RE: false positive in Wikto Google Hacking

From: Sergi Rosello <sergi_75@xxxxxxxx>
Date: Wed, 12 Sep 2007 10:05:40 +0200 (CEST)

I don`t know about the logic of Wikto's Googlehack.
But I know (in general terms, not only Googlehack)
nikto-wikto is the king of false positive...

Don`t worry, be happy ....

--- Rick Zhong <sagiko@xxxxxxxxx> escribió:

Hi,
I am currently doing some testing using
Wikto(v2.0.2778.19003)
Googlehacks with Aura(0.0.1). I found that it gave a
lot of false
positive for Google queries (retrieved from Aura
log) in following
format:

site:www.targeturl.com "# Dumping data for table"
site:www.targeturl.com "# phpMyAdmin MySQL-Dump"
filetype:txt
site:www.targeturl.com "# Dumping data for table
(username|user|users|password)"
...

When i use these query in the current
www.google.com, it does not
return any results. Is there any explanation for
this? Also is there
any document to show the actual logic of Wikto's
Googlehack when it
analysis the search results? Thank you.

regards,
Rick

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE
today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------

------------------------------------------------------------------------------------------------------------------------------------
Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración. ------------------------------------------------------------------------------------------------------------------------------------

______________________________________________
Sé un Mejor Viajero
¿Quieres saber cómo? ¡Deja que otras personas te ayuden!
http://advision.webevents.yahoo.com/reto/viaje.html

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

References:
- false positive in Wikto Google Hacking
  - From: Rick Zhong

Prev by Date: false positive in Wikto Google Hacking
Next by Date: Wiping Solaris Servers
Previous by thread: false positive in Wikto Google Hacking
Next by thread: Re: RE: false positive in Wikto Google Hacking
Index(es):
- Date
- Thread

Relevant Pages

RE: Block OS Detection
... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
(Pen-Test)
Re: Astalavista?
... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
(Pen-Test)
Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny
... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
(Pen-Test)
Re: Security Grade
... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
(Pen-Test)
Re: Gear
... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
(Pen-Test)