Just a [in]offensive Google dork
Recently I was creating dorks for some products and I came across “Suntech”. Apparently they sell a product to private companies and governments, this tool is called “VIGIA”, that is used to manage and execute legal interceptions, breaches of telephone confidentiality, tracking the location, among other requirements of the authorities, whenever approved by a law enforcement.
And to my surprise, Google was indexing the panel of several companies that use the product to perform legal interceptions.
Another interesting detail is exposure of product version information and possibility of user enumeration:
What is the risk? The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information or lead to it. A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers or relative:
CWE-548: Exposure of Information Through Directory ListingCWE-359: Exposure of Private Personal Information to an Unauthorized Actor
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Security Misconfiguration is simply defined as failing to implement all the security controls for a server or web application, or implementing the security controls, but doing so with errors. What a company thought of as a safe environment actually has dangerous gaps or mistakes that leave the organization open to risk.
According to the OWASP top 10, this type of misconfiguration is number 6 on the list of critical web application security risks.
Since I’m not allowed to validate the actual risk, I can’t go any further. Anyway, it’s always good to validate if your application is indexing unwanted information on Google or other search engines.
