Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [Full-disclosure] Anonymizing RFI Attacks Through Google

From: Dave \ (davek_throwawayhotmail.com)
Date: Thu Nov 23 2006 - 08:15:48 CST

Gadi Evron wrote:
> Noam Rathaus on using Google to anonymize attacks on websites:
> http://blogs.securiteam.com/index.php/archives/746

> By placing a URL on any web page, Google will find it, visit it and
> then index it. With this mechanism, it is possible to anonymize
> attacks on third party web sites through Google by the use of its
> crawler.

  This technique was described by Michal Zalewski in Phrack years ago.


Can't think of a witty .sigline today....

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/