Cult of the Dead Cow (cDc, famous for the backdoor suite Back Orifice) enter the news again bringing attention this time to using Google as a tool for reconnaissance and assessment with the release of Gulag. While this hacking technique isn’t new – Google Hacking has been well documented by the likes of Johnny Long (http://johnny.ihackstuff.com) – the press is.
Some will be angry at a publicized release that simplifies a hacking technique and some will be pleased. Personally, I’m a little torn. I applaud the intent of such a tool; it draws attention to a serious security concern and provides another useful method of assessing your network. And lets face it, the bad guys are using this method already, so giving people a tool that makes it easier to see what is already known to the attackers is a good thing.
If I get around to checking it out any time soon, I’ll post an update.