{"id":195,"date":"2008-03-09T22:51:33","date_gmt":"2008-03-10T06:51:33","guid":{"rendered":"http:\/\/cubist.cs.washington.edu\/Security\/2008\/03\/09\/the-goolag-scanner-and-google-hacking\/"},"modified":"2008-03-09T22:55:09","modified_gmt":"2008-03-10T06:55:09","slug":"the-goolag-scanner-and-google-hacking","status":"publish","type":"post","link":"https:\/\/secblog.cs.washington.edu\/Security\/2008\/03\/09\/the-goolag-scanner-and-google-hacking\/","title":{"rendered":"The Goolag Scanner and Google Hacking"},"content":{"rendered":"<p>Bruce Schneier <a href=\"http:\/\/www.schneier.com\/blog\/archives\/2008\/03\/google_vulnerab.html\">posted<\/a> on his blog earlier in the week about a new, free, open source application by the &#8220;Cult of the Dead Cow&#8221; (cDc) called Goolag Scanner.  It essentially automates a technique called Google Hacking, which was pioneered by a hacker going by the handle &#8220;Johnny I Hack Stuff&#8221;.  Google Hacking entails using the massive Google search engine to discover vulnerabilities on a given server or domain by using targeted searches.  These searches are aimed at finding back doors, sensitive information accidentally made publicly available, vulnerabilities in server software, and more.  The software, along with a friendly voice that guides you through the installation process, comes with 1,500 built-in searches to use out of the box.<\/p>\n<p><!--more--><\/p>\n<p>The legality of such a tool naturally comes to question.  <a href=\"http:\/\/www.heise-online.co.uk\/security\/Google-scanning-is-it-legal--\/features\/110089\">This<\/a> article discusses the topic in the context of the &#8220;Computer Misuse Act 1990&#8221; in the UK.  According to the author, if it can be proven that an individual had the intent to gain unauthorized access to digital material and had knowledge that the material was confidential, the act can be punishable by law.  Though this would not apply to a web surfer who finds confidential material completely by chance, the author claims that vulnerabilities and private information found via the Goolag Scanner would most likely not be considered accidental because the application is intentionally designed to find these things.  Those laws, however, have yet to be tested fully in court.<\/p>\n<p>I would find it very interesting to see how analogous laws here in U.S. draw these lines.<\/p>\n<p>Along with tools like port scanners, the Goolag Scanner falls under the category of &#8220;dual-use&#8221; tools.  These tools are capable of being used for legitimate purposes, such as finding and patching vulnerabilities, but these tools can be just as easily used to exploit those very same vulnerabilities.<\/p>\n<p>Goolag Scanner can be downloaded <a href=\"http:\/\/www.goolag.com\">here<\/a>, but one word of warning if you intend on downloading and installing this software: cDc <a href=\"http:\/\/news.zdnet.com\/2100-9595_22-515160.html\">has been known<\/a> to have malware in its free software, though this particular case was accidental and only affected their official CD-ROMs rather than the downloads from their website.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bruce Schneier posted on his blog earlier in the week about a new, free, open source application by the &#8220;Cult of the Dead Cow&#8221; (cDc) called Goolag Scanner. It essentially automates a technique called Google Hacking, which was pioneered by &hellip; <a href=\"https:\/\/secblog.cs.washington.edu\/Security\/2008\/03\/09\/the-goolag-scanner-and-google-hacking\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":18,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,7,8],"tags":[],"class_list":["post-195","post","type-post","status-publish","format-standard","hentry","category-current-events","category-ethics","category-policy"],"_links":{"self":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/195","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/comments?post=195"}],"version-history":[{"count":0,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/195\/revisions"}],"wp:attachment":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/media?parent=195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/categories?post=195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/tags?post=195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}