The Cult of the Dead Cow has officially released GoolagScan — but what exactly does it do?
Google is a very powerful search engine. Google indexes billions of websites, and lots and lots of little bits of information about each of those websites — lots of information, in fact, that website owners may not even realize is being archived. Through crafty and sometimes complex Google searches, that information can be retrieved.
Everybody who’s used Google for any length of time has learned its nuances and advanced search options. For example, by using quotation marks you can group words together (+”Michael Jackson”) and by using plus and minus symbols, you can include or exclude words in your results (+mp3 -avi). The real power comes in linking these things together: (+”Michael Jackson” +thriller +mp3 -avi). Unfortunately due to the thousands of sites that sell mp3s, this isn’t a very effective search. You’re pretty unlikely to find Michael Jackson’s Thriller this way without a lot of manual searching. That’s where advanced searches come in to play. Google for “parent directory” +mp3 +thriller -html -htm -download -links and all of a sudden you’ll find indexes of open shares that contain both the words “mp3″ and “thriller”. This method’s not foolproof either. If you run that query on Google you’ll notice that the first two hits are fake webpages set up to look like indexes of files. Boo, hiss. The third hit, however, is a real index of an mp3 share hosted on a webserver. And, if you’re needing your daily zombie/Vincent Price/Michael Jackson fix, here’s Thriller.
Obviously, sitting around and Googling for mp3s is kind of silly in today’s world of P2P, FTP and Usenet. But what else could we use Google for? I’m glad you asked! What if we want to search for Microsoft Excel spreadsheets that contain the word “salary” or Word documents that contain the words “dmz” and “password”? Woo hoo, now we’re having fun, right?
Johnny, of johnny.ihackstuff.com took Google Hacking to new heights by compiling an online database of Google Hacks. Want to know how to search for files, or passwords, or login portals, or vulnerabilites? Johnny has a collection of these search tidbits, called “dorks”, that can be viewed. Once the idea of storing/shaing dorks grabbed a foothold, the Google Hacking scene took off. Everybody was doing it; even I wrote my own app, Scroogle, which was a small GUI that allowed users to use built-in dorks or add their own (stored in text files). The software is actually quite functional, although it was never officially released.
So anyway, full circle — what is Goolag? Goolag is a web auditing tool that takes Johnny iHackStuff’s Google Hacking to new heights by automating Google searches and providing a collection of security-related “dorks”. Want to scan your domain for vulnerabilities, files containing usernames and/or sensitive directories? Now you can! Want to scan someone else’s domain for those same things? That’s naughty and you shouldn’t think of things like that.