Warning! Do not try this at home (Could locate embarassing and or interesting information that was not meant for your eyes. And this is utilizing just relatively unsophisticated (and legal) hack techniques)
From: MSN Hacking part 4
rmorril
(Senior Security Engineer) Posted 9/7/2006
Comments (4) | Trackbacks (0)
Part of the continuing series on using MSN as a hacking tool, parts one, two, and three can be found by clicking on the above links. This morning boingboing put out a note on their web site about searching for the phrase confidential "do not distribute" which was highly amusing, so decided to try it in MSN. The search string
http://search.msn.com/results.aspx?q=confidential+%22do+not+distribute%22&FORM=QBHP returned around 15,000 results or a lot less than the 68,000 results from Google, but amusing none the same. Looking up private or confidential information in the web search engines is today's lessons. This is purely an academic exercise and should be used to determine if you have any private or confidential information in the search engines.
Lets build out a strategy where I want to gather spread sheets with telephone numbers in them. So we use phone filetype:xls with the search returns
http://search.msn.com/results.aspx?q=phone+filetype%3Axls&FORM=QBRE 75,000 results. That is way too many so lets narrow it down by adding site:gov to just get government spreadsheets
http://search.msn.com/results.aspx?q=phone+filetype%3Axls+site%3Agov&FORM=QBRE which returns 2,000 which is a much more manageable number of returns to deal with. Narrowing it even further to just the white house returns a handful of results that are more fun fun to play with. The returns for phone filetype:xls site:whitehouse.gov is here.
http://search.msn.com/results.aspx?q=phone+filetype%3Axls+site%3Awhitehouse.gov&FORM=QBNO and we end up with a business analyst that works for the white house but who's registered address is in Auburn NY. We have the name, phone number, address, position that they work in, where they work, and did anyone really want anyone with a browser to find this kind of information? (HINT: Comb your web based systems looking for this kind of information before every stalker on the planet figures this one out).
Moving away from the white house, lets look at the National Institutes of Health and see what we can find there by changing site:whitehouse.gov to site:nih.gov. There are 13 results in the list that can be informational as to who is doing what at NIH.
http://search.msn.com/results.aspx?q=phone+filetype%3Axls+site%3Anih.gov&FORM=QBRE Changing keywords from phone to budget gives us 22 results.
http://search.msn.com/results.aspx?q=budget+filetype%3Axls+site%3Anih.gov&FORM=QBNOChanging the keywords from budget to travel gives us 16 results.
http://search.msn.com/results.aspx?q=travel+filetype%3Axls+site%3Anih.gov&FORM=QBRE So much like Google when narrowing down the search sting to meaningful data that can then otherwise be used it is important to keep the results small so that the data set is not so huge that it is meaningless. That is one of the issues with any search engine hacking, is that the data set can be so huge that it is meaningless or more trouble to go through than it is worth in the longer run. There are hundreds of government agencies that have this kind of information available on the internet, so don't think I am just picking on the government, it is not just their issue either. Although confidential "do not distribute" gave very few if any results when dealing with individual government agencies, but a lot when dealing with the internet as a whole.
Again, this is an academic exercise to determine how MSN hacking compares to Google hacking, and should only be used to find your own companies information on the internet to see if there is anything interesting in the MSN search engine that you should know about.
If you have any questions on MSN Hacking feel free to respond to this forum. Remember that this is for educational purposes only, and an effort to assist information security people in using MSN to hack their own web sites and see what the search engine has about them. Google hacking can be found everywhere, MSN hacking is still a burgeoning science that we would all do well to learn.