Google mining

Google has a Terms Of Service (TOS) and they say a lot of bad stuff will happen to you if you use it for evil. Your scrotum will fall off if you abuse it. Do no evil, eh? Anyway, google is good to assess the security of your webserver(s) and your miscellaneous php, cgi and other scripts that you sometimes installed without checking their records. And I’ve been hacked several times. So, that’s a good excuse..

Look what I found searching for mysql plaintext passwords (my linebreaks):

INSERT INTO user (Host, User, Password)
VALUES ('localhost','david', password('hard2crack'));

INSERT INTO user (Host, User, Password)
VALUES ('localhost','avisia', password('tooHard2crack'));

INSERT INTO user (Host, User, Password)
VALUES ('localhost','caroline', password('laitaps'));

Among other things… :D

You should obtain and read j0hnny’s The Google Hacker’s Guide 1.0.
There is a reason Google has been so widely praised for its thoroughness. It even has a name. Google mining.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.