Google Hacked... by Google?
Google Hacking is the popular sport of using Google's giant cache and index to discover files or applications that the administrators might not have realized were public. There are whole databases (Johnny Long maintains the most well known) that track...
May 29, 2007
Google Hacking is the popular sport of using Google's giant cache and index to discover files or applications that the administrators might not have realized were public. There are whole databases (Johnny Long maintains the most well known) that track fun search phrases to use, but it looks like Google themselves may have been bitten. It appears that an internal application used to remove urls from the public search was accidentally made public. Even worse, the original discoverer of the link found that other sensitive files could be found right from the same URL, including database connection information and passwords.
Obviously the database in question is not the massive database that must drive the main search engine, however, it does highlight how difficult it can be to protect yourself from accidentally exposing internal applications.
For reference, at the time of this writing, (it might disappear in the future), the google link above returns as its first result:
google remove url - 10:15amservices.google.com:8882/urlconsole/controller - Similar pages
Thanks Jeremiah for pointing this out.
Read more about:
2007You May Also Like