Scary! Using Google Code Search to find WordPress database passwords

by interjc on 2006-10-07 03:00:20

The code search tool launched by Google two days ago has received positive reviews from many programmers. Aside from its more "official" uses, on the day the search tool was released, some netizens had already thought about how to use it to search for cracking algorithms of famous software, such as WinZIP. Now, someone on Digg has discovered that Google's code search tool can also be used to search for WordPress database information, including usernames and passwords. Below is an example of a search:

Click here to search directly.

The search above defines the file type as PHP, the filename as wp-config (i.e., the configuration file for WordPress), includes "user," and excludes "sample" (because wp-config-sample.php is the default configuration file sample for WordPress and does not contain user-specific information).

If you're interested, you can also directly use the advanced search feature of Google Code Search to define more precise searches and achieve more "cracking" results.

Use dp.SyntaxHighlighter to implement code highlighting for Blogger.
2006-10-6 21:41
http://labs.qq.com/ is finally made public (with pictures attached)
2006-9-17 9:2
O'Reilly Launches Code Search Service: Code Search - Labs
2006-9-7 22:14
Partial Flash player usage and download
2006-8-23 16:33