Re: Google Hacking

From: GuidoZ (uberguidoz@gmail.com)
Date: Wed Jan 12 2005 - 21:46:52 EST

• Next message: Mambo: "Sample Risk Assessment Report"
• Previous message: Idol Crash: "Re: Google Hacking"
• In reply to: Todd Towles: "RE: Google Hacking"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> That is called a Directory Traversal Attack. You pen-teserst should know
> that. =) It happen that it was a cache of a DTA attack or a DTA attempt
> using the google web redirector to hide his attack.

That it is. Besides someone using the Goolge cache to mask their
attack, it could be that Google simply found a list of links and
indexed it, maybe like this:

http://216.239.63.104/search?q=cache:dO7rOHi7VFIJ:www.callawaygolf.com

=)

--
Peace. ~G
On Wed, 12 Jan 2005 13:50:09 -0600, Todd Towles
<toddtowles@brookshires.com> wrote:
> That is called a Directory Traversal Attack. You pen-teserst should know
> that. =) It happen that it was a cache of a DTA attack or a DTA attempt
> using the google web redirector to hide his attack.
> 
> > -----Original Message-----
> > From: Da Llorxillo [mailto:dallorx@gmail.com]
> > Sent: Wednesday, January 12, 2005 11:26 AM
> > To: pen-test@securityfocus.com
> > Subject: Re: Google Hacking
> >
> > I think it was a bug of the webpage that u can navigate under
> > the directories using the "../", and someone used it to read
> > the boot.ini file of the server
> >
> > i have found this (look at the end of the page)
> > http://www.google.ca/search?q=cache:dO7rOHi7VFIJ:www.callawayg
> > olf.com/+%22en/CustomerService.aspx%3Fpid%22&hl=en
> >
> > (Srry for my bad english...)
> >
> > On Tue, 11 Jan 2005 13:45:32 -0800 (PST), John Madden
> > <chiwawa999@yahoo.com> wrote:
> > > Hi,
> > >
> > > Googling around i found this.
> > >
> > > [Wrap lines]
> > >
> > >
> > http://www.google.ca/search?q=cache:tG9K6OqlGs8J:www.callawaygolf.com/
> > >
> > en/customerservice.aspx%3Fpid%3D..%255C..%255C..%255C..%255C..%255C..%
> > >
> > 255C..%255C..%255C..%255C..%255Cboot.ini+inurl:www.callawaygolf.com/en
> > > /customerservice.aspx&hl=en
> > >
> > > Is this a form of "Google Cache Poisoning" ?
> > >
> > > If not, what is it ?
> > >
> > > Thanks
> > >
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > The all-new My Yahoo! - What will yours do?
> > > http://my.yahoo.com
> > >
> >
> >
> > --
> >
> >
> > Da Llorx
> >
>

• Next message: Mambo: "Sample Risk Assessment Report"
• Previous message: Idol Crash: "Re: Google Hacking"
• In reply to: Todd Towles: "RE: Google Hacking"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:13 EDT