Google 302 Exploit Knocks Sites Out

← Back to Stories (view on slashdot.org)

Google 302 Exploit Knocks Sites Out

Posted by CmdrTaco on Tuesday March 15, 2005 @01:16AM from the that-hurts-me dept.

clsc writes "The exploit: Redirect via 302 to another page of your choice, then watch as the URL of your redirect script replaces the URL of that carefully selected page in Google's search results. Once this happens, feel free to redirect any visitor that is not Googlebot to any other page of your choice. Also applies to other search engines as well (not Yahoo! though)."

5 of 410 comments (clear)

Min score:

Reason:

Sort:

Can I use this to knock out a fraudulent site? by Buran · 2005-03-15 01:34 · Score: 4, Interesting

A site registered and hosted using stolen funds from my credit card is still online following phoned and faxed demands for revocation and refund sent to the registrar/host. Can I somehow use this to send an entire domain to a black hole until the hosting/domain are revoked? It wouldn't be hacking, but it would make me feel a lot better to see the scammers knocked offline. If no one can get to them on google, they can't get any scam income. And what are they going to do -- sue me? That just would result in my slapping them with *criminal* charges as well as a motion for dismissal and a countersuit.

--
i am a soviet space shuttle
Re:Fake Banks by SmurfButcher+Bob · 2005-03-15 01:38 · Score: 4, Interesting

You need to OWN the site that was searched. This is no different than keyword bombing tricks of old; it is merely a bait-and-switch.

Not news.

--

help me i've cloned myself and can't remember which one I am
Fun by stang7423 · 2005-03-15 01:39 · Score: 4, Interesting

Wow. That's a fun exploit... I can't wait to go tell my boss why our site links to a pron site on google.

All kidding aside this could be a major problem for some of the more controversial websites. Akin to the Googlebombing that was just mentioned yesterday this could be the next major attack scheme on the net. Imagine a pro-life site subverting a pro-choice site, Neo-nazi's subverting a site intended for Jewish children, the US government subverting Al Jazera...

Not a whole lot of fun IMHO. I trust google to return what I search for, if this changes I and a whole lot of other nerds are going to be left wandering aimlessly around the net.
This really is a big deal. by bigtallmofo · 2005-03-15 01:50 · Score: 4, Interesting

Anyone that wants to steal your traffic can take advantage of this. Nearly all the sites that I have created in the last year have been purposely hijacked by this and don't show up in any Google rankings. I've learned to live with it despite contacting the jerk responsible who pleaded innocent and said he wasn't very technical and didn't know what was going on.

Historically, good content meant good search engine placement. Now that this little trick is being more publicized, it just decreases the amount of time required for someone to hijack your entire site and remove it completely from the search engine results.

--
I'm a big tall mofo.
Google Search Results Redirected to Ebay by Junior+Samples · 2005-03-15 02:06 · Score: 4, Interesting

I've noticed that a lot of my google searches get redirected to an Ebay search page even though the displayed url in the search results is a non-ebay url. I checked the Google cached result and it was not the same as the re-directed page.

It's very annoying as I haven't been able to figure out what is going on. The same Ebay search results show up under dozens of urls in the Google search results