Hacker group releases automated 'Google hacking' tool

The Cult of the Dead Cow hacker group has released an open-source tool designed to enable IT workers to quickly scan their Web sites for security vulnerabilities and at-risk sensitive data, using a collection of specially crafted Google search terms.

The group, which refers to itself as the cDc, acknowledged that the Goolag Scanner tool could also be used by malicious attackers to look for vulnerable Web sites. "We're not stupid," a cDc member who goes by the name Oxblood Ruffin said. "We know some bored teenagers and criminals will try to exploit vulnerabilities [using the new tool]."

But such uses are "not something that we or anyone can control," Ruffin added. "What we're trying to do is two things: One, to provide a very easy and legitimate tool for security professionals to test their own Web sites for vulnerabilities, and two, to raise awareness about Web security in and of itself."

Goolag Scanner is a Windows-based auditing tool that was built around the concept of "Google hacking," a form of vulnerability research created by a hacker who uses the name Johnny I Hack Stuff. Google hacking involves the use of certain types of search queries to look for Web site vulnerabilities. More than 1,500 such queries -- or Googledorks, as they as well as the people who leave their Web sites exposed to them are sometimes known -- have been compiled into a database by Johnny I Hack Stuff over the past few years.

Although the queries ostensibly are supposed to be used by Web administrators to test their sites for data leaks and vulnerabilities, they also are widely used by hackers with malicious intent who are looking for ways to break into sites.

With Goolag Scanner, users can use Googledork queries to run automated vulnerability scans on Web sites, instead of having to copy and paste each search term into a Google search field. According to Ruffin, the tool stores all of the known Googledorks in one file and enables users to add new search terms as they find them.

"Essentially, what we have done with the scanner is created an automated form of Google hacking," he said. "It's like Google hacking on steroids. It operates in a very quick manner."

The new tool also is "very easy to use for everybody, not just security professionals," Ruffin said. "It's probably something that your mother could use without a whole lot of instructions."

Johnny I Hack Stuff previously released a similar tool called Gooscan that also automates the query process, but it runs only on Linux.

Ruffin said that as part of its testing of Goolag Scanner, the cDc ran the tool against commercial, government and military Web sites in North America, Europe and the Middle East, discovering significant security holes in many of them. Most of the scans done in North America were run against government sites "because they are really starting to migrate to the Web," he said.

Information about roughly a dozen "pretty scary holes" that were discovered as part of those scans has been turned over to the proper authorities, Ruffin added.

Goolag Scanner won't find any new kinds of security threats on Web sites, but it does give IT administrators a handier way to look for flaws and leaks that could be exposed via Google searches, said Amichai Shulman, chief technology officer at Imperva Inc., a vendor of firewall and database security software in Foster City, Calif.

The tool's user interface is easy to use, Shulman said, adding that Goolag Scanner could be an eye-opener for company officials and other Web site owners who still need to be convinced about the extent of their exposure to security risks.

And despite the concerns about malicious uses of the tool, Shulman said that he thinks the automated querying offered by Goolag Scanner is unlikely to be of much help to would-be attackers. Over the past few years, Google Inc. has increasingly improved the ability of its software to detect and stop large-scale automated searches, according to Shulman. People who frequently try to run such searches via Goolag Scanner could find their IP addresses being blocked by Google, he said.

Even companies that want to use the tool might need Google's enterprise search software in order to successfully run the scanner against their Web sites without problems, Shulman said.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?