lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <IHEJLNIAKMFACIJGNAIFGEKPCAAA.sjacobson@weblinc.com>
Date: Wed, 2 Feb 2005 19:07:44 -0500
From: "Scott Jacobson" <sjacobson@...linc.com>
To: <bugtraq@...urityfocus.com>
Subject: RE: Google getting smarter ?!?!


I tried this and got the message on admin.php initially.  Subsequent
attempts return search results normally so it looks like Google will let it
through after you try it enough times.  It's likely they implemented this
because of the press surrounding the most recent phpBB exploit.  Several of
the news items covering the worm mentioned its use of google to find more
vulnerable sites.  While this isn't a new concept (using a search engine to
find vulnerable sites) it's likely Google wanted to avoid being perceived as
an attack vector.

Scott

-----Original Message-----
From: John Madden [mailto:chiwawa999@...oo.com]
Sent: Wednesday, February 02, 2005 10:54 AM
To: bugtraq@...urityfocus.com
Subject: Google getting smarter ?!?!


Hi,

I noticed today that a simple search in Google using
inurl causes Google to display this message when you
try to access the second page:

===================================================

We're sorry...
... but we can't process your request right now. A
computer virus or spyware application is sending us
automated requests, and it appears that your computer
or network has been infected.

We'll restore your access as quickly as possible, so
try again soon. In the meantime, you might want to run
a virus checker or spyware remover to make sure that
your computer is free of viruses and other spurious
software.

We apologize for the inconvenience, and hope we'll see
you again on Google.

==================================================

No, i do not have a virus or spyware, tested that
already ;)

This as been attempted from multiple Internet
connections.

Basicly, any name that as an  entry in Google and ends
with "php" will cause this.

Ex: inurl:admin.php
    inurl:test.php
    inurl:whatever.php

I've tried it with cgi, html, asp, sh, pl and this
does not happen.

What will it be next ???

John




__________________________________
Do you Yahoo!?
Yahoo! Mail - 250MB free storage. Do more. Manage less.
http://info.mail.yahoo.com/mail_250




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