18 Jan Part 1: Introduction to dorking technique
There are several potential employees that a malicious actor could target in an organisation, but what if this was a developer?
Developers have played an essential part in business, and even more so in the future. They generally have quite a significant amount of access within an organisation. For example, they would typically have access to the organisation’s infrastructure as well as other third-party services such as version control platforms. If a malicious actor was to target them and succeed, then this could cause a great deal of damage to the organisation.
So, how could a developer be hacked? Well, being a human, just like you and me, there is the initial factor of the potential of being Socially Engineered. However, for now, I wanted to touch upon something else, which could be quite valuable and is quite simple to perform. What if a malicious actor only required very little information and the use of a search box, how could this be a problem? Well, there is a technique known as ‘Dorking’.
Dorking essentially means using a service’s advanced search feature to discover any sensitive information. As this uses a service’s search feature and doesn’t interact with any of the organisation’s infrastructure, this is a passive activity. This technique was initially discovered and well known with a particular search engine. However, this ability now works on other services, in this case, version control platforms. If public repositories are in use, they can then be searched through to find any sensitive information, even if unintentionally. Such information could be a developer’s credentials, tokens or SSH keys, for example.
Anyone in an organisation could have access to version control platforms used inside the organisation. However, the employees who are the prime candidates for using them are developers. So, there should be a check made before commits are made.
In the next part of this series we will examine some examples of dorking.