Using google to attack on your personal web server

According to this document Google can be utilized to attack on your personal web server.
Google can be utilized to hack into websites – actively exploiting them (not information gathering by the use of Google hacking, although that is how most of the sites vulnerable to RFI attacks are found).

By placing a URL on any web page, Google will find it, visit it and then index it. With this mechanism, it is possible to anonymize attacks on third party web sites through Google by the use of its crawler.

Read more at securiteam.com blog… (found via slashdot)

Solution is quite simple put a web server in chrooted jail 😀 Or use OpenBSD which runs Apache out of box in chrooted jail.

🐧 If you liked this page, please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
2 comments… add one
  • dell Oct 17, 2009 @ 3:40

    That was great.. how can i get the ip add?

  • Pirkia.lt admin Feb 2, 2008 @ 22:21

    Some example hot to use Google to hack some websites, just for fun:

    http://www.google.com/search?q=localhost+site%3A.com%2Fconfig.inc

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.