Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.
The Google Hacking Database is located at http://johnny.ihackstuff.com . More information about Google hacking can be found on: http://www.informit.com/articles/article.asp?p=170880&rl=1
What a hacker can do if your site is vulnerable
Information that the Google Hacking Database identifies:
Advisories and server vulnerabilities
Error messages that contain too much information
Files containing passwords
Sensitive directories
Pages containing logon portals
Pages containing network or vulnerability data such as firewall logs.
There is only one solution to this. Study the logic of Google Hacking, and remove all pages that contain information vulnearable to GoogleHacking.
Friday, December 14, 2007
GOOGLE INJECTION
Subscribe to:
Post Comments (Atom)
3 comments:
bhaiyaa the thes u mentiond abve r not working properly....i've an ebook clld "dangerous secrets of google searching" in which all the screts r given regarding this topis!! byee
hi bhaiyaa....d links u mentioned above r nt working properly.i've an ebook clld "dangerous secrets of google searching" which is regarding the same topic..bye
Hi Mayank,
Since past 2 years (when I added this post), many things have been updated at Google. They have now stopped several vulnerabilities. It is possible that the link has now become inactive as Google might have raised legal objections or there is a possibility that these hacks were no longer valid.
But nevertheless, more loop-holes have popped up. So let's find find them out. I will keep posting here.
:)
Post a Comment