Security:
News ToolsReg Shops |
The Register » Security » cDc automates Google HackingKewl for catsPublished Friday 22nd February 2008 17:14 GMT Infamous hacking group the Cult of the Dead Cow (cDc) has published a tool that searches for vulnerabilities and private data using carefully-selected Google search queries. The process of so-called Google hacking is already well known, largely due to the efforts of Johnny "I Hack Stuff" Long, whose presentation on the subject have become a fixture of conferences such as Black Hat. cDc's Goolag Scan allows unskilled hackers or the simply curious to use the same techniques. cDc is most famous for creating Back Orifice remote administration/back door package for Windows ten years ago. It describes Goolag Scanner as a web auditing tool, allowing users to check their own website for vulnerabilities. Searches can be restricted to an individual domain or extended to an entire top-level domain as desired. There's nothing in the Windows-based application to stop hackers using the tool, a feature it shares with other utilities and one which makes making value judgements of dual use hacking/auditing tools a tricky business. Goolag Scan provides 1,500 pre-configured Google search queries in categories such as "vulnerable servers", "sensitive online shopping information" and "files containing juicy information", Heise Security reports. The tool presents its findings in the form of of list of URLs that can be opened directly in a browser. Links to downloads and the cDc's description of the utility can be found here. ® 34 comments posted — Comment period finished l33t d00dzPosted: 17:22 22nd February 2008 Official sitePosted: 17:56 22nd February 2008 WowiePosted: 18:01 22nd February 2008 Title.Posted: 20:11 22nd February 2008 ResultsPosted: 20:12 22nd February 2008
Track this type of story as a custom Atom/RSS feed or by email.
|
|
Top 20 stories • All The Week’s Headlines • Archive • Search