Thu
5
Oct '06
I guess I think like a hacker, because I thought of this before seeing RSnake's post about finding vulnerabilities with Google Code Search.
If you want to find lots of PHP-based web applications that are likely vulnerable to HTML injection, try this search out:
lang:php (print\(|echo)\s\$_(GET|REQUEST)
This says "Find all PHP code that calls 'print' or 'echo' to display $_GET or $_POST (likely) without escaping anything. What a great way to find places to inject stuff! This is useful to find XSS vulnerabilities as well.
Organizing the world's information is useful -- for many things












October 5th, 2006 at 1:09 pm
Fix your link (lang:php) friend
Nice vulnerability
October 5th, 2006 at 1:25 pm
I'm torn between hating you for aiding hackers or praising you for spotlighting shoddy development practices. Perhaps instead of "Don't be evil," Google should have its new motto be, "Don't be evil; just be a tool for evil."
October 5th, 2006 at 1:51 pm
Thanks, Atanas. Fixed.
October 6th, 2006 at 8:38 am
A much broader search would be to search for
lang:php (print|echo)\s\$_(GET|REQUEST|POST) since you dont need a left parenthesis for print.
October 6th, 2006 at 12:41 pm
Forget injection attacks. Just log in as the admin and add real links where they might not be noticed.
http://google.com/codesearch?hl=en&lr=&q=lang%3Aphp+file%3Awp-config+user+-sample&btnG=Search
December 27th, 2006 at 10:13 am
Using Google Code Search To Find Vulnerable Sites...
ShoeMoney wrote a detailed write up on how hackers can easily use Google Code Search to quickly find sites that are vulnerable to being hacked. ShoeMoney shows XSS exploits, SQL Injection exploits, and methods to find host,user,pass for mysql databases...
December 27th, 2006 at 1:31 pm
[...] - Find HTML Injection Vulnerabilities with Google Code Search [...]