Is this a Google Search Engine Vulnerability? It seems to be the answer!

Further to my previous blog posts on inappropriate results in Google search, some further studies have been made.It appears to be a robots.txt file exploitation! The contents of the robots.txt file on site www.sunnydaysandlovelyways.com has been analyzed, and found to contain the code as shown in the file below (as on 12/15/2017 11.00PM IST):


CCNA 200-125 Practice Exam-no-links


The hyperlinks in the file have been removed for obvious reasons. However, the robots.txt file contains all the links in the format as shown below:

h??p://www.sunnydaysandlovelyways.com/?htm=exam-details/ccna.htm

(replace h??p with http)

Whole of home page code has been copied to the robots.txt file followed by a couple of most visited pages.

The result: The result is there to see. For most keywords the website sunnydaysandlovelyways.com is showing up in the google results. Please see my previous posts referenced below:

Content is the King – But you need a Queen to protect & promote!

Irrelevant Results in Google Search – Contd..

Irrelevant Results in Google Search – A Case Study

 

It was also observed that the hacker cleverly disabled forwarding to topdump . com for known user agents. For example, we could only see the forwarding when using a VPN to hide the actual IP address and the geography. Otherwise, the site is not forwarding to topdump . com

It was probably achieved by using htaccess file or the config file of the web server hosting the domain sunnydaysandlovelyways.

If the argument is true, it appears to be a serious security flaw on part of search engine algo and needs to be fixed.

Disclaimer: This is only in the opinion of the author with the evidences as presented in respective blog articles. anandsoft.com is not responsible for the accuracy or correctness of the authors post.

Post Author: Vijay Anand may be reached on vyadla at anandsoft.com