Slashdot Mirror


New Web Application Attack - Insecure Indexing

An anonymous reader writes "Take a look at 'The Insecure Indexing Vulnerability - Attacks Against Local Search Engines' by Amit Klein. This is a new article about 'insecure indexing.' It's a good read -- shows you how to find 'invisible files' on a web server and moreover, how to see contents of files you'd usually get a 401/403 response for, using a locally installed search engine that indexes files (not URLs)."

2 of 120 comments (clear)

  1. should have been from.... by Anonymous Coward · · Score: 5, Funny

    the department-of-the-bleedingly-obvious...

  2. New option for robots.txt by michelcultivo · · Score: 5, Funny

    Please put this new undocumented tag on your robots.txt file: "hackthis=false" "xss=false" "scriptkiddies=log,drop" And all you problems will be solved.