[previous] | [main] | [next]

Goolag Scanner released!

Posted by DSE at 9:09 AM on February 20, 2008 | Comments (20) | digg

Krass Katt sez:
Go grab my app! Choke on it, you silly bitches.


FOR IMMEDIATE RELEASE

SECURITY ADVISORY: The following program may screw a large Internet search engine and make the Web a safer place.

LUBBOCK, TX, February 20th -- Today CULT OF THE DEAD COW (cDc), the world's most attractive hacker group, announced the release of Goolag Scanner, a web auditing tool. Goolag Scanner enables everyone to audit his or her own web site via Google. The scanner technology is based on "Google hacking," a form of vulnerability research developed by Johnny I Hack Stuff. He's a lovely fellow. Go buy him a drink.

"It's no big secret that the Web is the platform," said cDc spokesmodel Oxblood Ruffin. "And this platform pretty much sucks from a security perspective. Goolag Scanner provides one more tool for web site owners to patch up their online properties. We've seen some pretty scary holes through random tests with the scanner in North America, Europe, and the Middle East. If I were a government, a large corporation, or anyone with a large web site, I'd be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious."

Goolag Scanner will be released open source under the GNU Affero General Public license. It is dedicated to the memory of Wau Holland, founder of the Chaos Computer Club, and a true champion of privacy rights and social justice.

GOOLAG SCANNER FUNCTIONS AND FEATURES

Goolag Scanner is a standalone windows GUI based application. It uses one xml-based configuration file for its settings. All dorks coming with the distribution of gS are kept inside one file.
--

Press Contact
Oxblood Ruffin
oxblood at hacktivismo.com


Edit: digg this shit.


Comments

Digg does not like me.

Posted by BlindAssassin at 7:06 PM on February 20, 2008

Goolag likes you...

Posted by Pawl at 4:54 PM on February 21, 2008

Well dude.. what's the PW of the rar containing the source code?

And did you guys ever heared about bittorrent? :-p
It may would make sense (except of having slow Servers :) )

Posted by rembrandt at 12:33 PM on February 22, 2008

goolag dot org is offline. Anyone have a copy of the program that they can send to me via email at cindylouwho at thebabecams dot com

Posted by Cindy Lou Who at 3:51 PM on February 22, 2008

Try goolag.net instead; same thing. Torrent coming soon.

Posted by KK at 5:32 PM on February 22, 2008

Sorry to say...but I don't find this tool very useful. There are much better vunerability scanners out there, but if I just want to scan the available dorks I could write a simple script which does the job and doesn't require Windows, .NET or anything fancy.

Wake up guys! You can do much much better than this!

Posted by buherator at 11:58 AM on February 24, 2008

OMG! I just had a look at the gdorks.xml file...Are you serious? Have you ever heard of data structures? This is lame!

Posted by buherator at 12:37 PM on February 24, 2008

It's very easily useable since it does not require a local proxy like Sensepost Aura but also seems to be still hindered by the google bot captcha problem due to this simplicity...it should probably integrate an API key or something like Aura with Wikto/GHDB...I got blocked in short order.

Posted by br0d at 7:35 PM on February 25, 2008

A new frontend for GHDB?

Posted by quangntenemy at 12:43 AM on February 26, 2008

Hi,

Interesting app.
Don't forget that computer insecurity is everywhere :

www.xssed.com/mirror/30220/

Posted by Vincent at 1:04 PM on February 27, 2008

fuckin CDC~
stupid guy~
CDC sucks~
Goolag sucks~

Posted by Alex in Taiwan at 12:11 AM on February 29, 2008

Mother Fucker CDC !!!
Suck my dick~

Posted by YuBou Jian at 10:00 PM on March 3, 2008

I understand that the Host string is used as the 'site' parameter in the query. I thought that meant you would only find pages on that host URL that had the dork. However, I'm getting successful queries that have URLs that are unrelated to the host I entered. If you go to the url shown in the successful result you can see the dork string but there's nothing about the host on that page.

Posted by BenjaminTallmadge at 10:41 AM on March 4, 2008

For you folks who can't access goolag.org

look on PacketStormSecurity.org for GoolagScanner 1.0.40
It's a .RAR file with the source and self extracting binary. Enjoy!

Posted by Pawl at 1:41 AM on March 8, 2008

Ya'll need to make this a .deb for us Linux users.

:O

Posted by Mykahh at 3:18 PM on March 9, 2008

I visit this web from searching from www.avun.com

Posted by Donny at 12:00 PM on March 11, 2008

You should kiss my ass even for advisory/vulnerability section. You asked to the Johnny community forums if you can do this Windows shit?

rgod

Posted by rgod at 1:14 AM on March 16, 2008

hey, where can i put the proxy server. Tools-Options-Proxy address . . . if i'm already ussing proxy just click on *use system default settings* ???

Posted by dd0s at 3:43 PM on May 26, 2009


Post a comment

If you have a TypeKey or TypePad account, please sign in

CULT OF THE DEAD COW

Mind viruses. Deadly memes.
ASSAULT TELECOM.
BOW TO THE COW

cDc site version 666.2.0

All of us in the cDc participate in this site. If you want to complain because this ain't teaching you how to be an 31337 hax0r, you can eat our collective ass. Thx!

Children of the Cow

Bovine Dawn
COWFEED
Hacktivismo
Ninja Strike Force
NSF's A.S.S.

Archives


NSF Radio

Soooper authentic, official cDc NINJA STRIKE FORCE streaming audio awaits your empty, desiring earholes. Let it fill them both with its thrusting streams of love!! Your head will be a doublestuff cookie and all you can think is "OMFG!@$#!@$!!!@#$

Page of info to SEE

The link with which you HEAR (iTunes, WinAmp, whateva).

Memesphere Poopfest

Has the cDc site inspired you to create your OWN? Has it filled you with a desire to go out and create a blog full of beauty and sparkly magic? Or has it driven you to create your own site full of bile, bitterness, and bad sportsmanship?

Click these buttons for red hott daisy chain action!

burn that fuggin' feed

cDc on archive.org cDc on delicious cDc on digg cDc on everything2.com
cDc on Facebook cDc Feed on Feedburner cDc on flickr cDc on Last.fm
cDc on MySpace cDc on Newgrounds cDc on Reddit cDc on Stumbleupon
cDc Technorati profile DSE on twitter cDc on Wikipedia cDc on YouTube

Kitten Friendly!

Translate


Legal Crap

"CULT OF THE DEAD COW"
is a registered trademark of
cDc communications.
Use The Name, face The Wrath.

License | Privacy

Wiz Dumb

CULT OF THE DEAD COW

the internet's #1 white slavery and cockfighting site!
COW IS NOW

Recent texXxt

414 "How Are You Feeling?" by Oxycolton
413 "Temporary Paralysis: A One-Act Play" by Jake Edward Kara
412 "The Screen Generation" by elliot.pank
411 "The DEFCON 2007 Experience" by Oxycolton, KEMiKAL, and Flack
410 "My Bike" by Lupo


Recent Boox

Invading Spaces


Recent Muzak


- all audio -

Recent grafx

cDc #047
cDc #047
"Sometimes it's just like that."
by Punkle Jones

cDc #046
cDc #046
"I Love a Parade!" by G. Ratte'

- all grafx -

Recent Viddy-Oh



- all video -

Recent Apps/Projects

"Tao Te Ching for Gameboy" by Jake Edward Kara
"cDc Mobile Content Package" by Hella Kitty
"cDc T-File Reader for the Sony PSP & other portable devices" by BlindAssassin
"Goolag Scanner" by Krass Katt
"xB Machine" by Arrakis