[img]http://www.betaone.net/news/topics/tech.gif' border='0' alt='News Logo' style='float: right' />The world's most popular search engine is one of the handiest tools for hackers, said a security expert on Thursday.

Google's ability to record Internet sites' content can be used to pinpoint those with weak security, Johnny Long, a security researcher and computer scientist for Computer Security Corp. told attendees at the Black Hat Security Briefings here. Though the technique is not new, well-crafted searches turned up so many sites with vulnerabilities that even jaded researchers laughed during the session.

"It is an old dog with new tricks," Long said. "It never ceases to amaze people, all the vulnerabilities out there."

By searching for default server page titles, for example, an attacker can find easily exploitable servers. Applications left in default modes can also be found by searching for error pages generated by the software. And searching for specific file names can pinpoint vulnerable servers connected to the Internet.

"It is the first step to finding vulnerable targets," Long said.

News source: Winbeta
Full story: View Here