Understanding google dorks and how hackers exploit them
What are google dorks
Google dorks are set of custom google search queries that are used to return specific set of results which ordinary search queries do not do.The technique of using them is called Google dorking or Google hacking. Google dorking dates back to 2002, when Johnny Long started experimenting with google search to find vulnerable resources on the internet. It’s a very powerful mechanism which can be used both in ethical and unethical ways.
Google dork operators or reserved words
filetype :- Tells google to search for file types , pdf, txt and so on. To be used in search query like filetype:txt, filetype:pdf and so on.
inurl:- tells google to search for patterns in the indexed URLs. for eg. inurl: wp-login will search for the word wp-login in the URLs of the search results
allinurl:- looks for exact match in the URLs indexed
intitle:- tells to look for certain keywords in web page title, for eg. intitle: login will look for search results with login in the page title
allintitle:- similar to intitle but will search for all keywords specified in the title
site:- will search for site specified by site keyword for eg, site: xyz.com will return all indexed URLs of xyz.com
ext:- this is similar to filetype and the syntax also is same and this will look for all file types with the extension specified by ext keyword.
intext and allintext:- searches plain text patterns in the search result for eg intext : credit cards will return leaked credit card data on the internet.
Constructing google dork queries
filetype:txt cvv 2017 – this query will return leaked credit card data with CVV (valid until year 2017)
multiple keywords or operators can also be chained together to retrieve even more juicy info, for eg filetype: log inurl password login will return password logs of indexed sites.
inurl: ViewerFrame? mode = will return search results containing public web/CCTV cams
filetype : txt intext : facebook intext : @yahoo.com intext : password will return search results containing leaked credentials of yahoo/facebook
One can construct infinite such google dorks based on permutations and combinations of text
ExploitDB has a comprehensive list of google dorks for finding a lot of juicy info and vulnerable resources on the internet
Finding vulnerable websites using google dorks
Some dorks for finding websites vulnerable to SQL injection
Some dorks for Finding websites vulnerable to XSS (cross site scripting)
This one is pretty much similar to finding SQLi vulnerable sites
Google dorks are very powerful and there is no limit to creating such dorks. Think out of box to create more such dorks.
Disclaimer:- The content posted above is for educational purpose only and I am not responsible if anyone uses it for malicious purposes.