By Matthew Broersma
22 February 2008
The hacking group Cult of the Dead Cow (CDC) this week released a tool
that turns Google into an automated vulnerability scanner, scouring
websites for sensitive information such as passwords or server
CDC first achieved notoriety ten years ago with its backdoor Back
Orifice, which demonstrated in a highly public way just how easy it was
to take unauthorised control of a Windows PC.
The new tool, called Goolag Scan , is equally provocative, making it
easy for unskilled users to track down vulnerabilities and sensitive
information on specific websites or broad web domains.
This capability should serve as a wake-up call for system administrators
to run the tool on their own sites before attackers get around to it,
according to CDC.
"It's no big secret that the Web is the platform, and this platform
pretty much sucks from a security perspective," said CDC spokesperson
Oxblood Ruffin, in a statement. "We've seen some pretty scary holes
through random tests with the scanner in North America, Europe, and the
Middle East. If I were a government, a large corporation, or anyone with
a large website, I'd be downloading this beast and aiming it at my site
The tool is a stand-alone Windows .Net application, licensed under the
open source GNU General Public License, that provides about 1,500
customised searches under categories such as "vulnerable servers,"
"sensitive online shopping information" and "files containing juicy
The results are displayed as a list of links that can be opened directly
in a browser. Example results include tell-tale error messages and Java
applets for the remote control of surveillance cameras, according to
Goolag Scan is based on "Google hacking," the practice of exposing
vulnerabilities via Google, which CDC says has been pioneered by a
hacker going by the handle "Johnny I Hack Stuff. "
Goolag Scan is, however, the first time such vulnerability searches have
been built into a simple tool, according to CDC.
Subscribe to InfoSec News