Found a very very cool Internet site:
johnny.ihackstuff.com - this site has a huge list of so-called "Google Hacks" - basically, Google search strings that show up a load of stuff that show people have files set as public which should not be public, like password files, etc.
The guy (BTW a professing Christian, check out his "About" page!) works as a security advisor, warning sites about their huge security problems. :)
Just a quick example to show what this means:
Click here for Google to search for configuration files of web server accounts that people have left public.
See the ones with the long passwords(PWD=VDFG345...)? Those are very weakly encrypted password keys which you can decipher here. With that data, you could easily hack into someone's web server account, and completely take it over. BTW, only then would it become illegal - a Google search is not illegal. ;)
I for one welcome our new ultimate Google overlords.
Yeah, I'm a geek, so what?
Abonnieren
Kommentare zum Post (Atom)
1 Kommentar:
I think that is rather scary... being able to use google to hack into peeps webservers, just cuz they don't have a clue, or forgot a minor detail... oO
Kommentar veröffentlichen