Just blogging!

Posted 11 December, 2005
Filed under: Blogroll, Miscellaneous Posts |

Lemme share this Google thingy wth u for time being then. I was Googling the other day (for pr0n ofcourse…..wink…wink) & suddenly Google gave me the unexpected…a VIRUS error notice. Can u believe Google telling me right in the face tht my box is infected ?? I was sh*tting bricks, but then i recovered & started asking around for thr error notice. Did discuss it wth few ppl i know of ,who r techies, (btw…i aint no techie, just so tht u know) & they helped me out. There is this guy called “POINT”,whom i approached & he told me he’s getting the same error msg. But then other ppl,with whom i spoke earlier tht day,were not getting any error msg,may b they din enter the search terms properly. Anyways,so this guy searched for this error, this is what came out of it. Guess what ?? Google’s Getting (even) smarter.
I tried this and got the message on admin.php initially. Subsequent
attempts return search results normally so it looks like Google will let
it through after you try it enough times. It’s likely they implemented this
because of the press surrounding the most recent phpBB exploit. Several of
the news items covering the worm mentioned its use of google to find
more vulnerable sites. While this isn’t a new concept (using a search engine
to find vulnerable sites) it’s likely Google wanted to avoid being
perceived as an attack vector.
———————————————-
A simple search in Google using
inurl causes Google to display this message when you
try to access the second page:
=======================================
We’re sorry…
… but we can’t process your request right now. A
computer virus or spyware application is sending us
automated requests, and it appears that your computer
or network has been infected.
We’ll restore your access as quickly as possible, so
try again soon. In the meantime, you might want to run
a virus checker or spyware remover to make sure that
your computer is free of viruses and other spurious
software.
We apologize for the inconvenience, and hope we’ll see
you again on Google.

=======================================

No, i do not have a virus or spyware, tested that
already ;)

This as been attempted from multiple Internet
connections.

Basicly, any name that as an entry in Google and ends
with “php” will cause this.

Ex: inurl:admin.php
inurl:test.php
inurl:whatever.php

Notice that there is no mention of php in the query. This is probably
in response to the recent PhpBB path disclosure vulnerability.

Note: In the old days one could circumvent the php filter by changing
case (i.e. pHp) but that no longer works. You can still circumvent the
google filter by using a smarter query like some intext or a different
inurl phrase.

1 comment so far

  1. Daisuke on 11 December, 2005

    LOL! You can do it! ;) –>

    Reply

Leave a reply