Another Hacking Tools

2 Comments
Posted 09 Oct 2006 in Blog

This is posted on Milis Kampung Gajah a few days ago, about Google Code that has been used as a hacking tool.

You may try it by yourself:

  1. point your browser into: http://google.com/codesearch
  2. enter this query: lang:php file:wp-config user -sample
  3. submit it
  4. see what is returned by the search engine

This phenomenon also happened several years ago, similiar like this, when Google was used as a ‘victim finder’. The hacker only needs to search the terms like “under construction”, “login.asp” or something like that :)

Ok, with or without this ‘feature’, hacker still have the chance to find out a security hole, but with this tool, it will add the list of hacking tools.
The hacker will always search for security hole. Sounds like a nightmare for some system administrators. But with this situation, there will be always a security update, some code fixes, etc.

Bravo Hacker!


2 Comments

  1. I was try, but why the result like this?

    Your search – lang:php file:wp-config user -sample – did not match any documents.

    Reply
  2. Uh oh, it is looks like Google was fix this ‘hole’ :D

    The search result should be a list of username and password on the wordpress config file. But you can see the result on Milis Kampung Gajah, that is posted by Jeung Enda ;)

    Reply


Add Your Comment