From: Todd Towles (toddtowles@brookshires.com)
Date: Wed Jan 12 2005 - 14:50:09 EST
That is called a Directory Traversal Attack. You pen-teserst should know
that. =) It happen that it was a cache of a DTA attack or a DTA attempt
using the google web redirector to hide his attack.
> -----Original Message-----
> From: Da Llorxillo [mailto:dallorx@gmail.com]
> Sent: Wednesday, January 12, 2005 11:26 AM
> To: pen-test@securityfocus.com
> Subject: Re: Google Hacking
>
> I think it was a bug of the webpage that u can navigate under
> the directories using the "../", and someone used it to read
> the boot.ini file of the server
>
> i have found this (look at the end of the page)
> http://www.google.ca/search?q=cache:dO7rOHi7VFIJ:www.callawayg
> olf.com/+%22en/CustomerService.aspx%3Fpid%22&hl=en
>
> (Srry for my bad english...)
>
> On Tue, 11 Jan 2005 13:45:32 -0800 (PST), John Madden
> <chiwawa999@yahoo.com> wrote:
> > Hi,
> >
> > Googling around i found this.
> >
> > [Wrap lines]
> >
> >
> http://www.google.ca/search?q=cache:tG9K6OqlGs8J:www.callawaygolf.com/
> >
> en/customerservice.aspx%3Fpid%3D..%255C..%255C..%255C..%255C..%255C..%
> >
> 255C..%255C..%255C..%255C..%255Cboot.ini+inurl:www.callawaygolf.com/en
> > /customerservice.aspx&hl=en
> >
> > Is this a form of "Google Cache Poisoning" ?
> >
> > If not, what is it ?
> >
> > Thanks
> >
> >
> > __________________________________
> > Do you Yahoo!?
> > The all-new My Yahoo! - What will yours do?
> > http://my.yahoo.com
> >
>
>
> --
>
>
> Da Llorx
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:13 EDT