News:

Holy shit, it's 2018 2019 2020 2021 2022 2023 2024, and the US isn't a fascist country! What a time to be alive.

Main Menu

Rise of the Robots

Started by iago, March 22, 2006, 08:40:54 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

iago

March 22, 2006, 08:40:54 PM
I recommend that everybody reads this article (mirror).  It was written by Michal Zalewski, who is an amazing individual. 

The short of it is, search engines can be used to attack sites.  Put a link to a random site and a vulnerability on it (for example, http://www.javaop.com/cgi-bin/vulnerable-script.pl?action=exploit), randomizing the domain name (or choosing from a list).  When a search engine sees the link, it attempts to go to it, attacking whatever site it points to. 

Pretty interesting, definitely worth a read. 

iago

#1
March 29, 2006, 09:21:07 AM
Here's an article that talks about this exact problem:

http://www.thedailywtf.com/forums/65974/ShowPost.aspx
Quote
Things went pretty well for a few days after going live. But, on day
six, things went not-so-well: all of the content on the website had
completely vanished and all pages led to the default "please enter
content" page. Whoops.

Josh was called in to investigate and noticed that one particularly
troublesome external IP had gone in and deleted *all* of the content
on the system. The IP didn't belong to some overseas hacker bent on
destroying helpful government information. It resolved to
googlebot.com, Google's very own web crawling spider. Whoops.

After quite a bit of research (and scrambling around to find a
non-corrupt backup), Josh found the problem. A user copied and pasted
some content from one page to another, including an "edit" hyperlink
to edit the content on the page. Normally, this wouldn't be an issue,
since an outside user would need to enter a name and password. But,
the CMS authentication subsystem didn't take into account the
sophisticated hacking techniques of Google's spider. Whoops.

As it turns out, Google's spider doesn't use cookies, which means that
it can easily bypass a check for the "isLoggedOn" cookie to be
"false". It also doesn't pay attention to Javascript, which would
normally prompt and redirect users who are not logged on. It does,
however, follow every hyperlink on every page it finds, including
those with "Delete Page" in the title. Whoops.
Print
Go Up Pages1
User actions