[Owasp-board] [Owasp-google-hacking] Google hacking code
Paulo Coimbra
paulo.coimbra at owasp.org
Tue Jul 20 11:42:02 UTC 2010
Brad et al,
As mentioned before, I am on the process of drafting an inquiry methodology
for Boards and GPCs approval but I am progressing very slowly. For one
thing, the benchmarking Ive been intensively doing has hardly produced any
helpful result. For another, my lack of proper juridical knowledge, the
destructive potential of this issue and the need to devising a general
methodology that can be used in the future to deal with other similar
matters are also slowing down my progress. In addition, as I always need to
keep myself answering to my other OWASP calls, I have been unable to
allocate all my time to sort this out.
However, I still think that I can come up with something for your review. I
will of course keep you updated.
Having said this, if you have in mind an alternative approach to produce a
frame to solve this issue, please let me know. I will be more than happy to
assist in any possible way.
Thanks,
Paulo Coimbra,
<https://www.owasp.org/index.php/Main_Page> OWASP Project Manager
From: Brad Empeigne [mailto:brad.empeigne at gmail.com]
Sent: terça-feira, 20 de Julho de 2010 05:01
To: Paulo Coimbra; dinis cruz
Subject: Fwd: [Owasp-google-hacking] Google hacking code
Hi Paulo and Dinis, has there been any progress on the investigation?
I appreciate that Christian has now released the code and all (and also his
TIT code), but at the same time I don't feel impressed that it took a month
of debating and arm twisting, not to mention the work was so disappointing
to see in the end. I would be interested to hear how the enquiry has gone
from your end so far and when you think it may be complete? Thanks.
-- Brad
---------- Forwarded message ----------
From: Christian Heinrich <christian.heinrich at owasp.org>
Date: Sun, Jul 11, 2010 at 12:35 PM
Subject: Re: [Owasp-google-hacking] Google hacking code
To: Brad Empeigne <brad.empeigne at gmail.com>
Cc: owasp-google-hacking at lists.owasp.org
Brad,
The "Post Google SOAP Search API Deprecation Release" is now available i.e.
http://code.google.com/p/dic/source/browse/trunk/dic.pl
You will be violating Google's Term of Service if you execute this release
post
http://googlecode.blogspot.com/2009/08/well-earned-retirement-for-soap-searc
h.html
even in light of a valid SOAP Search API Key.
As I stated before Sensepost's Aura does not support doGetCachedPage SOAP
Message but it should execute without any errors excluding that multiple
warnings are now displayed e.g.
<quote>
$ ./dic.pl -key "demo" -query "site:owasp.org" -wsdl "./GoogleSearch.wsdl"
-start 80
"Download Indexed Cache" Proof of Concept (PoC) v0.2 (Post Google SOAP
Search API Deprecation Release)
Copyright 2008, 2009 Christian Heinrich
Licensed under the Apache License, Version 2.0
WARNING: You are violating Google's Terms of Service if you execute this
post
http://googlecode.blogspot.com/2009/08/well-earned-retirement-for-soap-searc
h.html
Appending ./siteowasp.org/dic
Downloading http://www.owasp.org/ from Google Cache [0k] as 80.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org/download/ from Google Cache [0k] as 81.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org:443/ from Google Cache [0k] as 82.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading
http://www.owasp.org/images/3/33/Schwachstellen_in_SAP_Web_Anwendungen.pdf
from Google Cache [0k] as 83.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org/index.php/Cincinnati from Google Cache [0k]
as 84.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org/index.php/Malaysia from Google Cache [0k]
as 85.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org/index.php/AppSensor_DetectionPoints
from Google Cache [0k] as 86.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org/index.php/San_Antonio from Google Cache
[0k] as 87.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009
from Google Cache [0k] as 88.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
Downloading http://www.owasp.org/index.php/Testing_Guide_Introduction
from Google Cache [0k] as 89.html
WARNING: Sensepost's Aura does not support doGetCachedPage SOAP Message
</quote>
I finalizing the (PoC) v0.2 Post Google SOAP Search API Deprecation Release
for download from http://code.google.com/p/dic/downloads/list
at the moment - this should be available shortly.
Please let me know if you need any further information or assistance?
On Fri, Jun 11, 2010 at 10:36 AM, Brad Empeigne <brad.empeigne at gmail.com>
wrote:
> Hi everyone, as advised I am emailing the google hacking mailing list.
> As far as I understand the repository was taken offline due to the
> Google SOAP API becoming end of life. However if the project is still
> active I believe the code should be public so others can learn and
> help contribute to add functionality and get it working with something
> like Aura. Is anyone able to share the code? Thanks for your time.
>
> --Brad
> _______________________________________________
> Owasp-google-hacking mailing list
> Owasp-google-hacking at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-google-hacking
>
--
Regards,
Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100720/b5b0920d/attachment-0002.html>
More information about the Owasp-board
mailing list