I am so bored today so i played a little with the GHDB from exploit-db.com and modified some searches for a better use and “unique” results.
I know it since Johnny from hackersforcharity.org release it on his site but i never spent so much enthusiasm for it.
And yes!, that gives me a “little” fun and provide a good way to waste my time!
Its amazing how easy people can “gain access” (im not sure whether we can tell GHDB using = hacking) to random targets with the GHDB!
I was little crazy when i saw this and i was thinking about…
“Guys”, whats wrong with “you”. How shamefully that “you“ can get owned by Google searches.
How “you” can store / leave files containing passwords and other sensitive data on “your“ servers? And how “you“ can leave it accessible by google bots and web guests?…
Is the web not unsafe enough without this issue?
I not wondering about such stuff. It´s always the same so i thought this is not so special. But after a short time it became unbelievable for me!, because i found also sensitive data like ftp/ssh/vnc/rdp/… accounts from famous companies, to get access to shops with a lot of credit card information and also direct access to private computers with static ips or dyndns from developers/administrators managing hundreds of servers, backup servers of different companies including source codes from commercial software and also access data for servers from organisations like:
Different IT Service and Security companies *cough* that providing enterprise and gov. solutions.
A little list of clients/partners of some target IT companies: (Domain only for privacy)
and a lot more…
Puh, people don´t wondering why/how different “big” companies and systems got owned all the time if they work with such firms…
The funny part was -> Reporting the issues to the people behind a target was more hard than get access to their resources!
I was wondering about this that I really needed more time to find a way to contact the people behind targets
So what i can say?…
Nobody is perfect. We are just humans.
And my mother want me clean my room and this break my creativity.
And my teacher tell me a lot of crap and mostly i believe him.
And three days of coding without sleep results fails.
And i read stupid magazines about security.
And hey i just finish my study and learned to be successful from people who not successful.
And and and…
So, it seems im about to get crazy! I must see how the people that “maybe could be more safe” release all data need to get hacked for public… An open door for everybody!
Lets write a new book guys!
Hacking with GBDB for Dummies – Fun Cover
I do all this today to waste my time and for feeling better… I think i was not fully successfully
I wasted my time, but im not happy!
So, what i have in my mind now:
Holes, bugs, github, fails, ghdb, open source, gpl, cve, hackers, ddos, missconfiguration, foreign codes, bad coders, good coders, bad work, good work, svn, hackernews, metasploit, sf.net… And all goes in and out and around my head!!!
And if this is not enough for me! -> I was just on finishing this post and then must see this:
Whats wrong with the security and the people?…
I have to drink a beer now…