lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sun, 27 Feb 2005 14:26:10 -0500 (EST)
From: Jordan Wiens <numatrix@....edu>
To: Josh Zlatin-Amishav <josh@...s.co.il>
Cc: bugtraq@...urityfocus.com, pen-test@...urityfocus.com
Subject: Re: Google Getting (even) smarter


Besides case, it also looks like they're using a unicode preprocessor on 
the filter too.  You used to be able to evade it by "inurl%3Aviewt%6fpic", 
for example, (in the url, not the browser; the browser will escape the %) 
but now they've fixed that as well.

-- 
Jordan Wiens, CISSP
UF Network Security Engineer
(352)392-2061

On Sun, 27 Feb 2005, Josh Zlatin-Amishav wrote:

> Google has now broadened their filter range. A simple inurl:viewtopic
> gets blocked too with the imfamous message:
>
> ===================================================
>
> We're sorry...
> ... but we can't process your request right now. A
> computer virus or spyware application is sending us
> automated requests, and it appears that your computer
> or network has been infected.
>
> We'll restore your access as quickly as possible, so
> try again soon. In the meantime, you might want to run
> a virus checker or spyware remover to make sure that
> your computer is free of viruses and other spurious
> software.
>
> We apologize for the inconvenience, and hope we'll see
> you again on Google.
>
> ==================================================
>
>
> Notice that there is no mention of php in the query. This is probably in 
> response to the recent PhpBB path disclosure vulnerability.
>
> Note: In the old days one could circumvent the php filter by changing
> case (i.e. pHp) but that no longer works. You can still circumvent the
> google filter by using a smarter query like some intext or a different
> inurl phrase.
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