The google hacking database strikes again – it’s a resource indeed, but you can fall foul of the people that use it. I was learning the advanced search operators about the same time as I found the GHDB – now I’m astounded at how easy ‘this’ is. Click the link below and see what you get.

intitle:”Index of” “.htpasswd” htpasswd.bak (you can always just type the phrase into the google search box of course)

Yep – as you can see there are people out there that leave their htpasswd files in the clear. This is a major concern don’t you think? Even if they are hashed passwords most all of the password crackers freely available out there will crack ‘em rather quickly. So, this begs the question – are your passwords safe? This is just one of the search strings that will get at just one of the many password methodologies out there. It scares the ‘you know what’ outta me!