Re: Google Hacking

[Idol Crash <idolcrash () gmail com>]

The problem, however, is that many of us (including myself) are very
new to this kind of thing (hopefully I'll learn much more to secure my
network) ;)


On Wed, 12 Jan 2005 13:50:09 -0600, Todd Towles
<toddtowles () brookshires com> wrote:
> That is called a Directory Traversal Attack. You pen-teserst should know
> that. =) It happen that it was a cache of a DTA attack or a DTA attempt
> using the google web redirector to hide his attack.
>
> > -----Original Message-----
> > From: Da Llorxillo [mailto:dallorx () gmail com]
> > Sent: Wednesday, January 12, 2005 11:26 AM
> > To: pen-test () securityfocus com
> > Subject: Re: Google Hacking
> >
> > I think it was a bug of the webpage that u can navigate under
> > the directories using the "../", and someone used it to read
> > the boot.ini file of the server
> >
> > i have found this (look at the end of the page)
> > http://www.google.ca/search?q=cache:dO7rOHi7VFIJ:www.callawayg
> > olf.com/+%22en/CustomerService.aspx%3Fpid%22&hl=en
> >
> > (Srry for my bad english...)
> >
> > On Tue, 11 Jan 2005 13:45:32 -0800 (PST), John Madden
> > <chiwawa999 () yahoo com> wrote:
> > > Hi,
> > >
> > > Googling around i found this.
> > >
> > > [Wrap lines]
> > http://www.google.ca/search?q=cache:tG9K6OqlGs8J:www.callawaygolf.com/
> > >
> > en/customerservice.aspx%3Fpid%3D..%255C..%255C..%255C..%255C..%255C..%
> > >
> > 255C..%255C..%255C..%255C..%255Cboot.ini+inurl:www.callawaygolf.com/en
> > > /customerservice.aspx&hl=en
> > >
> > > Is this a form of "Google Cache Poisoning" ?
> > >
> > > If not, what is it ?
> > >
> > > Thanks
> > >
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > The all-new My Yahoo! - What will yours do?
> > > http://my.yahoo.com
> >
> >
> > --
> >
> >
> > Da Llorx