RE: false positive in Wikto Google Hacking

From: Sergi Rosello (sergi_75@yahoo.es)
Date: Wed Sep 12 2007 - 04:05:40 EDT


I don`t know about the logic of Wikto's Googlehack.
But I know (in general terms, not only Googlehack)
nikto-wikto is the king of false positive...

Don`t worry, be happy ....

--- Rick Zhong <sagiko@gmail.com> escribió:

> Hi,
> I am currently doing some testing using
> Wikto(v2.0.2778.19003)
> Googlehacks with Aura(0.0.1). I found that it gave a
> lot of false
> positive for Google queries (retrieved from Aura
> log) in following
> format:
>
> site:www.targeturl.com "# Dumping data for table"
> site:www.targeturl.com "# phpMyAdmin MySQL-Dump"
> filetype:txt
> site:www.targeturl.com "# Dumping data for table
> (username|user|users|password)"
> ...
>
> When i use these query in the current
> www.google.com, it does not
> return any results. Is there any explanation for
> this? Also is there
> any document to show the actual logic of Wikto's
> Googlehack when it
> analysis the search results? Thank you.
>
> regards,
> Rick
>
>
------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE
> today!
>
> http://www.cenzic.com/downloads
>
------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------------------------------------------------------------
    Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración. ------------------------------------------------------------------------------------------------------------------------------------

      ______________________________________________
Sé un Mejor Viajero
¿Quieres saber cómo? ¡Deja que otras personas te ayuden!
http://advision.webevents.yahoo.com/reto/viaje.html

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:06 EDT