Penetration Testing mailing list archives
Re: Google getting smarter ?!?!
From: Mariano Nuñez Di Croce <mnunez () cybsec com>
Date: Thu, 03 Feb 2005 15:25:17 -0300
Just a little PoC: inurl: admin.php --> Blocked. inurl: admin.PHP --> Pass inurl:"admin php" --> Pass anything different than .php (for example: .pHp) will work..It seems that Google guys are just searching for predefined strings...not so smart!
------------------------- Mariano Nuñez Di Croce CYBSEC S.A. Security Systems Email: mnunez () cybsec com Tel/Fax: (54-11) 4382-1600 Web: http://www.cybsec.com ------------------------------ William Allsopp wrote:
John, This is almost certainly in response to the recent release of Foundstone's script kiddie tool du jour: Sitedigger 2.0, which would likely have increased this kind of traffic a hundred fold. Google is 'getting smarter' but not to a great degree. For example, you are correct that a search on admin.php will flag, but you can still manipulate the search to get around that. Experiment. However, this is probably the beginning of the end for google hacking and we can expect to see considerably more search filtering being put in place. Regards, WA ---------------------------------------------------- Hi, I noticed today that a simple search in Google using inurl causes Google to display this message when you try to access the second page: =================================================== We're sorry... ... but we can't process your request right now. A computer virus or spyware application is sending us automated requests, and it appears that your computer or network has been <snip>
Current thread:
- Re: Google getting smarter ?!?! William Allsopp (Feb 03)
- Re: Google getting smarter ?!?! Matthew . Dalton (Feb 04)
- Re: Google getting smarter ?!?! Matthew . Dalton (Feb 04)
- Re: Google getting smarter ?!?! Mariano Nuñez Di Croce (Feb 04)
- Re: Google getting smarter ?!?! stonersavant (Feb 04)
- <Possible follow-ups>
- Re: Google getting smarter ?!?! William Allsopp (Feb 04)
- Re: Google getting smarter ?!?! Matthew . Dalton (Feb 04)