Google Code Search Creating New Expliots
October 6th, 2006
So I had a hidden backup file in a web accessiable directory, containing an old version of my blog. Now that backup file got expanded by google and included in code search(which was released this week), where my DB password was there for anyone to see. I don’t think that it was a particularly risky to have a known password but just in case I have changed it.
I found out about it due to some kind geeks leaving comments on my blog. Thanks people.
Funny, I was about to drop a line here. Figured a quick email to those already posted couldn’t hurt.
I reckon a whole lot of coders will start searching for common test passwords they use in Google to make sure they haven’t got any code exposed. Then Google will have lists of Google search terms that they sometimes show. And then hackers will have a much more useful dictionary for dictionary attacks.