0 0
Read Time:3 Minute, 11 Second

pretty much google dorks can be risky to your information and your website i will show you how on this article , first of all what is google dorks ?

What is Google Dork? It is basically a search string that uses advanced search query to find information that are not easily available on the websites. It is also regarded as illegal google hacking activity which hackers often uses for purposes such as cyber terrorism and cyber theft
In other words: Google “Dorking” is the practice of using Google to find vulnerable web applications and servers by using native Google search engine capabilities. Unless you block specific resources from your website using a robots. txt file, Google indexes all the information that is present on any website

Before starting with google dorks, you need to have basic understanding of few special google search operators and also how it functions.

  1. intitle:

This will ask google to show pages that have the term in their html title.

2. inurl:

Searches for specified term in the URL. For example:inurl:register.php

3. filetype:

Searched for certain file type. Example: filetype:pdfwill search for all the pdf files in the websites.

4. ext:

It works similar to filetype. Example: ext:pdf finds pdf extension files.

5. intext:

This will search content of the page. This works somewhat like plain google search

6. site:

This limits the search to a specific site only. Example: site:[email protected] will limit search to only [email protected].

7. Cache:

This will show you cached version of any website. Example: cache: aa.com

8. *

This works like a wildcard. Example: How to * sites, will show you all the results like “how to…” design/create/hack, etc… “sites”

an example of bad use for that is this one  of dorks that used to search for database backup ! we will not show it for security reasons  this dork will order google to search for sql format files which contains username and password !!

you may think it is not possible , actually its working !! some website when they do a backup for the database they safe an online version on the website files , and without right robots.txt file orders google will index that , and then  a backup of your database are available to every one !!

also some attackers use google dorks to find websites with SQL injection exploit ! and they order google to get the website using php programming language using file type .php and have iD in the url using inurl order , also you can search in any country websites for that using location order or by using site: option by adding the domain  country tld (Top-level domain) for example .us is for united states of America  and .ru is for russia

Explore Specific websites with specific domains

Let’s say you want to explore websites or certain organization that has certain domain. You can simply do that by entering the following code:

Example: “inurl:.gov/index.php?id=”

You can use the above example to explore all the list of government sites. You can also replace inurl: with some other google search operators for interesting results.

How can Google Dork Cyber Security Enthusiast?

Google almost indexes everything connected with the internet, which also includes different private informations of misconfigured services. This can often be useful as well as equally harmful at the same time. You need to make sure that do not log in to any of the services, even if the password is exposed, as this could get you into trouble because you don’t have permission.

However, if you have something hosted online, you can use some of the dork commands on your domain just to make sure you did not left anything exposed that hacker can use to get you.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Previous post Understanding how SQL injection can be so dangerous
Next post super ways to protect wordpress website

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published. Required fields are marked *

Close