0P3N Blog Blog Post
Ready to Start Your Career?
Create Free Account
By: fr4nc1stein
August 19, 2015

Google Dorks: An Easy Way of Hacking

By: fr4nc1stein
August 19, 2015
By: fr4nc1stein
August 19, 2015
The Google Search Engine finds answer to our questions, which is helpful in our daily lives. You can search for your school assignments, reports, presentations and more. Before I start the tutorial on using use Google Dorks in Penetration Testing and Ethical Hacking, I'm going to share a definition of Google Dork queries that I saw on techtarget.com:

A Google Dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators to find information that is not readily available on a website.

In other words, we can use Google Dorks to find vulnerabilities, hidden information and access pages on certain websites. Because Google has a searching algorithm and indexes most websites, it can be useful to a hacker to find vulnerabilities on the target.The basic syntax for advanced operators in Google is:

operator_name:keyword

For example, this operator_name:keyword syntax can be typed as 'filetype:xls intext:username' in the standard search box, which results in a list of Excel files which we contain the term 'Username'.

Simple Google Dorks Syntax
site - will return website on following domain
allintitle and intitle - contains title specified phrase on the page
inurl - restricts the results contained in the URLS of the specified phrase
filetype - search for specified filetype formatsSee the images below:

1

2

What Data Can We Find Using Google Dorks?
  • Admin login pages
  • Username and passwords
  • Vulnerable entities
  • Sensitive documents
  • Govt/military data
  • Email lists
  • Bank account details and lots more


Create an Account To Enroll In Any Of These Courses:



Google Dorks can also be used for network mapping; we're able to find the subdomain of the target site using Simple Dorks.Information gathering and network mapping is useful in Ethical Hacking. See the image below:

Dorks:site:wipro.com -site:www.wipro.com -site:careers.wipro.com

3

Try wipro.com to scan and we find some of the subdomains using the master website. We see other login pages and other system administrators/webmasters are using the subdomains for login pages. Based on the results, it's not fully secured. That's why the site mapping in Google Dorks is good. How about a port scanning? Available ports for intrusion and open ports? Can Google Dorks find it? The answer is yes. See the image below:

Dorks:inurl:8443 -intext:8443

4

We use port 8443 and it's open; we find some websites enable port 8443. The queries above search websites using port 8443.

Start a 7 Day Trial To Enroll In One Of These Career Paths:



Summary
In this article, we presented a few uses of Google Dorks for testing our own website. We found out if it was searchable on Google and leaking confidential information. Thanks and Greetings from a Philippine Security Researcher and Project-AG

Join over 2 million IT and cyber professionals advancing their careers

OR REGISTER WITH

Google

Already have an account? Sign In »

Ready to Share Your Original Content?

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry