On Sun, 15 Jan 2006, Lance James wrote:
Full: http://castlecops.com/article-6466-nested-0-0.html
This was all done in 2003, also, see Google Hacking for Penetration
Testers by Johnny Long.
http://johnny.ihackstuff.com has a huge google hacking database.
From Darren Miller:
Lance,
Thank you for your feedback Lance, I always enjoy hearing from others.
The reason I wrote this article is a new client of mine, as of 3 days
ago, was hacked because of just such an issue. I know that this type of
information is widely available and has been for quite some time. The
fact is many people, unlike us, don't know about it. There are always
new readers and consumers of information and that is why I write
articles like this from time to time.
The interesting thing is that in just a few days this article has been
read thousands of times more that what is posted on castlecops.com and
defendingthenet.com. I have rec'd e-mails thanking me for writing the
article. Obviously from people who don't already have this information.
Think about all the people you know that only see Google as just another
search engine.
Darren W. Miller
--
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com
-------------------------------------------------------------------------
This List Sponsored by: Watchfire
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
