Google Dorks: How to Find Interesting Data and Search Like Hacker

by Tibor Kopca Date: 22-10-2020 hacker hacking hackers security google tools advanced search


Go the words Google and Hacking together? Well if you thought that we will learn how to use hack Google, you might be wrong.
But we can Use Google search engine to find interesting data accidentally exposed to the Internet.
Such a simple search bar has the potential to help you also protect yourself or your website against unwanted hackers visits. This way if you're a website operator or owner you may try to find out what do you share with the world. If you know HOW!

What is Google hacking?

Let me introduce you to Google hacking, also named Google dorking. It is a “hacker” technique sometimes just referred to as a dork, that uses Advanced Google Search to find security holes in the configuration and website code.
We can use some of these techniques to filter information, get better search results, but in this case, we would focus on the information normally not accessible. Like show camera feeds and documents..

It all started in 2002 when a man called Johnny Long began to collect queries that worked in Google search and with those it could be uncovered vulnerabilities or unveiled sensitive or hidden information. He labeled them google dorks. Later this grew into large database, eventually organized into Google Hacking Database.

It is not hacking dummy..

Well if you would argue that even Google itself enables its users information how you can refine search, you would have been right.
You cannot hack websites directly using Google, just are making use of publicly available advanced search tools. But since Google uses its engine capabilities to crawl Internet and index page titles, within some poorly secured websites may be included sensitive information. Basically, by dorking you can find vulnerabilities.
There are multiple options how you can more precisely define your query in https://www.google.com/advanced_search, and if you notice on the right side of that page there are even hints.

We already talked about use of special operators and symbols like AND, OR, NOT, also symbols like ~ (synonyms), + (combine), “” (exact phrase), * (wildcard) .


Small recap:

  • Google search is case sensitive when we use logical operators. So you cannot type oR, or anD, instead use uppercase or symbols.
  • OR can be replaced by pipe symbol | .
  • NOT can be replaced by minus(ess) symbol - .
  • AND can be replaced by single space (pressing space), but results may differ if we type AND specifically between words.
  • City City - show flights from one city to another, even if you enter IATA airport code like ‘PRG LON’
  • Link - finds sites that link to your specific domain, like “link:ma-no.org”
  • .. - Search within a range of numbers, like ‘2002 .. 2020’ or ‘$25..$75’
  • In - converts units, example ‘inches in a foot’
  • Site - show your searched term within specific site, like ‘site:elcorteingles.es watches’ or specific domain ‘site:uk amazon’
  • Allintitle - shows results with the searched phrase in the title, ‘allintitle:nasa moon landing’
  • Intitle - shows result with a single term in the title, example ‘intitle: "sauce"’
  • Inblogtitle - shows results of blogs with the searched phrase in the title, ‘inblogtitle: programming’
  • Inposttitle - shows results with a single term in the title, like ‘inposttitle: programming’
  • Allintext - shows results to pages with the terms in the content, example ‘Allintext: recipes for a weekend’
  • Allinanchor - shows sites with your search term in links, example
  • Allinurl
  • Inurl - shows results with your first search term in the URL and the second term is content, ‘Inurl: movies view’
  • Allinpostauthor - shows content that is written by yours searched author, example ‘allinpostauthor: Bukowski’
  • Related - shows results that are related to your searched URL, ‘related:NYtimes.com’
  • Info - shows information about searched domain, like ‘Info:diariodemallorca.com’
  • Define - ‘define:dorking’ will return definition of the given word.
  • Source - searches for mentions of a specific person or thing in a certain news source. ‘metro source:diario de mallorca’
  • Location - shows articles based on specified location, like ‘location:Mallorca beaches’
  • Filetype - Find documents of the specified type, example ‘filetype:pdf cats’
  • Ext - Very similar to Filetype but we can seek uncommon extensions for more accurate results, example ‘ext:flac mysong’
  • Movie - shows times for a specific movie in a specific location
  • Weather - show results for weather in a specific location, example “weather:palma de mallorca”
  • Stocks - shows stock price of a specific company. I.e ‘stocks:Starbucks’
  • Cache - shows most recent cache of specific webpage, example ‘cache:ma-no.org’
  • Map - shows map of specified location, like ‘map:"sierra de tramuntana"’
  • Equation - calculates numbers, for example ‘10x4’
  • Tip calculator - calculator to help you decide how much to tip, example ‘’
  • Minute timer - shows a timer with your specified time, like ‘2 minute timer’
  • Stopwatch - shows a stopwatch, example ‘stopwatch’
  • Sunrise | Sunset - shows the time of sunrise and sunset for specific location, example ‘sunrise palma’
  • Flight number - shows the status of a specific flight, example ‘FR 6363’
  • Sports team - shows the score of a current game ‘real madrid barcelona’
  • Insubject - Find group messages with specific content, like ‘insubject:"website crawlers" ’
  • Group - Finds group messages from specific source, example ‘group:"google dorks" ’
  • Numrange - Finds range of numbers in a query upto 5 digits
  • Daterange - Searches in range of dates, with use of julian dates, example ‘daterange:2452463.5 2452464’
  • Msgid - Message Identification Line used in email and Usenet newsgroups.

