Hackers develop Google-based scanning tool

Posted on February 27, 2008
Filed Under Vnunet |

align="right"
src="http://ivory.vnunet.com/images/google/google-logo/medium.gif" />

Clement James, vnunet.com,
Wednesday 27 February 2008 at 00:00:00

Cult of the Dead Cow strikes again

Notorious hacker group Cult of the Dead Cow (cDc) has released a web
auditing tool which uses Google to find vulnerabilities on sites. The group
claims that the Goolag Scanner enables anyone to audit their own website via
Google. The scanner technology is based on ‘Google hacking’, a form of
vulnerability research developed by a cDc member known as ‘Johnny I Hack
Stuff’. Available as a downloadable application, Goolag makes use of ‘dorks’,
or detailed search patterns that show untapped results for sites previously
indexed by Google. Dorks find results that might show information relevant to
security issues and/or confidential data, and are not limited to Google’s
search engine, according to cDc. However, the Goolag Scanner is focused on
usability. It simplifies the use of myriad numbers of dorks to a few mouse
clicks, and does not require cryptic command line options or knowledge of
‘Google hacking’. Goolag Scanner comes with its own dorks database, but it is
not limited to this, essentially lowering the bar for would be hackers using
dorks to scan sites for vulnerabilities. “It is no big secret that the web is
the platform, and this platform pretty much sucks from a security perspective,”
said cDc spokesman ‘Oxblood Ruffin’. “Goolag Scanner provides one more tool for
site owners to patch their online properties. We’ve seen some pretty scary
holes through random tests with the scanner in North America, Europe, and the
Middle East. “If I were a government, a large corporation, or anyone with a
large website, I’d be downloading this beast and aiming it at my site
yesterday. The vulnerabilities are that serious.” With Goolag, cDc appears to
be repeating history by putting easy-to-use hacking tools into the hands of
novices. The group shot to notoriety during the 1990s with the release of the
BackOrifice tools which allowed low-level users to hijack and take control of
Windows PCs.

> Read
the full article

src="http://adserver.adtech.de/adserv/3.0/618/1278968/0/0/ADTECH;cookie=no;uid=no;misc=1460866971" border="0" alt="Image">

Comments

• Recently Written

  • Scantily Clad: Aimer S/S 2009
  • First Look: Louis Vuitton SS09 Shoes Preview
  • Scantily Clad: Aimer S/S 2009
  • First Look: Louis Vuitton SS09 Shoes Preview
  • Scantily Clad: Aimer S/S 2009
  • First Look: Louis Vuitton SS09 Shoes Preview
  • Scantily Clad: Aimer S/S 2009
  • First Look: Louis Vuitton SS09 Shoes Preview
  • Random Cool Shit: LEGO SM
  • Ad-dict: Toshiba
  • Camper Together: More Than Smores, Tents and Hiking Boots.
  • Random Cool Shit: LEGO SM
  • Jessica Biel to Design Handbags
  • Ad-dict: Toshiba
  • Camper Together: More Than Smores, Tents and Hiking Boots.
  • Jessica Biel to Design Handbags
  • Scantily Clad: Aimer S/S 2009
  • Scantily Clad: Aimer S/S 2009
  • First Look: Louis Vuitton SS09 Shoes Preview
  • First Look: Louis Vuitton SS09 Shoes Preview
  • Random Cool Shit: LEGO SM
  • Ad-dict: Toshiba
  • Camper Together: More Than Smores, Tents and Hiking Boots.
  • Random Cool Shit: LEGO SM
  • Jessica Biel to Design Handbags
  • Ad-dict: Toshiba
  • Camper Together: More Than Smores, Tents and Hiking Boots.
  • Jessica Biel to Design Handbags
  • Privacy groups target Google Flu Trends
  • Inside the SF Green Festival

• Archives

  • November 2008
  • October 2008
  • September 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007

• Blogroll

  • Prada Sneakers - Shoes
  • Prada Sneakers - Shoes
  • sneakers - Sneakers

• About

  This is an area on your website where you can add text. This will serve as an informative location on your website, where you can talk about your site.

• Search

• Admin

  • Login
  • Wordpress
  • XHTML