My i-1000th idea to make money online came to me one morning when playing around with Kali tools and gaining access to stuff I shouldn’t have access to. There was a little bit of a moral dilemma that came to play when I thought to myself about the opportunity to see if someone’s password was re-used on other sites when I found 10s 1000s of them in plain text, or create a mailing list to sell like merchandise from lists of 10s 1000s emails on different sites online… but I thought I’d take the whitehat approach and see if I could make people aware of some of their security holes in exchange for the opportunity to sell them security solutions.
#1) Create a pentesting automated script that identifies open databases or other security holes
There’s myriad tools that come to mind to make this process easier, but I found some manipulation of sqlmap and scraping bing results in Python using Scrapy that allowed me to index exposed databases heuristically. I’d target .ca domain names with certain trailing patterns in the Bing results (alas, Google was too tough to scrape and Bing was far easier) using inurl parameters in search.
#2) Penetrate them lightly in a non-offensive manner
I’d save the databases that were penetrated into local files and the resulting logs that had filesize >0 bytes I knew had database names and entry points to find additional info, if I was so inclined.
#3) Scrape contact details for site’s proprietors
Next, I created a like Scrapy script that looked for links on the landing page to other pages on the same domain and scraped email addresses and phone numbers from all associated pages (via RegEx).
#4) Mass mail
MailChimp to the rescue? I’d send them something like ‘your database names are ___ ___ ___ but we didn’t go any further. Anyone else anywhere on the internet with the same freely available tools would have access to all your saved information, like personally identifiable information of your site’s visitors.’
#5) Package outsourced proactive IT security solutions
Create a landing page, sell packages of dedicated time from IT pros (who would have eventually been located overseas at a bargain) and it’s go-time.
Then, after go-time, is time to repeat the process.
What kept me from capitalizing on the internet in such a manner? I’d sent an email to my lawyer and said ‘exactly how exposed would I be to legal action that would damage me with the above plan’ and she wrote back ‘let’s sit down and discuss, but first we’d have to work out our retainer fee’ and at this point in time I was broke as sin — looking for ways to capitalize on Bing Dorks — so I didn’t move forward.
Like what you’ve read? Give me a follow and make sure to watch Hackernoon progress as it moves away from Medium into a new and improved platform for stories exactly like (and far better than) this one!