Penetration Testing mailing list archives
RE: false positive in Wikto Google Hacking
From: Sergi Rosello <sergi_75 () yahoo es>
Date: Wed, 12 Sep 2007 10:05:40 +0200 (CEST)
I don`t know about the logic of Wikto's Googlehack. But I know (in general terms, not only Googlehack) nikto-wikto is the king of false positive... Don`t worry, be happy .... --- Rick Zhong <sagiko () gmail com> escribió:
Hi, I am currently doing some testing using Wikto(v2.0.2778.19003) Googlehacks with Aura(0.0.1). I found that it gave a lot of false positive for Google queries (retrieved from Aura log) in following format: site:www.targeturl.com "# Dumping data for table" site:www.targeturl.com "# phpMyAdmin MySQL-Dump" filetype:txt site:www.targeturl.com "# Dumping data for table (username|user|users|password)" ... When i use these query in the current www.google.com, it does not return any results. Is there any explanation for this? Also is there any document to show the actual logic of Wikto's Googlehack when it analysis the search results? Thank you. regards, Rick
------------------------------------------------------------------------
This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------ Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración. ------------------------------------------------------------------------------------------------------------------------------------ ______________________________________________ Sé un Mejor Viajero ¿Quieres saber cómo? ¡Deja que otras personas te ayuden! http://advision.webevents.yahoo.com/reto/viaje.html ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- false positive in Wikto Google Hacking Rick Zhong (Sep 11)
- RE: false positive in Wikto Google Hacking Sergi Rosello (Sep 12)
- <Possible follow-ups>
- Re: RE: false positive in Wikto Google Hacking lovewadhwa (Sep 19)