Googlehack Tracking202

If I had an exploitable flaw in Tracking202, like an SQL injection bug, and was a real prick looking for easy targets, I might run the following query on Google:

allinurl:”tracking202/redirect

That happily returns a couple hundred thousand results… All Tracking 202 servers.

Its always a good idea to secure your shit…

A robots.txt won’t stop a hacker of any kind – but ye’olde security through obscurity shouldn’t be underestimated… It will stop all well-behaved search engines if you add the following to a file named robots.txt in the root of your domain.

User-agent: *
Disallow: /

Yup, it’s that easy.