Security Information Vulnerability Research Security Blog

More fun with Google Code Search! [updated #5]

October 7th, 2006 by SecuriTeam, Filed under: Web, Commentary, Google

find a whole lot of valid email addresses

from the secure coding mailing list:
robert c. seacord points to the arbor blog, which discusses static analysis using this service:
http://asert.arbornetworks.com/2006/10/static-code-analysis-using-google-code-search/

robert also points to some searches from derek jones:
how many instances of:
if (…) ; are there out there (skip the first half dozen unusual macro uses)?
long long link

security holes in php web applications
“backdoor password” :)
gunnar peterson points to searching dtds

stephen de vries points to several cool searches:
xss in java apps
(obvious) sql injection in java apps
xss in code from o’reilly and sun

from the daily wtf, more light and fun searches:
http://thedailywtf.com/forums/thread/94630.aspx
fun!
very similar searches also bring interesting results, such as tbd or tbd security.

another regex search for xss
a regex for format strings
wsdl

a previous post on this subject, with other searches:
http://blogs.securiteam.com/index.php/archives/661

with:
user-supplied variable used in an opentextfile query
write unsanitized user input into a browser
disable warnings
cdonts, my new leetle fren
sql query one
sql query two
sql query three
sql query four
sql query five
crypto one
crypto two
old school one
old school two
old school three
random injection

and lev’s original post:
http://blogs.securiteam.com/index.php/archives/659

what’s your fav?

sun shine,
sunshine@beyondsecurity.com.

DiggRedditSlashdotTwitThisSphinnStumbleUpondel.icio.usFacebookGoogleTechnoratiE-mail this story to a friend!

-

Scan your web site for vulnerabilities with a Vulnerability Scanner - Be Safe!

10 Comments:

  1. IMNetSpyder, on October 7th, 2006 at 5:16 am Said:

    Ehrm… try this:

    “VIRUS FOUND”

    And we’ll find what?… source codes for scanners? engines?

    This is scary!…

  2. ol, on October 7th, 2006 at 9:24 am Said:

    This is not knew -
    http://www.cipher.org.uk/index.php?p=projects/bugle.project

  3. Web 2.0 Repository & Braindumps, on October 7th, 2006 at 12:32 pm Said:

    Hacken lernen mit Google Code Search…

    In den SecuriTeam Blogs habe ich eine Liste gefunden, wie man mit Google Code Search nach Schwachstellen in Quellentexten suchen kann.

    Ein triviales Beispiel ist die Suche nach Hintertür-Passwörter.

    Weiter lesen:

    Google Releases Code Search

    Code …

  4. Ankit Jain, on October 7th, 2006 at 12:57 pm Said:

    Hey,

    Here are some more hacks for google code search
    http://ankitjain.info/ankit/2006/10/06/code-search-useful-for-hackers

    ~ Ankit

  5. Security Viewpoints, on October 10th, 2006 at 5:51 pm Said:

    Shocker: Internet files are searchable!…

    Last week Google released a code search engine that makes it easier to search through programming code that has been made publicly available on web and FTP sites. It’s nothing new… other code-specific search engines like koders.com have bee…

  6. spor haberleri, on September 10th, 2008 at 2:14 pm Said:

    SUPER SITE

  7. Sohbet, on October 11th, 2008 at 3:50 pm Said:

    thank you

  8. güzel sözler, on October 11th, 2008 at 3:51 pm Said:

    thank you

  9. film izle, on October 16th, 2008 at 8:33 am Said:

    sharing for thanks.

  10. Yaşam & İnsan, on October 20th, 2008 at 9:11 am Said:

    In den SecuriTeam Blogs habe ich eine Liste gefunden, wie man mit Google Code Search nach Schwachstellen in Quellentexten suchen kann.

Security RSS Subscribe


Vulnerability Scanner