Google API "Google Hacking" Detection

Low Nessus Network Monitor Plugin ID 2488

Synopsis

The remote host is running software that should be authorized with respect to corporate policy.

Description

The remote host appears to be using the Google API to execute 'Google hacking' queries. Many vulnerabilities can be found by querying for the error string (or similar) coming from an incorrectly configured or broken web application. An attacker queries the Google cache for these error strings which then gives them a list of potential targets.

Solution

Ensure that this behavior is in accordance with corporate standards and policies.

Plugin Details

Severity: Low

ID: 2488

Published: 2005/01/06

Modified: 2016/01/15

Risk Information

Risk Factor: Low