SDA India is an online resource for Software, Development,IT, Architecture, Open Source, Mobile, Security, Databases, Delphi, C, OS, Asp, .Net, Php, Xml, Java
From the News Desk
Monday, 25. February 2008
Google Transformed As Vulnerability Scanner by Hackers
The hacking group Cult of the Dead Cow (CDC) has recently released a tool that turns Google into an automated vulnerability scanner, scouring Web sites for sensitive information such as passwords or server vulnerabilities.
The new tool, called Goolag Scan, lets people with fundamental programming skills check websites or Internet domains for weaknesses that could be exploited by hackers, according to CDC.
CDC spokesperson Oxblood Ruffin spoke about this product launch: “It’s no big secret that the Web is the platform, and this platform pretty much sucks from a security perspective. We’ve seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a large website, I’d be downloading this beast and aiming it at my site yesterday.”
The Goolag scanner was tested by the group on random targets and unveiled worrying results. The Goolag Scanner was coded by a hacker whose alias is Johnny I Hack Stuff. The tool is a stand-alone Windows .Net application, licensed under the open source GNU General Public License, that provides about 1,500 customized searches under categories such as "vulnerable servers," "sensitive online shopping information," and "files containing juicy information."
The new tool, called Goolag Scan, lets people with fundamental programming skills check websites or Internet domains for weaknesses that could be exploited by hackers, according to CDC.
CDC spokesperson Oxblood Ruffin spoke about this product launch: “It’s no big secret that the Web is the platform, and this platform pretty much sucks from a security perspective. We’ve seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a large website, I’d be downloading this beast and aiming it at my site yesterday.”
The Goolag scanner was tested by the group on random targets and unveiled worrying results. The Goolag Scanner was coded by a hacker whose alias is Johnny I Hack Stuff. The tool is a stand-alone Windows .Net application, licensed under the open source GNU General Public License, that provides about 1,500 customized searches under categories such as "vulnerable servers," "sensitive online shopping information," and "files containing juicy information."
