Call Now

Send Message[email protected]

Our LocationHyderabad, Telangana

GOOGLE DORKS

Google hacking, also named Google Dorking, is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that website are using.

Google hacking involves using advanced operators in the Google search engine to locate specific errors of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. A search query with (inurl:hacker , intitle:version, filetype:pdf, mp4 etc..) would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve.

Devices connected to the Internet can be found. A search string such as inurl:”ViewerFrame?Mode=” will find public web cameras.

Another useful search is following intitle:index.of followed by search keyword. This can give a list of files on the servers. For example, intitle:index.of mp4 will give all the MP3 files available on various types of servers.

You can use symbols or words in your search to make your search results more precise.

Note:

  • Google Search usually ignores punctuation that isn’t part of a search operator.
  • Don’t put spaces between the symbol or word and your search term. A search for site:mysite.com will work, but site: com (it won’t work).

Google Advanced Operators:

Beyond the basic searching techniques explored in the previous chapter, Google offers special terms known as advanced operators to help you perform more advanced queries. These operators used properly, can help you get to exactly the information you’re looking for without spending too much time poring over page after page of search results. When advanced operators are not provided in a query, Google will locate your search terms in any area of the web page, including the title, the text, the Uniform Resource Locator (URL), or the like. We will take a look at the following advanced operators in this chapter:

List of Google Advanced Operators:

  • intitle, allintitle
  •  inurl, allinurl
  •  filetype
  • allintext
  • site
  • link
  • inanchor
  • daterange
  • cache
  • info
  • related
  • phonebook
  •  rphonebook
  • bphonebook
  • author
  • group
  • msgit
  • insubject
  • stocks
  • define

Operator Syntax:

  • There is no space between the operator, the colon, and the search term. Violating this syntax can produce undesired results and will keep Google form understanding what you are trying to do. In most cases, Google will treat a syntactically bad advanced operator as just another search term. For example, providing the advanced operator intitle without a following colon and search term will cause Goolge to return pages that contain the word.
  • The search_term portion of an operator search follows the syntax discussed in the previous chapter. For example, a search term can be a single word or a phrase surrounded by quotes. If you use a phrase, just make sure there are no spaces between the operator, the colon, and the first quote of the phrase.
  • Boolean operators and special characters (such as OR and +) can still be applied to advanced operator queries, but be sure they don’t get in the way of the separating colon.
  • Advanced operators can be combined in a single query as long as you honor both the basic Google query syntax as well as the advanced operator syntax. Some advanced operators combine better than others, and some simply cannot be combined. We will take a look at these limitations later in this chapter.
  • The ALL operators (the operators beginning with the word ALL) are oddballs. They are generally used once per query and cannot be mixed with other operators.
Examples of valid queries that use advanced operators include these:
  • Intitle:Google – This query will return pages that have the word Google in their title.
  • Intitle:”index of” – This query will return pages that have the phrase “index of ” in their title. Remember from the previous chapter that this query could also be given as “intitle:index.of’’, since the period serves as any character. This technique also makes it easy to supply a phrase without having to type the spaces and the quotation marks around the phrase.
  • Intitle:“index of ” private – This query will return pages that have the phrase “index of” in their title and also have the word “private” anywhere in the page, including in the URL, the tile, the text, and so on. Notice that “intitle” only applies to the phrase “index of” and not the word “private” since the first unquoted space follows the phrase “index of”. Google interprets that space as the end of your advanced operator search term and continues processing the rest of the query.
  • intitle: “index of” “backup files” – This query will return pages that have the phrase “index of” in their title and the phrase “backup files” anywhere in the page, including the URL, the title the text, and so on. Again, notice that “intitle” only applies to the phrase “index of”.

Example:

Inurl:”ViewerFrame?Mode=

filetype:pdf hacking books

inurl:id=

inurl:telugu mp4

Google Hacking Database:

Hackers use Advanced Google Hacking methods to get the more information about the targeted industry, person or website with the help of advanced Google Hacking techniques.

The website called www.exploit-db.com have the option of Google Hacking Database(GHDB) is a compendium of Google hacking search terms that have been found to reveal sensitive data exposed by vulnerable servers and  web applications. The GHDB was launched in 2000.