Technology News: Security: Dead Cow Cult Releases Google Hacking Kit to the Wild

Dead Cow Cult Releases Google Hacking Kit to the Wild

By Chris Maxcer
LinuxInsider
Part of the ECT News Network
02/25/08 2:26 PM PT

Google hacking -- attempting to find vulnerabilities in Web sites using specially crafted and complex Google searches -- was once the sport of advanced hackers. With Goolag Scanner, a group of hackers known as "The Cult of the Dead Cow" have made the technique more accessible to the masses, for better or for worse.

Listen to Your Customers, Grow Your Bottom Line.
Learn how loyal customers can be your best advocates for evangelizing your products and brand, while helping you to dramatically gain new business. Download "Customer Experience Management: Engaging Loyal Customers to Evangelize Your Brand."

The Cult of the Dead Cow (cDc) hacker group -- which claims to be the world's most attractive hacker group -- has released Goolag Scanner, an open source tool that uses Google's (Nasdaq: GOOG) search engines to look for vulnerabilities in Web sites.

Goolag Scanner is either a Web auditing tool that can be used by security professionals to help make their Web sites stronger -- or a hacking tool that provides wicked-easy access to a wealth of information "keys" unwittingly left lying around on Web site servers.

Hacks Galore

Goolag Scanner is based on a technique known as "Google hacking." It's a form of vulnerability research developed by a hacker who goes by the name "Johnny I Hack Stuff" and who's published a database of vulnerabilities and how to scan for them using specially crafted advanced Google searches.

Using individual searches to find flaws works -- it just takes a lot of time. Goolag Scanner is basically an application that rapidly runs lots of flaw-finding searches and quickly returns results more friendly to novices, friend or foe.

"It's no big secret that the Web is the platform, and this platform pretty much sucks from a security perspective," noted Oxblood Ruffin, who described himself as a cDc "spokesmodel."

"Goolag Scanner provides one more tool for Web site owners to patch up their online properties. We've seen some pretty scary holes through random tests with the scanner in North America, Europe and the Middle East. If I were a government, a large corporation, or anyone with a large Web site, I'd be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious," he added.

Common Vulnerabilities

"It's difficult to refer to vulnerabilities as common other than from a structural perspective," Ruffin told LinuxInsider. "But having said that, most vulnerabilities that we've seen on the .gov/mil side have involved programming sloppiness. If you're asking how could a black hat exploit a Web site using Goolag Scanner, then I'd say that it would be on the 'point of entry' vector. You find a scab, you pick at it, and sooner or later you'll get blood," Ruffin explained.

Google hacking techniques aren't particularly new, and as cDc's online fact sheet notes, Goolag Scanner has been "bouncing around cDc internally for the past three years." It raises the question: Why release it to the public now?

"In our view, the public is ready to start thinking about Web security now. All kinds of services and conveniences are dragging people out of their homes/offices and onto the Web," Ruffin said.

"Who needs a hard drive when you can store data for free 'out there'? That's how people are beginning to think," Ruffin explained. "So we're just trying to create a moment of pause. Is it really such a good idea?"

Goolag Scanner will be released open source under the GNU Affero General Public license. It is a standalone windows GUI-based (graphical user interface) application that uses one XML-based (extensible markup language) configuration file for its settings.

Next Article in Security

Mozilla Dispatches Firefox Bug Zapper
February 08, 2008

Mozilla rolled out a series of patches for the Firefox browser. "[Vulnerability MFSA 2008-08] is an interesting one," said analyst Chris Rodriguez. "It's rated moderate, and you might think of it by itself as just an annoyance. But it would allow a hacker to pop up something right before you click. Imagine you want to click 'no,' but it pops up right before you click and it says 'yes I want to download this executable.'"

More by Chris Maxcer

The iPad's Cruel Teaser
March 09, 2010

The iPad ad that debuted on Sunday was remarkable in how many functions it managed to cram into just 30 seconds. Document creation, email, e-books, media viewing -- all that and more was demoed using just two hands and a hip soundtrack. However, the ad left quite a few important questions about the iPad unanswered.

The iPad Catalyst Will Light a Lot of Fires
March 02, 2010

I think we're going to get a lot of fantastic content options for mobile devices in 2010, even if you don't pony up for an iPad. While the iPad will likely be a raging success, it'll also help generate a market for alternatives. The question is, can we credit -- or blame -- the iPad for generating all this mobile action? Maybe not the iPad alone, but it's certainly the latest catalyst.

With Smut Ban, App Store Exposes a Jiggly Set of Rules
February 23, 2010

Apple's stance on risque iPhone and iPod touch apps is understandable, but the whole incident does underscore the App Store's frustratingly fickle nature. Apple should either draw up a precise, crystal-clear set of guidelines for app developers or just admit it's completely subjective -- "If we like it, it's in; if we don't, it's rejected." Right now, its policy seems to be somewhere in between.

[Search More...]

Hacker	Activate Alert \| Search Archives

Google	Activate Alert \| Search Archives