0

Google hacking techniques

Google Hacking

Google is a useful hacking tool. Today we are going to dig into Google hacking techniques, also known as Google Dorking or Google hacking.

Caution : Safety First!
Accessing certain web pages or downloading files from them can be a prosecutable offense. Use Tor or VPN services when dorking online.
The following content is for educational purposes only!

What is Google Dork ?

Applying specialised search methods and advanced search engine parameters to locate confidential information is typically termed as Google Dorking.

As search engines crawl their way through web applications with the intent of indexing their content they stumble upon sensitive information. These information will be very useful in hacking.

It’s not only in Google, but also available in all major search engines.

Google hacking Database (GHDB) is a categorized index of dorks designed to uncover interesting, and usually sensitive, information made publicly available on the Internet.

Some examples

list vulnerable webcams openly available in internet

intitle:"EvoCam" inurl:"webcam.html"

intitle:"Live View / - AXIS"

intitle:"LiveView / - AXIS"

inurl:LvAppl intitle:liveapplet

inurl:axis-cgi/jpg

intitle:liveapplet

inurl:lvappl

inurl:view/view.shtml

Hacking Wifi Routers

inurl:"cgi-bin" "No password set!" "There is no password set on this router."

intitle:"router" inurl:"home.asp"

Hacking Personal Documents

filetype:php inurl:list/admin/ intitle:"payment methods"

intitle:index.of finances.xls

Find Passwords

password filetype:doc site:Your Site

password filetype:docx site:Your Site

password filetype:pdf site:Your site

password filetype:xls site:Your site

What data we can find using google dork ?

  • Username and passwords
  • Admin Login Pages
  • Sensitive Documents
  • Email Lists
  • Gov/Military Data
  • Bank details
  • Vulnerable websites

And much more…

Dorking operators

DorkDescription
cache:[url]Show the cached snapshot of a page
related:[url]List pages which Google consider to be related to another
info:[url]Find info of URL in the search database
site:[url]Restrict a search to a single site
intitle:[text]
or
allintitle:[text]
Restrict a search so that all the keywords must appear in the title. You must include a space between the colon and the query for the operator to work in Bing.
inurl:[text]
or
allinurl:[text]
Restrict a search so that all of the keywords must appear in the URL
meta:[text]Finds pages that contain the specific keyword in the meta tags.
filetype:[file extension]Searches for specific file types.
intext:[text], allintext:[text], inbody:[text]Searches text of page. For Bing and Yahoo the query is inbody:[text]. For DuckDuckGo the query is intext:[text]. For Google either intext:[text] or allintext:[text] can be used. 
inanchor:[text]Search link anchor text
location:[iso code]
or
loc:[iso code],
region:[region code]
Search for specific region. For Bing use location:[iso code] or loc:[iso code] and for DuckDuckGo use region:[region code]. 
contains:[text]Identifies sites that contain links to filetypes specified (i.e. contains:pdf)
altloc:[iso code]Searches for location in addition to one specified by language of site (i.e. pt-us or en-us)
domain:[url]Wider than the site: operator, locates any subdomain containing the “suffix” of the main website’s url
feed:[feed type, i.e. rss]Find RSS feed related to search term
hasfeed:[url]Finds webpages that contain both the term or terms for which you are querying and one or more RSS or Atom feeds.
imagesize:[digit, i.e. 600]Constrains the size of returned images.
ip:[ip address]Find sites hosted by a specific ip address
keyword:[text]Metaoperator;Takes a simple list as a parameter. All the elements in the list are searched as and/or pairs together. 
language:[language code]Returns websites that match the search term in a specified language
book:[title]Searches for book titles related to keywords
maps:[location]Searches for maps related to keywords
linkfromdomain:[url]Shows websites that link to the specified url (with errors)
phonebook:[name]look up phone numbers associated with the given name
define:[text]Show Google’s glossary definition for a term
weather:[place] Dork to find information about the weather.
source : search commands

Useful Resources :
https://ww.exploit-db.com
http://www.google-dorking.com

Wrapping up

Google dorking is a great tool for information gathering in penetration testing. As search engine crawls through web directories they uncover interesting, and usually sensitive, information helpful for exploitation due to bad configurations of server.

Knowledge is power especially when it’s shared. I hope you will make correction if i was wrong, because it is from mistakes that we learn 😊

Leave a Reply

Your email address will not be published.