The Cult of the Dead Cow is a group that has been around for over a decade, presented by its members as an underground hacker/do-it-yourself media group. Every now and then, they release another “tool” as a result of their research. They are known mostly for their Back Orifice tool release in the late 1990’s. Unfortunately, it was only a taste of what was to come from the world of “RAT” development, or so-called remote administration tools. These sorts of tools were often used to maintain botnets and control over compromised systems for malicious purposes.
This new tool, the Goolag Scanner, is a stab at using Google’s technologies for security research (open to definitions of white, grey, or black hat), and a part of the cDc hacktivist response “to Google’s decision to comply with China’s Internet censorship policy and censor search results in the mainland-Chinese version of its search engine.” Its interface is similar to the popular Nessus vulnerability scanner. While use of the scanner most likely violates every contractual licensing agreement in the Google’s terms of service, it provides an automated method of evaluating web sites for vulnerabilities using “Google Hacks”, or “Dorks” that were popularized by “Johnny Hack” and his “Google Hacking Database“.
In line with their generally dark humor, this version of the scanner is being released as the “Stanley Kowalski” version, most likely in reference to an awful character from Tennessee Williams’ “Streetcar Named Desire”, along with a tough love usage statement:
“If this software does something bad to your computer or network or provides information that you have no legal right to see, then that’s your problem. In some countries this software might be illegal. Don’t be stupid, and don’t come whining to us if you get into trouble. You’ve been warned.”
Discussions on various security mailing lists wager on how long the site will remain up. It seems that the cDc presents the site as a parody of the google site itself:
“It isn’t even a particularly good parody. As such, it is protected by the First Amendment.” It most likely will be up for a while:
Web admins should be sure to attend to the security needs of their servers.
