Penetration Testing mailing list archives

RE: Google Hacking

From: "Todd Towles" <toddtowles () brookshires com>
Date: Wed, 12 Jan 2005 13:50:09 -0600

That is called a Directory Traversal Attack. You pen-teserst should know
that. =) It happen that it was a cache of a DTA attack or a DTA attempt
using the google web redirector to hide his attack.

-----Original Message-----
From: Da Llorxillo [mailto:dallorx () gmail com] 
Sent: Wednesday, January 12, 2005 11:26 AM
To: pen-test () securityfocus com
Subject: Re: Google Hacking

I think it was a bug of the webpage that u can navigate under 
the directories using the "../", and someone used it to read 
the boot.ini file of the server

i have found this (look at the end of the page) 
http://www.google.ca/search?q=cache:dO7rOHi7VFIJ:www.callawayg
olf.com/+%22en/CustomerService.aspx%3Fpid%22&hl=en

(Srry for my bad english...)

On Tue, 11 Jan 2005 13:45:32 -0800 (PST), John Madden 
<chiwawa999 () yahoo com> wrote:

Hi,

Googling around i found this.

[Wrap lines]

http://www.google.ca/search?q=cache:tG9K6OqlGs8J:www.callawaygolf.com/

en/customerservice.aspx%3Fpid%3D..%255C..%255C..%255C..%255C..%255C..%

255C..%255C..%255C..%255C..%255Cboot.ini+inurl:www.callawaygolf.com/en

/customerservice.aspx&hl=en

Is this a form of "Google Cache Poisoning" ?

If not, what is it ?

Thanks


__________________________________
Do you Yahoo!?
The all-new My Yahoo! - What will yours do?
http://my.yahoo.com



-- 


Da Llorx

Current thread:

Google Hacking John Madden (Jan 11)
- Re: Google Hacking Da Llorxillo (Jan 12)
- <Possible follow-ups>
- RE: Google Hacking Todd Towles (Jan 12)
  - Re: Google Hacking Idol Crash (Jan 13)
  - Re: Google Hacking GuidoZ (Jan 13)