In this article you can read more about google “secret” queries .
https://www.ma-no.org/en/security/google-hacking-secrets-the-hidden-codes-of-google.


Bonanza of data, Juicy information and Some Examples


We need to make sure that we’re not logging into anything that requires a password even if that password is shown to us in plain text, because that’s a line at which it becomes illegal access to a device that we don’t have permission to use.
It would also be a good idea to use some proxy or VPN like hide.me to change your IP address when Google would start querying you with captchas.

Google-dorks-captcha

This query would search text files in sites which have domain .org and in the text file it searches for strings “password OR passwords OR contraseñas OR login OR contraseña”.
filetype:txt site:web.com password|passwords|contraseñas|login|contraseña

This query shows registers of conversations that remained on servers.
“Index of” / “chat/logs”

This searches for backup directories.
intitle:"index of" inurl:/backup

This searches mp3 files on various types of servers
intitle:index.of mp3

This shows spilled data from MySQL databases where you are searching for pass|password|passwd|pwd.
filetype:sql “MySQL dump” (pass|password|passwd|pwd)

We can use some of these techniques to localize cameras of the manufacturer AXIS.
Inurl:axis-cgi
Inurl:"lvappl.htm"

We can obtain some feed of the IP cameras, some of them we can even control.
inurl:”ViewerFrame?Mode=”
If you’re into webcams, here is good source of query strings. Its a bit creepy if you ever wondered if somebody could be watching some(yours) feed?
http://suryachandiran.blogspot.com/2015/05/google-hacking-to-hack-into-live.html
inurl:top.htm inurl:currenttime
inurl:”lvappl.htm”

This can show enjoyable reading among government sited files of type PDF.
site:gov filetype:pdf allintitle:restricted

This query searches documents with sensitive character, but in the intranet of the sites.
inurl:intranet filetype:doc confidential

This is supposed to find the .LOG files accidentally exposed on the internet.
allintext:password filetype:log after:2020

This searches for string “username” in a log type files
allintext:username filetype:log

This will expose .env files - used by various popular web development frameworks to declare general variables and configurations for local as well as dev environment.
DB_USERNAME filetype:env
DB_PASSWORD filetype:enc=v

The file robots.txt is for preventing crawlers and spiders or any other search engine to enter into your website and you can block indexing specific pages or directories with it. Anyhow, by typing a query like this, you can look into different robots.txt files to see what you are not able to access.
“robots.txt” “disallow:” filetype:txt

These queries help you browse open FTP servers
intitle:"index of" inurl:ftp
intitle:"index of" inurl:http after:2020

