Google hacking, also named Google dorking, is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.
BASICS
Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. The following search query would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, “Powered by XOOPS 2.2.3 Final”.
The following search query will locate all websites that have the words “admbook” and “version” in the title of the website. It also checks to ensure that the web page being accessed is a PHP file.
intitle:admbook intitle:Fversion filetype:php
One can even retrieve the username and password list from Microsoft FrontPage servers by inputting the given microscript in Google search field:
"#-Frontpage-" inurl:administrators.pwd
or filetype:log inurl password login
Devices connected to the Internet can be found. A search string such as
inurl:"ViewerFrame?Mode=" will find public web cameras.
Another useful search is following
intitle:index.of followed by a search keyword. This can give a list of files on the servers. For example, intitle:index.of mp3 will give all the MP3 files available on various servers.
Welcome to the Google Hacking Database (GHDB)!
We call them ‘googledorks’: Inept or foolish people as revealed by Google. Whatever you call these fools, you’ve found the center of the Google Hacking Universe!
Advisories and Vulnerabilities
These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.
These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.
Error Messages
Really retarded error messages that say WAY too much!
Really retarded error messages that say WAY too much!
Files containing juicy info
No usernames or passwords, but interesting stuff none the less.
No usernames or passwords, but interesting stuff none the less.
Files containing passwords
PASSWORDS, for the LOVE OF GOD!!! Google found PASSWORDS!
PASSWORDS, for the LOVE OF GOD!!! Google found PASSWORDS!
Files containing usernames
These files contain usernames, but no passwords… Still, google finding usernames on a web site..
These files contain usernames, but no passwords… Still, google finding usernames on a web site..
Footholds
Examples of queries that can help a hacker gain a foothold into a web server
Examples of queries that can help a hacker gain a foothold into a web server
Pages containing login portals
These are login pages for various services. Consider them the front door of a website’s more sensitive functions.
These are login pages for various services. Consider them the front door of a website’s more sensitive functions.
Pages containing network or vulnerability data
These pages contain such things as firewall logs, honeypot logs, network information, IDS logs… all sorts of fun stuff!
These pages contain such things as firewall logs, honeypot logs, network information, IDS logs… all sorts of fun stuff!
sensitive Directories
Google’s collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!
Google’s collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!
sensitive Online Shopping Info
Examples of queries that can reveal online shopping info like customer data, suppliers, orders, creditcard numbers, credit card info, etc
Examples of queries that can reveal online shopping info like customer data, suppliers, orders, creditcard numbers, credit card info, etc
Various Online Devices
This category contains things like printers, video cameras, and all sorts of cool things found on the web with Google.
This category contains things like printers, video cameras, and all sorts of cool things found on the web with Google.
Vulnerable Files
HUNDREDS of vulnerable files that Google can find on websites…
HUNDREDS of vulnerable files that Google can find on websites…
Vulnerable Servers
These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the “Vulnerable Files” section.
These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the “Vulnerable Files” section.
Web Server Detection
These links demonstrate Google’s awesome ability to profile web servers..
These links demonstrate Google’s awesome ability to profile web servers..
ADVANCED OPERATORS
There are many similar advanced operators which can be used to exploit insecure websites:
| Operator | Purpose | Mixes with Other Operators? | Can be used Alone? | Web | Images | Groups | News |
|---|---|---|---|---|---|---|---|
| intitle | Search page Title | yes | yes | yes | yes | yes | yes |
| allintitle | Search page title | no | yes | yes | yes | yes | yes |
| inurl | Search URL | yes | yes | yes | yes | not really | like intitle |
| allinurl | Search URL | no | yes | yes | yes | yes | like intitle |
| filetype | specific files | yes | no | yes | yes | no | not really |
| allintext | Search text of page only | not really | yes | yes | yes | yes | yes |
| site | Search specific site | yes | yes | yes | yes | no | not really |
| link | Search for links to pages | no | yes | yes | no | no | not really |
| inanchor | Search link anchor text | yes | yes | yes | yes | not really | yes |
| numrang e | Locate number | yes | yes | yes | no | no | not really |
| daterange | Search in data range | yes | no | yes | not really | not really | not really |
| author | Group author search | yes | yes | no | no | yes | not really |
| group | Group name search | not really | yes | no | no | yes | not really |
| insubject | Group subject search | yes | yes | like intitle | like intitle | yes | like intitle |
| msgid | Group msgid search | no | yes | not really | not really | yes | not really |
No comments:
Post a Comment