What is Google Dorking?
Google Hacking is also known as Google Dorking is a hacker technique that uses Google search and other Google applications to gain access to sensitive information like usernames, passwords, and even credit card details that did not intend to make publically available by others. Because of the tremendous web crawling capabilities of Google, it can index almost anything within any website. So, hackers use a search string that uses advanced search queries called Google ‘Dork’ to find this sensitive information.
Google search operators
Google Dorking is performed by special search operators. So, before starting with google dorks you need to have basic understanding of a few of them
- intitle
This operator will show HTML pages with certain words.
Example: intitle:apple
- inurl
Find URLs contains certain words.
Inurl:apple
- filetype
Shows results with certain filetype
Example: username filetype:txt
- intext
Find pages containing certain words
Example: intext:car
- site
Limit the search results to a single site that we provide with the operator.
Example: site:menofletter.com
- cache
This will show you a cached version of a website.
Example: cache:menofletter.com
The basic formula of a dork as follows:
“search operator1:<value>search operator2:<value>”
Example: allintext:password filetype:xlsx after:2020
How Google Dorks helps in Ethical Hacking and Penetration Testing?
No one can hack websites using Google dorks. But If you are not properly configured your robot.txt file, then google will index all the information available on any website. A skillful hacker can gather information like vulnerable services, log files, database details, etc using the proper combination of Dorks.
Examples of Google Dorking
1. Explore log files using the following Dork
allintext:username filetype:log
This will show different log files available on the websites. Log files like access logs, error logs, etc. Hackers can gather sensitive information from these files and use them for various attacks against the target.
2. Find vulnerable web servers
inurl:/proc/self/cwd
The above dork will display hacked servers or servers with vulnerabilities.
3. Find open FTP servers
intitle:”index of” inurl:ftp
This dork shows open FTP servers which can reveal sensitive directories and information.
4. Email lists
filetype:xls inurl:”email.xls”
The above dork will fetch excel files that contain emails addresses
There are different kinds of dork combinations you can try and you can find different types of google dorks in the google hacking database in Exploit-db.com
