Penetration Testing mailing list archives

RE: false positive in Wikto Google Hacking

From: Sergi Rosello <sergi_75 () yahoo es>
Date: Wed, 12 Sep 2007 10:05:40 +0200 (CEST)


I don`t know about the logic of Wikto's Googlehack. 
But I know (in general terms, not only Googlehack)
nikto-wikto is the king of false positive...

Don`t worry, be happy ....

--- Rick Zhong <sagiko () gmail com> escribió:

Hi,
I am currently doing some testing using
Wikto(v2.0.2778.19003)
Googlehacks with Aura(0.0.1). I found that it gave a
lot of false
positive for Google queries (retrieved from Aura
log) in following
format:

site:www.targeturl.com "# Dumping data for table"
site:www.targeturl.com "# phpMyAdmin MySQL-Dump"
filetype:txt
site:www.targeturl.com "# Dumping data for table
(username|user|users|password)"
...

When i use these query in the current
www.google.com, it does not
return any results. Is there any explanation for
this? Also is there
any document to show the actual logic of Wikto's
Googlehack when it
analysis the search results? Thank you.

regards,
Rick

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE
today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------



------------------------------------------------------------------------------------------------------------------------------------
    Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del 
destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de 
cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al 
remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración.   
------------------------------------------------------------------------------------------------------------------------------------


      ______________________________________________ 
Sé un Mejor Viajero                                      
¿Quieres saber cómo? ¡Deja que otras personas te ayuden!
http://advision.webevents.yahoo.com/reto/viaje.html

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

false positive in Wikto Google Hacking Rick Zhong (Sep 11)
- RE: false positive in Wikto Google Hacking Sergi Rosello (Sep 12)
- <Possible follow-ups>
- Re: RE: false positive in Wikto Google Hacking lovewadhwa (Sep 19)