What is Google hacking?
A few days back, one of our readers asked me to write about Google Hacking in detail. So, I thought to write on Google Hacking. In this article, I will talk about Google Hacking and the use of it to hack a target application.
What is Google hacking?
Google Hacking is not the hacking of Google. It means hack with the help of Google. As we know that Google is the most popular and powerful search engine. It crawls and indexes all websites available on the internet. So, you can use specific Google searches to get more data, security holes and sometimes sensitive data of the target you want to hack.
Google Hacking involves the use of advanced Google search operators to find specific information. This concept was first noted by Johnny Long back in 2002 when he outlined how Google’s search operators can leak sensitive data of a website. He also created the list of various Google search operators and usage of those operators in hacking.
Before knowing how to use Google search operators for hacking, you should first know about basic Google search operators. Google search operators used in Google Hacking are also known as Google Dorks. If you already know about these search operators, you can skip this section.
Google Search Operators
advance search operator syntax is something like this:
These some Common Google Search Operators:
Site search operator is used to search within a website. If you want to search something within a website, you can use site search operator direct on Google search. Suppose you want to search for “Keyword” on usethistip.com, use this operator as given below
Google will show your pages from usethistip.com which have the keyword in content. Don’t add any spaces between the operator and your query. Otherwise it will not work. And use it in small cases.
Keyword site: usethistip.com
It will not work because of space between operator and domain name.
filetype search operator us used to find a specific tupe of file. Just add extension after the operator to perform search.
It will search only PDF files.
This search operator displays the cache version of a URL. Just add URL after the cache: operator.
If you use inurl operator, it will restrict the search within the URLs which contains the search term.
This operator is used to find results only if the specific keyword is in title.
This operator is the advanced version of intitle operator. It is used to find results with all given keywords in the title.
allintitle: data recovery
This operator is used to find pages with the specified keyword.
If you start your query with allintext: operator, you will get results with all the query terms specified in the search.
Read this article to learn all Google search Operator
Now we will see how to use these search operators. We can combine these search operators to find sensitive information about a website.
Google Dorks for Google Hacking
To Find Admin Login pages, We can try something like this:
- intitle:”Admin” inurl:”login”
- intitle:”Administrator” inurl:”login”
- allintitle:”Admin login” inurl:”login”
- inurl:admin intitle:login
Try something like these operators to Find sql backup files
- backup filetype: sql
- inurl:backup filetype:mdb
The above dork will search for backup files with extension sql. You are most likely to get the database dump. Finding usernames You can search for log files to find usernames for making dictionary attack. Try this dork
- allintext:username filetype:log
- filetype:log username putty
- Finding files with passwords
- inurl:passwd filetype:txt
- filetype:dat “password.dat”
- filetype:log inurl:”password.log”
- filetype:xls username password email
- Find Target for SQL injections
- inurl:”id=” & intext:”Warning: mysql_fetch_assoc()
- inurl:”id=” & intext:”Warning: mysql_fetch_array()
- inurl:”id=” & intext:”Warning: mysql_num_rows()
- intitle:phpMyAdmin “Welcome to phpMyAdmin ***” “running on * as [email protected]*”
- intitle:phpMyAdmin “Welcome to phpMyAdmin ***” “running on * as r[email protected]*”
There can be thousands of combination. It detepends on your thinking. You can create any kind of Google dork to find specific data from pages Google can index.
See the list of thousands of Google search operators on Exploit DB.