Search for specific website under defined domain
inurl:.es/index.php?id=

SSH private keys
intitle:index.of id_rsa -id_rsa.pub

Putty logs
filetype:log username putty

Email lists
filetype:xls inurl:"email.xls"


How to mitigate Dorking


There are ways to not expose your system. Keep Operating system, services and applications patched and up-to-date. Use security solutions like antivirus and firewall for blocking access. Audit your exposure. Do not store sensitive information on public locations. Perform penetration testing.
Website owners must configure a file name robots.txt file properly. That is to prevent Google Dorks from accessing important data of your site, which can have serious consequences for your image and reputation.


Conclusion


Before you start to use Dorks you need to be aware that Google knows who you are. Use obtained information only for legal purposes and not to harm others. Malicious hackers can type such queries that they can obtain information such as exposed directories, files with usernames and passwords, shopping info and so on. Beware, it might be also regarded as illegal google hacking activity.
We wouldn’t suggest you do harm, but you could Dork yourself. Build queries to search for your vulnerabilities, and learn from it to improve YOUR security.

Image bySimon Steinberger from Pixabay

 
by Tibor Kopca Date: 22-10-2020 hacker hacking hackers security google tools advanced search hits : 9514  
 
 
 
 

Related Posts

Cumulative Layout Shift, what is and How to optimize CLS

Cumulative Layout Shift, one of the new Core Web Vitals metrics,  is the first metric that focuses on user experience beyond performance. Unexpected movement of web page content is a major…

The best free tools for linkbuilding

Linkbuilding is one of the main factors in improving the SEO positioning of a page. Having a profile of inbound links from pages with great authority can mean the difference…

SEO: How to find and remove artificial links

At Ma-no we are aware of the importance of a good linkbuilding strategy in order to achieve success with a website. Links are key to placing a website among the top…

Security of Internet providers: can we trust it?

This year has been a time of many changes. Now, more people are connected to the Internet through their home routers for teleworking, shopping, or leisure. This is where the…

Google everywhere: anatomy of a massive giant

The alarm clock is going off. A hand floats over the bedside table groping for the source of the sound: probably a cell phone and maybe one of the more than…

Brief History of Biometric Authentication

These days, biometric authentication seems to be part of every little gadget or device we use. You’ve no doubt used it when logging onto your laptop, your tablet, or your…

A beginner’s guide to software vulnerabilities

What are software vulnerabilities The number of devices connected to the Internet is growing every day. And among those devices we find not only computers and smartphones, but also an ever-rising…

The BleedingTooth vulnerability and other Bluetooth security risks

Have you ever heard of BleedingTooth? And we do not mean the really disturbing looking mushroom which goes by this name and is totally real (we double checked) but one of…

What's the Difference between Google TV and Android TV?

At the end of September, Google launched the renewal of its classic dongle. The new Google Chromecast didn't arrive alone, but added two very important innovations compared to the devices…

How to prevent your neighbor from hacking your Chromecast

Google Chromecast was born as a device to add Smart TV features to those that were not yet Smart TV, and with WiFi connectivity as one of the key features…

How to share your location using Plus codes on Google Maps for Android

Do you know what plus codes or plus codes on Google Maps are and what they are for? We tell you how they work and how to get them from anywhere. You…

The new features coming to the Google search engine in autumn 2020

Google has included important improvements in its search engine, applying Artificial Intelligence, to make it easier for users to find what they are looking for. It has also announced new…

We use our own and third-party cookies to improve our services, compile statistical information and analyze your browsing habits. This allows us to personalize the content we offer and to show you advertisements related to your preferences. By clicking "Accept all" you agree to the storage of cookies on your device to improve website navigation, analyse traffic and assist our marketing activities. You can also select "System Cookies Only" to accept only the cookies required for the website to function, or you can select the cookies you wish to activate by clicking on "settings".

Accept All Only sistem cookies Configuration