The Nexus of 2024

Cult of the Dead Cow releases ‘Goolag’ beta

by

jon
in

Hactivists Cult of the Dead Cow (cDc) have released a Windows-only beta of Goolag, a rich client for the Google Hacking techniques pioneered by hacker J0hnny I Hack Stuff.

Basically, Goolag makes it easy to use Google to search out security vulnerabilities related to your web site — or, presumably, others.  From cDc’s blog:

SECURITY ADVISORY: The following program may screw a large Internet search engine and make the Web a safer place.

LUBBOCK, TX, February 20th — Today CULT OF THE DEAD COW (cDc), the world’s most attractive hacker group, announced the release of Goolag Scanner, a web auditing tool…

“It’s no big secret that the Web is the platform,” said cDc spokesmodel Oxblood Ruffin. “And this platform pretty much sucks from a security perspective…. If I were a government, a large corporation, or anyone with a large web site, I’d be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious.”

Google Hacking’s a great example of leveraging the wisdom of the crowds: Google essentially gives you access to everything, useful or otherwise, that people have posted about vulnerabilities of particular sites and versions of software. Of course as with so much crowdly wisdom, there’s a lot of chaff in with the wheat, so good user interaction can help make it easier for people who aren’t security experts to deploy the technique.

Matthew Broerma’s Infoworld article has more:

The tool is a stand-alone Windows .Net application, licensed under the open source GNU General Public License, that provides about 1,500 customized searches under categories such as “vulnerable servers,” “sensitive online shopping information,” and “files containing juicy information.”

The results are displayed as a list of links that can be opened directly in a browser. Example results include tell-tale error messages and Java applets for the remote control of surveillance cameras, according to CDC.

Cool!

Of course, as well as being a valuable tool for those who want to secure their web sites, it’s also something that can be used by criminals or other malicious hackers to find vulnerabilities to exploit. Information is power …

Comments

5 responses to “Cult of the Dead Cow releases ‘Goolag’ beta”

  1. lamr Avatar
    lamr

    I dont get why this is being “released” now – it’s like 2 years behind the curve and there’s plenty of other tools out there (which a quick google search will find – whodathunk).

    Burried as “lame”

    Reply
  2. jon Avatar
    jon

    I hear what you’re saying — Johnny’s book came out in, what, 2005? And I think Foundstone’s “SiteDigger” has been out for a while … still, cDC’s success with Back Orifice makes them a force to be reckoned with and …

    Well, to be honest, I just like it whenever I can mention Cult of the Dead Cow. Brandon Baker and I once cited them in IEEE Security and Privacy, and I was psyched about it for weeks.

    Plus it’s a cool logo, a definite plus.

    Reply
  3. jon Avatar
    jon

    Mike Andrews made some similar points to lamr, describing this post as a “fan comment” (oooh!) and questioning whether the tool would be up to cDc’s usual high standards. br0d replies with some observations having tested it. Here was my response:

    Mike, I haven’t run it, so have no idea whether it comes up to their usual standards (bear in mind that it’s a beta) — or how it compares with Site Digger. That’s not the point I was trying to make.

    br0d’scomment captures the important aspect: there’s plenty of room for improvement. It sounds like Site Digger and others haven’t moved forward to include the kinds of things br0d’s talking about, just as commercial Black Orifice equivalents were languishing before cDc’s release. Even if Goolag winds up just as one of many, it may well similarly catalyze this market niche.

    Reply
  4. MikeA Avatar
    MikeA

    Sorry Jon, please don’t take the “fan” label as something bad – I just didn’t know what else to put 🙂

    In any case, I also havent “run” the tool yet, but will be when I get some more time next week. Looking at the features though, my initial reaction was “why” and “why now”.

    I’ll post some more in the comments on my blog later, but sure, it perhaps has “potential” to turn into something more, but as it is at the moment, I don’t think it’s as news-worthy as it’s generating.

    PS: and as I said on my blog, I like CdD as well, but I just dont think this one measures up (yet)

    Reply
  5. Notes from RSA2008 | Mike Andrews

    […] a big fan of, even though I linked to one of his posts and [mis]abeled him as a "fan" – once again, apologies if that was taken the wrong way) was there and has two fantastic posts with some great […]

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *