Understanding google dorks and how hackers exploit them

0 / 13963
Understanding google dorks and how hackers use them

What are google dorks

  Google dorks are set of custom google search queries that are used to return specific set of results which ordinary search queries do not do.The technique of using them is called Google dorking or Google hacking. Google dorking dates back to 2002, when Johnny Long  started experimenting with google search to find vulnerable resources on the internet. It’s a very powerful mechanism which can be used both in ethical and unethical ways.    

Google dork operators or reserved words

  filetype :- Tells google to search for file types , pdf, txt and so on. To be used in search query like filetype:txt, filetype:pdf and so on.     inurl:- tells google to search for patterns in the indexed URLs. for eg. inurl: wp-login will search for the word wp-login in the URLs of the search results     allinurl:- looks for exact match in the URLs indexed     intitle:- tells to look for certain keywords in web page title, for eg. intitle: login will look for search results with login in the page title     allintitle:- similar to intitle but will search for all keywords specified in the title     site:- will search for site specified by site keyword for eg, site: xyz.com will return all indexed URLs of xyz.com     ext:- this is similar to filetype and the syntax also is same and this will look for all file types with the extension specified by ext keyword.     intext and allintext:- searches plain text patterns in the search result for eg intext : credit cards will return leaked credit card data on the internet.    

Constructing google dork queries

  filetype:txt cvv 2017 – this query will return leaked credit card data with CVV (valid until year 2017)     multiple keywords or operators can also be chained together to retrieve even more juicy info, for eg filetype: log inurl password login will return password logs of indexed sites.     inurl: ViewerFrame? mode = will return search results containing public web/CCTV cams     filetype : txt intext : facebook intext : @yahoo.com intext : password will return search results containing leaked credentials of yahoo/facebook     One can construct infinite such google dorks based on permutations and combinations of text     ExploitDB has a comprehensive list of google dorks for finding a lot of juicy info and vulnerable resources on the internet      

Finding vulnerable websites using google dorks

  Some dorks for finding websites vulnerable to SQL injection     inurl: index.php?id=     inurl: cardinfo.php?card=     inurl:affiliate.php?ID=    
inurl:affiliate-agreement.cfm?storeid=  
inurl:affiliates.php?id=  
inurl:ancillary.php?ID=  
inurl:archive.php?id=  
inurl:article.php?id=  
inurl:phpx?PageID=  
inurl:basket.php?id=  
inurl:Book.php?bookID=  
inurl:book_list.php?bookid=  
inurl:book_view.php?bookid=  
inurl:BookDetails.php?ID=  
inurl: browse.php?catid=  
inurl: browse_item_details.php=  
inurl:Browse_Item_Details.php?Store_Id=  
inurl:buy.php?id=  
inurl:buy.php?bookid=  
inurl:bycategory.php?id=  
inurl:cardinfo.php?card=  
inurl:cart.php?action=  
inurl: cart.php?cart_id=  
and many more can be thought of. Type in these search queries in google search bar and play around with the search results.
Some dorks for Finding websites vulnerable to XSS (cross site scripting)  
This one is pretty much similar to finding SQLi vulnerable sites  
!xss inurl:”displayResource.php?id=  
!xss inurl:”index.php?id=  
!xss inurl:”cart.php?id=”    
!xss inurl:”info.php?id=”    
and so on …
The above tutorial will help you in narrowing down the search for finding vulnerable resources in the cyber world. Not necessarily it will return a whole list of vulnerable websites only. It’s not a Gospel and one has to work hard in finding out vulnerabilities which is equivalent to finding needle in haystack.
Google dorks are very powerful and there is no limit to creating such dorks. Think out of box to create more such dorks.    
Disclaimer:- The content posted above is for educational purpose only and I am not responsible if anyone uses it for malicious purposes.  
Stay tuned for more such interesting stuff. Like our page at GolibraryIndia
   

Comments

comments


An avid reader, responsible for generating creative content ideas for golibrary.co. His interests include algorithms and programming languages. Blogging is a hobby and passion.

Related Posts