I tried this and got the message on admin.php initially. Subsequent attempts return search results normally so it looks like Google will let it through after you try it enough times. It's likely they implemented this because of the press surrounding the most recent phpBB exploit. Several of the news items covering the worm mentioned its use of google to find more vulnerable sites. While this isn't a new concept (using a search engine to find vulnerable sites) it's likely Google wanted to avoid being perceived as an attack vector. Scott -----Original Message----- From: John Madden [mailto:chiwawa999@xxxxxxxxx] Sent: Wednesday, February 02, 2005 10:54 AM To: bugtraq@xxxxxxxxxxxxxxxxx Subject: Google getting smarter ?!?! Hi, I noticed today that a simple search in Google using inurl causes Google to display this message when you try to access the second page: =================================================== We're sorry... ... but we can't process your request right now. A computer virus or spyware application is sending us automated requests, and it appears that your computer or network has been infected. We'll restore your access as quickly as possible, so try again soon. In the meantime, you might want to run a virus checker or spyware remover to make sure that your computer is free of viruses and other spurious software. We apologize for the inconvenience, and hope we'll see you again on Google. ================================================== No, i do not have a virus or spyware, tested that already ;) This as been attempted from multiple Internet connections. Basicly, any name that as an entry in Google and ends with "php" will cause this. Ex: inurl:admin.php inurl:test.php inurl:whatever.php I've tried it with cgi, html, asp, sh, pl and this does not happen. What will it be next ??? John __________________________________ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250
