About the author.

Welcome to Aryo Sanjaya

The Log of Aryo Sanjaya Read more...

Just to give you a little bit on info outright, this site is powered by WordPress and the Scary Little theme. Moo.fx is used for javascript transitions, and it all snuggles up nicely in a MySQL bed.

Another Hacking Tools

This is posted on Milis Kampung Gajah a few days ago, about Google Code that has been used as a hacking tool.

You may try it by yourself:

  1. point your browser into: http://google.com/codesearch
  2. enter this query: lang:php file:wp-config user -sample
  3. submit it
  4. see what is returned by the search engine

This phenomenon also happened several years ago, similiar like this, when Google was used as a ‘victim finder’. The hacker only needs to search the terms like “under construction”, “login.asp” or something like that :)

Ok, with or without this ‘feature’, hacker still have the chance to find out a security hole, but with this tool, it will add the list of hacking tools.
The hacker will always search for security hole. Sounds like a nightmare for some system administrators. But with this situation, there will be always a security update, some code fixes, etc.

Bravo Hacker!

October 9, 2006
« Windows Live Messenger Bug
Windows vs. Virus »

Gravatar Icon

2006-10-10 8:33 am
Jauhari

I was try, but why the result like this?

Your search - lang:php file:wp-config user -sample - did not match any documents.

Gravatar Icon

2006-10-10 8:46 am
aryo

Uh oh, it is looks like Google was fix this ‘hole’ :D

The search result should be a list of username and password on the wordpress config file. But you can see the result on Milis Kampung Gajah, that is posted by Jeung Enda ;)

Participate! Leave your comment.