Cult of the Dead Cow turns Google into a vulnerability scanner
‘The “Cult of the Dead Cow” hacker group – cDc for short – has published a tool that searches for vulnerabilities and private information across the web. Using well-chosen Google search queries, Goolag Scan discovers links to vulnerable web applications, back doors, or documents inadvertently put on the internet that contain sensitive information.
This kind of “Google hacking” is already well known: a hacker using the pseudonym Johnny has already published quite a collection of these “Google Hacks” or “Google Dorks” on his web site ihackstuff. What cDc has done is create an automated tool that allows an unskilled hacker to use these same techniques. [..]
Goolag Scan is cDc’s latest attempt to rub salt into the wound. “Private individuals, firms, and even governments are putting more and more stuff on the web, and nobody cares what it means for security”, explained cDc member Oxblood Ruffin to heise Security. cDc says it is publishing this tool now to let everyone check their own web site for vulnerabilities, and do something about them.’