Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google API "Google Hacking" Detection

Low

Synopsis

The remote host is running software that should be authorized with respect to corporate policy.

Description

The remote host appears to be using the Google API to execute 'Google hacking' queries. Many vulnerabilities can be found by querying for the error string (or similar) coming from an incorrectly configured or broken web application. An attacker queries the Google cache for these error strings which then gives them a list of potential targets.

Solution

Ensure that this behavior is in accordance with corporate standards and policies.