Hackers turn to Google to find weakest links
Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Hackers turn to Google to find weakest links

  1. #1
    Banned
    Join Date
    Apr 2003
    Posts
    3,839

    Hackers turn to Google to find weakest links

    Computer hackers have adopted a startling strategy in their attempts to break into websites. By using the popular search engine Google, they do not have to visit a site to plan an attack. Instead, they can get all the information they need from Google's cached versions of web pages, say experts in the US.
    http://www.newscientist.com/news/news.jsp?id=ns99994002

  2. #2
    Senior Member DeadAddict's Avatar
    Join Date
    Jun 2003
    Posts
    2,583
    Hehe this is no surprise since google is the best search engine to use to find anything on the web. I bet they are working really fast to fix those loopholes

  3. #3
    T3h Ch3F
    Join Date
    Sep 2001
    Posts
    718

    Interesting

    Alas many times the information directly relevant to the search is found in Cache. This is the only way searches can reveal information specific to the search itself. Damn that's alomst a toung twister. Another Ramble by Galdron.

    Catch 22 if you ask me. The good outways the evil in this case.



    P:

    Good info MEM.

  4. #4
    Junior Member
    Join Date
    Jul 2003
    Posts
    8
    Well hole or no hole I like google
    --
    Jared

  5. #5
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    A tutorial I read on how to use Google to find such 'holes' gave clear note that it is not a flaw within Google itself that these pages/documents can be found, rather a mistake in those configuring the webserver. Even in the link MemorY posted it is mentioned 'faulty software implementation' at some point, in regards to this. If such a link is publicly available, it means someone, somewhere, didn't do his/her job quite as he/she should have.

    For those having a webserver or testing ones security, the tutorial I mentioned can be found at

    http://neworder.box.sk/newsread.php?newsid=8203

    I am aware the Box.sk network is viewed by many as a hacker's resource, but I hope I need not explain again one cannot be good at protecting a site [website or other internet-connected machine] if one is not up2date with what the possibilities are for someone to 'own' you. This tutorial explains the search features Google has to offer and a theoretical approach at getting that info through the engine. Hope it helps you to protect whatever you have to protect, and readers will be mature enough not to use it as anything else but an informational resource.

    cheers!
    /\\

  6. #6
    Senior Member
    Join Date
    Mar 2002
    Location
    Snohomish WA
    Posts
    315
    Hi all-
    I wish I could find it...I learned about the availability of information from cached pages here in a google tutorial.
    I remember the post saying to hurry up and use it before it was no longer available.
    Faqt


    If you want to make God laugh....make plans.

  7. #7
    Senior Member
    Join Date
    Apr 2002
    Posts
    712
    Hmmm, no offense, but were hypronix and memorY the only ones to really read that article? It doesn't mean that you should like Google any less, or it's "something you should use while it's still available" or anything like that..

    The basic point was that this really isn't a hole in google, but a means that people are using google to find holes in webservers or web apps... and because of google's cache (not to mention many others out there), it enables hackers to find information that's no longer accessible on the site (perhaps being long-since patched, removed, etc) but perhaps still pertinent to the security of the site... hell, it even enables people to easily find things buried within the comments on a page but perhaps not clearly displayed in the browser -- search engines can be a very powerful tool (somewhat evident by the large number of "just use google" posts along with the many tutorials on the very same subject). And, of course, with anything so useful, they're often employed for both good and bad purposes...

    So, this really isn't "something for Google to fix" (as there are many legitimate reasons for people to post things that might look very similar to "useful information" (as we used to call it) but not really have it fall under this sort of category). It's just one thing that any decent "hacker" does while enumerating a site, anyway, if you ask me...

    Just my $0.02...
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  8. #8
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    stupi h4x0r(s) ,

    -because of stuff like this... Google will now be less effective...
    yeah, I\'m gonna need that by friday...

  9. #9
    Senior Member
    Join Date
    Apr 2002
    Posts
    712
    Personally, I always like google's hacker page:

    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  10. #10
    Junior Member
    Join Date
    Jul 2003
    Posts
    2
    I agree that google is the best search engine but, who's responsibility is it to keep the sight secure, If not google?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •