Google Hacking Tips and Tricks
The Google search engine is the most powerful search engine. Google has many options within its search engine. Suppose one wants to find all of the admin portals, of all of the websites present in the Google database, or one would like to see all of the public webcams; one can do this using Google Dorks. Many cool things can be done using Google Dorking. One can even find out the MySQL database passwords for every website. There are many advanced search options: such as using quotations to get exact phrases or using Boolean operators to narrow or broaden the search. However, Google Dorks are something much different. Dorks are nothing but some keywords or filters we use to get the desired output from the Google database. It is possible to fetch interesting information using these dorks.
Now, Google Dorks have grown to a set of many queries. But, it is believed that the concept of "Google hacking" was first found in 2002, when Johnny Long (computer security expert) began to collect Google search queries that uncovered vulnerable systems and sensitive information disclosures. Later, this was labeled as "Google Dorking".
The Google Hacking Database (GHDB) can be exploited in different ways. Google has its own, built-in query language. One should have a look at the most commonly used Google Hacking techniques.
There are many filetype queries that one can run directly on Google. One can search for specific file types, such as: swf, pdf, ps, dwf, xls or xlsx, ppt or pptx, doc or docx, odp, odt, rtf, txt or text, wpm, xml.
For example, if one wants to search for passwords, one can use this method: Filetype: xls “pass"
Many other file types may be specified and could be useful for designers and developers. Some of these searches are: ‘filetype:html’, ‘filetype:bas’, ‘filetype:c’, ‘filetype:cc’, ‘filetype:cpp’, ‘filetype:cxx’, ‘filetype:h’, ‘filetype:hpp’, ‘filetype:cs’, ‘filetype:java’, ‘filetype:pl’, and ‘filetype:py’ (without the quotes (‘’)).
Using Google dork's preferred method, anything can be downloaded, whether it is a web series that has been released within a day or two, the latest movie, or a popular game. This can be accomplished by using a common feature of servers, called Directory Listing. Directory listing is often configured on apache servers for a specific purpose so that that content can be directly downloaded from that index. Using the "index of" may also increase download speeds.
Site is another advanced search option, which can be used to restrict the results to only those websites whose domain is given. Let's say one wants to download some pdf documents from the site gatesnotes.com. That specific pdf or book can be easily searched for by using a syntax similar to those below: Site: gatesnotes.com pdf In the above example, one can also search for the specific title of the book. Another example: site: Gov.
Inurl can be used in combination with the site option. Using this method, one can search for access to the admin portal of a specific site. An example of this basic Google Dork search is: inurl: admin.
Title is something that is part of the head tag in an HTML page. So, one can search for specific keywords of a title. This search will look for exact words or phrases. Many times, it is used for SEO purposes.
Additionally, people can search for their favorite songs. It happens often: People continue searching for a specific song, all day, and they are unable to find it available for download. Now, people can search for it with the help of Google Dorking. Earlier, it was discussed that one could download the latest music with the help of the "index of" search option. Now, it is time to learn how to perform that task.
Search this string on the search bar: ?intitle:index.of? mp3
And after this type, the name of Song/Artist/Album. Let's Say
?intitle:index.of? Mp3 acdc
Now, music can be enjoyed from our favorite band, ACDC.
Hacking and stealing information
By using the above options, and combining them, one could obtain lots of information, or one could search for many important confidential files, easily. For example:
- Inurl: gov filetype:xls "restricted" (using this restricted keyword, one will get all government sites with Excel files(xls) that are restricted for common users).
- Inurl:admin.cfg (“cfg” here means configuration file. Admins of webpages commonly use these files. They can be found by different names, such as: admin.cfg, config.cfg, setup.cfg . These types of files contain very confidential information.
- With these actions, one can also find the serial keys and cracks for software or operating systems. Suppose '74EGH5' is part of the serial key of any software; One can search for serial keys with this commonly used part of the string. Example: "Office 17 Pro" 74EGH5 The above query will guarantee that the searches which appear will be for the specific product. Name and the serial number order should also be the same.
- One can also try Google Hacking in different languages, which will give us different results. Trying different combinations of queries will give results more accurately and effectively.
Google can be used as a typical search engine, which is used to find text, images, videos, news, and much more. But, for a hacker in the black hat, Google is a useful hacking tool. However, there are many precautions that could be taken to secure sensitive information from being indexed by the Google search engine. IP-based restrictions can be enacted, or confidential information can be encrypted. One could also run a regular vulnerability scan on our website, or run frequent dork queries against our website, to see if one can find any critical information before the black hat hackers find it. One can find a handy list of Dorks at the Exploit DB Dorks database. If one can find any vulnerable information on our website, one should immediately restrict it from being found via a Google search console. If a person is new to hacking and wishes to begin by using Google Hacking, they should first learn to be anonymous on the network.
Grow Your Career in Ethical Hacking With These Courses: