The CDC, Cult of the Dead Cow, one of the most celebrated hacker groups in the world, released a new tool over the weekend that allows you to use Google search your site for possible security risks.
The first question that might come to mind is how exactly a program will allow Google to search your site for risks. To use the tool, you enter your web URL and select the search you want to perform. From there the tool uses Google to check your site. “If I were a government, a large corporation, or anyone with a large web site, I'd be downloading this beast and aiming it at my site yesterday,” said CDC representative Oxblood Ruffin.
The method to the madness and object of the tools usage, is a collection of searches that are often referred to as Google Dorking, or Google Hacking. That is, to search for data, scripts, and information that Google has indexed and made available online. Early on, it was common to see things like credit card numbers, social security numbers, passwords, internal business documents and even live cameras that no one thought people could see.
Google has cleaned up the rabid collection of data, somewhat. There are still lots of sites, with entirely too many potential risks. There is a collection of “Google Dorks” posted on line. (Search Google for “Johnny I Hack Stuff”) An archive called the GHDB (Google Hacking Database) houses plenty examples of how to get Google to return somewhat sensitive information.
Goolag, from CDC, expands on the work by GHDB owner Johnny Long, and allows you to search for common risks exposed by Google indexing. Some basic examples would be searching for signs of known vulnerable scripts, searching for public PHP Info files, Apache information, etc.
There are some warnings for usage, including one during install that you simply have to hear to believe. The FUD on this story actually comes from the AFP, “Hackers routinely try to trick people into installing programs that then take over machines or mine them for passwords, financial accounts, or other valuable information.”
Is the AFP attempting to say that the CDC wants to infect users with Goolag? This type of panic laced comment from a news agency is exactly what spreads the paranoia, and panic over legit security tools. Goolag, searches Google. The search is something as simple as hunting for a known vulnerable bulletin board install. It will not eat your cat, or attempt to sell your house if you use it.
The one warning, even Goolag will tell you, if you submit too many searches to Google, you risk having your IP address banned. Used with malicious intent, this tool might cause some harm. However, this harm is no different that someone going to Google’s website and performing the same searches. The tool is not evil, the intent is.
Another issue about Goolag that the news fails to mention is what the tool's reporting means. The information you gain from using Goolag will help no one hack a website or commit identity theft. There are more parts to the puzzle, and Goolag is far form a hacker’s dream tool or silver bullet. Locating a public listing, say an open directory listing its contents, is useless if the person who sees it does not have a clue as to its meaning.
Use Goolag, if you want, but do not fall for the fear and doubt that the mass media gave it. It is a tool, nothing more.
There are currently no comments for this article. Be the first to comment! (no registration required)
Advertising
There are currently no comments for this article. Be the first to comment! (no registration required)