The Wayback Machine is a non-profit organization that archives as many websites on the internet as possible, starting from 1996 to present. The Wayback Machine will take several snapshots of a website throughout the course of its existence. The company doesn’t just take snapshots of your website, but will make a copy of it, take screenshots and archive any downloadable material; like books, software and images from your website. The Wayback machine has over 334 billion web pages archived in its databases.
Well, a company’s obligation to maintain the history of the internet and everything accessible through it could lead to mischief. Though this is a great idea, this type of information can be used in good ways as well as bad ways. Let’s focus on the daunting bad ways.
Websites go through several revisions over the years. These revisions may include; content, name, code, style and location. These types of revisions can be extremely useful to an attacker with malicious intent.
The Wayback Machine could be used for the following:
- Get an idea of how often a website maybe updated
- History of the source code of a website
- Obtain old links and subdomains
- Obtain email addresses
- Obtain a list of old employees
Sounds harmless doesn’t it. Below is a scenario were the Wayback Machine could come in handy for an attacker gathering information about your company. Information gathering is a step that’s taken before an initial attack occurs.
Company XYZ restructured there internal infrastructure at their main headquarters. The restructuring including outsourcing some of the services and moving the company website and web applications to a data-center or third party hosting company. The revamp was successfully completed in 2016. Before the restructuring, all services, websites and web applications were host in-house at the main headquarters of the company.
The hacker comes across company XYZ’s website. The hacker analyses the contents of the website and notices that the company is not hosting any of its websites and web applications in-house. The hacker was able to determine this by checking all web URL’s on the website, which were being hosted on IP addresses owned by a third party. After reviewing the “About” page on the website, the hacker discovers that the company has been in business since 2001. In this era it was common for companies to host their own websites and services to save money. The hacker knows this and goes to the Wayback Machine to check out previous versions of the website. The hacker finds out that from 2015 and earlier the company hosted its website in-house. The hacker was able to obtain this information, by finding old links and sub-domains in the source code of the previous versions of the website. The company XYZ never updated their public DNS records and the hacker was able to easily obtain the public IP addresses of the links and sub-domains discovered. The hacker formerly runs the IP addresses through a “Whois” search and obtains company XYZ’s old public IP range. Using the ping command the hacker discovers that several of the IP addresses are still active. The hacker visits the IP addresses through a web browser and was able to location the companies Cisco router, Juniper VPN device and several test and dev websites.
You can guess where it goes from there. The Wayback Machine archiving websites is a very handy tool for a malicious hacker. Not all scenarios are like this one, but many are. The Wayback Machine can be accessed at https://archive.org/web/. All you have to do is simply type in any website and click the version in time from the calendar to view the website. The Wayback Machine also allows you to download a copy of the website as well.
OUR SECURITY SERVICES INCLUDE:
- Risk Assessments
- Penetration Testing
- Web Application Testing
- Security Awareness Training
- Managed SIEM
- Managed Security Services (MSSP)
- Security Consulting