Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
How hackers are using Google to pwn our sites
dan39
New
Anyone who keeps copies of their source files (SVNs, or compressed archives) should read this article. Google code has become a go-to place for hackers looking to search for exploits:
http://www.shoemoney.com/2006/12/26/how-hackers-are-using-google-to-pwn-your-site/
There is a very easy way to prevent Google Code search from finding your source code using robots.txt:
Also, it seems that the Vanilla SVN and the Vanilla releases are being indexed by Google Code. I can see this being a good thing for developers, but I suppose it could be abused as well.
http://www.shoemoney.com/2006/12/26/how-hackers-are-using-google-to-pwn-your-site/
There is a very easy way to prevent Google Code search from finding your source code using robots.txt:
Also, it seems that the Vanilla SVN and the Vanilla releases are being indexed by Google Code. I can see this being a good thing for developers, but I suppose it could be abused as well.
0
This discussion has been closed.
Comments