I guess I think like a hacker, because I thought of this before seeing RSnake's post about finding vulnerabilities with Google Code Search.
If you want to find lots of PHP-based web applications that are likely vulnerable to HTML injection, try this search out:
lang:php (print\(|echo)\s\$_(GET|REQUEST)
This says "Find all PHP code that calls 'print' or 'echo' to display $_GET or $_POST (likely) without escaping anything. What a great way to find places to inject stuff! This is useful to find XSS vulnerabilities as well.
Organizing the world's information is useful — for many things 
Related posts:
"7 Wise Comments Banged Out Somewhere On The Internet ..."
I'm torn between hating you for aiding hackers or praising you for spotlighting shoddy development practices. Perhaps instead of "Don't be evil," Google should have its new motto be, "Don't be evil; just be a tool for evil."
A much broader search would be to search for lang:php (print|echo)\s\$_(GET|REQUEST|POST) since you dont need a left parenthesis for print.
Forget injection attacks. Just log in as the admin and add real links where they might not be noticed. http://google.com/codesearch?hl=en&lr=&q=lang%3Aphp+file%3Awp-config+user+-sample&btnG=Search Search Engine Land: News About Search Engines & Search MarketingUsing Google Code Search To Find Vulnerable Sites… ShoeMoney wrote a detailed write up on how hackers can easily use Google Code Search to quickly find sites that are vulnerable to being hacked. ShoeMoney shows XSS exploits, SQL Injection exploits, and methods to find host,user,pass for mysql databases… Usando Google para encontrar sitios vulnerables » Internet Marketing MX[...] - Find HTML Injection Vulnerabilities with Google Code Search [...]
|
