Using Google As A Hacking Tool

    January 3, 2007

Does using Google Search for malicious purposes affect the application of their “Don’t Be Evil” motto even if the negative activity isn’t actually their fault? Should Google restrict some of their search command capabilities if the results are being used to attack other sites?

If you ask the folks who were victims of these types of attacks, then yes, Google should apply limitations to some of their search query commands.

First off, I’m sure many of you have heard about Shoemoney’s recent hacking incident, something he blogged extensively about. Apparently, some enterprising hackers found vulnerabilities on his server using Google Code Search and exploited them (for more details, Shoemoney’s write-up is quite thorough).

While the mistakes that left his site vulnerable were corrected, Shoemoney then conducted his own Google Code searches in an effort to find other exploitable files. The results of his queries confirmed the speculation – a lot of sites are open to similar types of attacks and these holes aren’t that hard to find if you can enter the proper query into Google Code Search.

Another example provided by blogger IncrediBILL helps support Shoemoney’s fear about hackers using Google to harm other sites, however, this particular incident involved a viral worm conducting Google searches looking for sites with PHP vulnerabilities.

Once these sites were located, a file was installed that continued this process – “When I opened the file my virus scanner claimed it was a Perl.Asan virus so I did a bit of research and Panda claims it’s the Perl/Asan.A.worm or something similar, that locates and infects phpBB systems.”

To combat this, Bill would like to see Google block or limit these types of searches that can help malicious users find vulnerable sites. He also suggests Google should use their limitless financial means to, “have a few security experts on hand, maybe working in conjunction with Panda, Symantec and such, that keep on top of these specific threats and block the specific searches used to locate vulnerable sites.”

Should Google limit the capabilities of some of their search functions? Or should webmasters be more conscientious of the vulnerabilities their sites may possess?

Add to | Digg | Reddit | Furl