Skip to main content

BuckHacker: This Search Engine Lets You Find Hackable Servers With Ease


Leaving private data on exposed AWS servers isn’t as rare as you might think. Security researchers and hackers can access such data with ease using appropriate tools. To make this process even easier, some developers have created a tool named BuckHacker, which lets one search for such exposed servers.
In the past, you must have read about Shodan–the hackers’ search engine. BuckHacker is another interesting tool that can be used to test the security measures employed by web servers without any prior expertise in the IT security field.
In an email to Motherboard, the anonymous devs underlined the inspiration behind this project. They aim to increase the security associated with the code repositories and projects. “Too many companies was [sic] hit for having wrong permissions on buckets in the last years,” they added.
This search engine lets one search for hackable servers using bucket name or by filename. Moreover, it also returns entries labeled as “Access Denied” and “The specified bucket does not exist.” This feature can confirm that the target is using Amazon’s services.
It collects bucket names and their index pages. The results are stored in a database, which can be searched later by other users. As per the devs, the project is currently in the early stages of development and it’s pretty unstable.
At the moment, there isn’t any information on BuckHacker’s launch or any other related details. In case we come across more relevant information, we’ll be updating this article. Stay tuned.
YOU MAY ALSO LIKE :
Download 10 Best Android Hacking Apps for Android Mobile
Labels:
Location: United States

Comments

Post a Comment

Popular posts from this blog

[Guide] How to Protect Your Devices Against Meltdown and Spectre Attacks

Recently uncovered two huge processor vulnerabilities called Meltdown and Spectre have taken the whole world by storm, while vendors are rushing out to patch the vulnerabilities in its products. The issues apply to all modern processors and affect nearly all operating systems (Windows, Linux, Android, iOS, macOS, FreeBSD, and more), smartphones and other computing devices made in the past 20 years. What are Spectre and Meltdown? We have explained both, Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753, CVE-2017-5715), exploitation techniques in our previous article. In short, Spectre and Meltdown are the names of security vulnerabilities found in many processors from Intel, ARM and AMD that could allow attackers to steal your passwords, encryption keys and other private information. Both attacks abuse 'speculative execution' to access privileged memory—including those allocated for the kernel—from a low privileged user process like a malicious app running...
Post a Comment
Read more

Unlocked phones vs. locked phones: Why you should care

Should you get an unlocked phone? The US wireless market is more competitive than ever, which is great news for consumers who have lots of choices when it comes choosing a service provider. But one barrier still exists when trying to switch carriers: the locked smartphone. The end of wireless contracts marked a watershed trend for consumers because it finally opened the door for them to more easily shop around for alternative wireless carriers. But the software locks that carriers put on phones restricting its use on other networks still prevent many consumers from having total freedom when it comes to choosing a provider. Now Verizon, the only wireless carrier that sold its phones unlocked out of the box, is reversing course. The company  said earlier this week  it would begin locking the phones it sells to consumers for an undetermined period of time, which will prevent them from using a SIM card from another carrier. But Verizon promised it would eventually ...
Post a Comment
Read more

Watch Out! New Cryptocurrency-Mining Android Malware is Spreading Rapidly

Due to the recent surge in cryptocurrency prices, threat actors are increasingly targeting every platform, including IoT, Android, and Windows, with malware that leverages the CPU power of victims' devices to mine cryptocurrency. Just last month, Kaspersky researchers spotted fake antivirus and porn Android apps infected with malware that mines Monero cryptocurrency, launches DDoS attacks, and performs several other malicious tasks, causing the phone's battery to bulge out of its cover. Now, security researchers at Chinese IT security firm Qihoo 360 Netlab  discovered  a new piece of wormable Android malware, dubbed  ADB.Miner , that scans wide-range of IP addresses to find vulnerable devices and infect them to mine digital cryptocurrency. According to the researchers, ADB.Miner is the first Android worm to reuse the scanning code programmed in Mirai—the infamous IoT botnet malware that knocked major Internet companies offline last ...
Post a Comment
Read more