Google Code Search reveals too much

Oct.06, 2006 in blog

Google released a new code search engine the other day.

This got me thinking of things it may index. Since I have recently started using drupal I crafted a URL to test if I could find out usernames and passwords to the main database.

Guess what I can!

Oh, looks like WordPress is no better

Let’s try Wikimedia. Hmm no better…

Let’s not just pick on PHP, how about DotNet? Guess so!

EDIT: Let’s not forget about Joomla, PHPNuke, or XOOPS

Looks like it only affects the zip and tarball files uploaded to the server for the most part but I wonder how many people out there back up their site in this manner?

I’m guessing we are about to see some major holes via this new service…

Webmasters, start your backups…

Technorati : Google, code search, credentials, drupal, hacks, passwords, search, usernames, vulnerability

You must be logged in to post a comment.

Hello Internet Dwellers!

Welcome to my site! These are the words and thoughts of an IT programmer turned Oil Field Consultant.

Jon Barnhardt
Recent Posts
Recent Comments
Disclaimer

Everything posted on this site are the thoughts, views and opinions of me. They may not reflect the views of my employer and are not approved or screened by anyone but me before being posted.
Meta

Midspot

Technical insanity at its best!

Google Code Search reveals too much

Leave a Reply

Hello Internet Dwellers!

Recent Posts

Recent Comments

Disclaimer

Meta

Archives

Categories

Tag Cloud