From: Jordan Wiens (numatrixufl.edu)
Date: Sun Feb 27 2005 - 13:26:10 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Besides case, it also looks like they're using a unicode preprocessor on
the filter too. You used to be able to evade it by "inurl%3Aviewt%6fpic",
for example, (in the url, not the browser; the browser will escape the %)
but now they've fixed that as well.

--
Jordan Wiens, CISSP
UF Network Security Engineer
(352)392-2061

On Sun, 27 Feb 2005, Josh Zlatin-Amishav wrote:

> Google has now broadened their filter range. A simple inurl:viewtopic
> gets blocked too with the imfamous message:
>
> ===================================================
>
> We're sorry...
> ... but we can't process your request right now. A
> computer virus or spyware application is sending us
> automated requests, and it appears that your computer
> or network has been infected.
>
> We'll restore your access as quickly as possible, so
> try again soon. In the meantime, you might want to run
> a virus checker or spyware remover to make sure that
> your computer is free of viruses and other spurious
> software.
>
> We apologize for the inconvenience, and hope we'll see
> you again on Google.
>
> ==================================================
>
>
> Notice that there is no mention of php in the query. This is probably in
> response to the recent PhpBB path disclosure vulnerability.
>
> Note: In the old days one could circumvent the php filter by changing
> case (i.e. pHp) but that no longer works. You can still circumvent the
> google filter by using a smarter query like some intext or a different
> inurl phrase.
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]