Google Code Search makes hacking a piece of cake for stupid people too

Filed as News on October 5, 2006 2:28 pm

OK, I’€™m kind of torn for posting this, but I guess it’€™s better to point to a problem so that it stands a chance to get fixed, rather than just pretend it isn’€™t there, right?

Jason Kottke writes about the launch of Google Code Search, still in the Labs category at Google, which is meant to search in open source code. Clearly a tool that could be interesting for developers I’€™d reckon, although I can’€™t think of anytime it would have suited my needs in the past. Then again, maybe I would if it existed… Ah, nevermind.

Kottke points to some of the riskier parts of this nifty little search engine. Such as people putting their WordPress files in a ZIP or TAR file, including the wp-config.php file containing MySQL passwords for the site for instance. That’€™s probably not so good, right? Well, there are other examples as well and Kottke seems to collect them. Hopefully these people will get notified of any serious stuff they unknowingly might have put online and public in this manner.

Well, it could be worse. The admin users for your blog is located in the database and you won’€™t find the administrator username and password in wp-config.php for instance. Then again, if you got the passwords you need to access the database it doesn’€™t take a hacker wizkid to get in there and do some damage.

Have a look at Kottke’€™s post, and make sure you haven’€™t put anything stupid in a compressed file. If not, don’€™t fret ‘€“ Google Code Search won’€™t mess with your regular PHP files or anything like that.

Ah Google, the things you put us through.

Tags:

This post was written by

You can visit the for a short bio, more posts, and other information about the author.

Submissions & Subscriptions

Submit the post to Reddit, StumbleUpon, Digg or Del.icio.us.

Did you like it? Then subscribe to our RSS feed!



  1. Google Code Search: Hacking For DummiesOctober 5, 2006 at 7:08 pm
  2. Entropy by fx » Code Search is the Devil?October 18, 2006 at 4:06 am
  3. Google Code Search Faces Criticism from the Start | Blog PostsFebruary 12, 2007 at 3:37 pm