Oh dear

Google Code Search for Security Vulnerabilities

Here’s my attempt – hunting for $_GET / $_POST / $_COOKIE placed at the start of on and include / require / include_once / require_once – potentially a path to include remote files. (Un)?fortunately seems to break the search interface right now – although more results are reported, you can’t seem to get beyond page 2 right now.

lang:php (include|require)(_once)?s*['"(]?s*$_(GET|POST|COOKIE)

So what’s the opposite of “security by obscurity” – because this seems to be it – Koders at least kept their search syntax weak.

Free book: Jump Start HTML5 Basics

Grab a free copy of one our latest ebooks! Packed with hints and tips on HTML5's most powerful new features.

  • CAGRET

    Seems something is broken in their code search right now, your example doesn’t return any results. Another test: lang:php include is OK. But trying lang:php includes* again no results..

  • Lionheart008

    VBulletin Licence Number lang:php

    Plug that into google code search, you can actually search for VB licence numbers, google better fix this quick.

  • Etnu

    “Fix”? Why? Because stupid people expose code on the Internet?

    Google is doing software engineering a great service, not just through search, but by exposing these glaring security holes. If google’s spider can find it, SO CAN SOMEBODY TRYING TO DO SOMETHING MALICIOUS!

    Here are some tips:

    1. Don’t leave sensitive information in publicly accessible directories. If you don’t understand why this is important, you deserve to get hacked.

    2. Spend a few hours actually learning about security best-practices.

    3. Quit relying on security by obscurity. It’s worthless. Use real security measures and you won’t have these kinds of problems.

    People need to stop writing horrible code. If it takes google making it easy to expose these flaws, then, well, so be it. More work for developers who actually know what they’re doing.

  • http://www.web-development-blog.com olaf2

    I don’t think that this code search is very usefull, not for the user and not for the owner. I don’t wanna think about how many people will hijack this data and place the code as without permissions in some kind of code directory.

    I’m wondering why I someone should use this search…

    At last google is indexing the files inside zip files, read some days ago about searches for WP config files ripped from .zip backup archives…