Re: Google Hacking

From: GuidoZ (uberguidoz_at_gmail.com)
Date: 01/13/05

  • Next message: Mambo: "Sample Risk Assessment Report" 
    Date: Wed, 12 Jan 2005 18:46:52 -0800
To: Todd Towles <toddtowles@brookshires.com>

    > That is called a Directory Traversal Attack. You pen-teserst should know
    > that. =) It happen that it was a cache of a DTA attack or a DTA attempt
    > using the google web redirector to hide his attack.

    That it is. Besides someone using the Goolge cache to mask their
    attack, it could be that Google simply found a list of links and
    indexed it, maybe like this:

    http://216.239.63.104/search?q=cache:dO7rOHi7VFIJ:www.callawaygolf.com

    =) 

    --
Peace. ~G
On Wed, 12 Jan 2005 13:50:09 -0600, Todd Towles
<toddtowles@brookshires.com> wrote:
> That is called a Directory Traversal Attack. You pen-teserst should know
> that. =) It happen that it was a cache of a DTA attack or a DTA attempt
> using the google web redirector to hide his attack.
> 
> > -----Original Message-----
> > From: Da Llorxillo [mailto:dallorx@gmail.com]
> > Sent: Wednesday, January 12, 2005 11:26 AM
> > To: pen-test@securityfocus.com
> > Subject: Re: Google Hacking
> >
> > I think it was a bug of the webpage that u can navigate under
> > the directories using the "../", and someone used it to read
> > the boot.ini file of the server
> >
> > i have found this (look at the end of the page)
> > http://www.google.ca/search?q=cache:dO7rOHi7VFIJ:www.callawayg
> > olf.com/+%22en/CustomerService.aspx%3Fpid%22&hl=en
> >
> > (Srry for my bad english...)
> >
> > On Tue, 11 Jan 2005 13:45:32 -0800 (PST), John Madden
> > <chiwawa999@yahoo.com> wrote:
> > > Hi,
> > >
> > > Googling around i found this.
> > >
> > > [Wrap lines]
> > >
> > >
> > http://www.google.ca/search?q=cache:tG9K6OqlGs8J:www.callawaygolf.com/
> > >
> > en/customerservice.aspx%3Fpid%3D..%255C..%255C..%255C..%255C..%255C..%
> > >
> > 255C..%255C..%255C..%255C..%255Cboot.ini+inurl:www.callawaygolf.com/en
> > > /customerservice.aspx&hl=en
> > >
> > > Is this a form of "Google Cache Poisoning" ?
> > >
> > > If not, what is it ?
> > >
> > > Thanks
> > >
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > The all-new My Yahoo! - What will yours do?
> > > http://my.yahoo.com
> > >
> >
> >
> > --
> >
> >
> > Da Llorx
> >
>
  • Next message: Mambo: "Sample Risk Assessment Report"

    Relevant Pages

    • RE: Google Hacking
      ... That is called a Directory Traversal Attack. ... You pen-teserst should know ... =) It happen that it was a cache of a DTA attack or a DTA attempt ...
      (Pen-Test)
    • Re: Google Hacking
      ... new to this kind of thing (hopefully I'll learn much more to secure my ... > That is called a Directory Traversal Attack. ... =) It happen that it was a cache of a DTA attack or a DTA attempt ...
      (Pen-Test)
    • cache timing
      ... it's advice that I give to readers on a near-daily basis. ... working area (the cache) on the machine... ... A variation on such an attack has been used to break otherwise ... watch the cache on that server for other people's data. ...
      (alt.comp.anti-virus)
    • Re: Hyper-Threading Vulnerability
      ... > would fit in the cache and the cpu designers would allow cache ... For me it is not even clear it is a real attack on native Linux, ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: Dont use S-boxes!
      ... >>You have an inaccurate mental model of the computer's cache. ... the same inaccurate model appears in previous papers on ... At first I said the same thing since his attack doesn't work [as ...
      (sci.crypt)