Everyone knows that you can use Google for hacking. Now it is been a popular secret. Many search for Google Hacks. You can even find video tutorials how to use Google for hacking web servers, web cam and many more. But this is a funny thing happened to me while trying such a Google hack.
Google Hack I was trying was intitle:"Index of" master.passwd which will lead to master password files created carelessly ( with wrong file permission ) and indexed by Google. Nice got 614 results in 0.32 seconds.
Click the first link Index of /etc/passwd
Wooo hooo I can see the whole files structure including master password files and many more.
Click on the files and took me to a page and it display this message
Apache/1.3.26 Server at gray-world.net Port 80
--------------------------------------------------------------------------------
This is the honey pot ..or honey page.
Thanks to this paper author for the honey page idea.
Thanks to Google developers for the query string into the HTTP Referer field.
Learn more about google hacking at johnny.ihackstuff.com.
Alex / GW team / gray-world.net
Send your suggestions/comments to alex at gray-world.net
Page summary :
Online since : 14/08/2003
Total requests : 1
Google requests : 1 (100%)
Statistic : here
It is pretty Innocent honey pot. Tried the second link as well. It is another honey pot and moved to the third link and wait a minute. I can see Google Ads there as well. They know I am going to visits this page. My Google hacking for intitle:"Index of" master.passwd ends.