ShoeMoney has proved how hackers can determine vulnerable sites by using Google's latest Code Search service that was released in the month of October this year. he Code Search service enables Internet users to search for open-source code on the Internet. The code can be found in various formates such as .tar.gz, .tar.bz2 and .zip etc.
ShoeMoney says, Well after going through the logs greping for the ip range that hacked my box I found that the person found my site from Google! Specifically using Google code search. Now while this was interesting it still did not explain how the page was even indexed…. ohh wait I use Google Sitemaps and I had it on to index everything (the default setting) OUPS.