As Google has done this to stop worms attacking vulnerable sites but probably it has missed out many other filters which can be used by the worms.
For example: Sanity Worm exploits a flaw in a file called viewtopic.php that allows an SQL injection exploit. This worm defaces the web site with the phrase "This site is defaced!!! NeverEver NoSanity" and then seeks out other phpBB sites to attack, apparently using Google to locate the target viewtopic.php files. If you search for inurl:"viewtopic.php" , google will drop such requests and return back 403 - Forbidden Error but if at the same time a search request is made for "view" + "topic" + ".php" Or Viewtopic.php Google returns the search result without any drop. There are many such ways where existing worms can modified to make use of various combinations of Google filters to evade any drops. I am still working on it. If anyone interested to work on such evasions can mail me. Regards, Debasis Mohanty www.hackingspirits.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Debasis Mohanty Sent: Monday, February 21, 2005 12:17 AM To: [email protected] Subject: [Full-Disclosure] 403 - Forbidden Google Error Try this and check what google says: Search for inurl:".php" (with quotes) or Click on the following link: http://www.google.co.in/search?hl=en&as_qdr=all&q=inurl%3A+%22.php%22&btnG=S earch&meta= Regards, Debasis Mohanty www.hackingspirits.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
