Google Dorks

0

 


Let's learn about Google Dorks

 

What is Google Dork ?

 

It is an act of searching using google.com to find anything that is left behind by sys-admin or web developer, which is not meant to be public consumption.

 

OR

 

It is basically a search string that uses advanced search query to find information that are not easily available on the websites.

 

Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries

 

Special google search operators

 

Before starting with google dorks, you need to have a basic understanding of a few special google search operators and also how it functions.

 

1. intitle:

This will ask google to show pages that have the term in their HTML title.

 

2. inurl:

Searches for specified term in the URL. For example: inurl:register.php

 

3. filetype:

Searched for a certain file type. Example: filetype:pdf will search for all the pdf files on the websites.

 

4. ext:

It works similar to filetype. Example: ext:pdf finds pdf extension files.

 

5. intext:

This will search the content of the page. This works somewhat like plain google search

 

6. site:

This limits the search to a specific site only. Example: site:abc@d.com will limit search to only abc@d.com.

 

7. Cache:

This will show you cached version of any website. Example: cache: aa.com

8*

This works like a wildcard. Example: How to * sites, will show you all the results like “how to…” design/create/hack, etc… “sites”

 

Image 1

Basic Formula of Dork

 

"inurl:."domain"/"dorks" "

 

Here ⇒

 

"inurl" ⇒ input URL 

"domain" ⇒ your desired domain. e.g. ⇒ .gov 

"dorks" ⇒ your dork of your choice

 

Useful Google Dorks Example

 

  1. “Index of /admin” 
  2. “Index of /cgi-bin” 
  3. “Index of /credit-card” 
  4. “Index of /logs” 
  5. “Index of /config” 
  6. “Index of /admin.asp” 
  7. “Index of /login.asp” 
  8. “Index of /passwd” 
  9. “Index of /password” 
  10. “Index of /” + passwd 
  11. “Index of /” + password.txt 
  12. “Index of /secret” 
  13. “Index of /confidential” 
  14. “Index of /root”

Syntax “intitle:”, “allintitle:” combination:

 

  1. intitle: “Index of” .sh_history 
  2. intitle: “Index of”.bash_history 
  3. intitle: “Index of” passwd 
  4. intitle: “Index of” people.lst 
  5. intitle: “Index of” pwd.db 
  6. intitle: “Index of” etc/shadow 
  7. intitle: “Index of” htpasswd 
  8. allintitle: sensitive filetype:doc 
  9. allintitle: restricted filetype :mail 
  10. allintitle: .php?filename= 
  11. allintitle:.php?page= 
  12. allintitle: .php?logon=
Tags

Post a Comment

Previous Post Next Post