
There are many more possible Google searches that tend to turn up data that is public but in many cases was not meant to be accessible, so many in fact that the Google Hacking Database lists over 7,500 Dorking search queries. The takeaway is to select whoever sets up your security cameras or other networking equipment well, since they may let prying eyes into your home or allow anyone to read your website administration credentials — among other things.
Read Next: Tesla To Face Safety Trial For December 2020 Seoul Crash That Killed South Korean President's Friend
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.