Google Dork is also known as Google hacking, is a hacker technique that uses the search engine of google and the other applications of Google to enlighten the security holes in the configuration and the computer codes that website use or we can also say that it is a search string that uses advanced search operators to find information that is not readily available on the website.
It locates the specific strings of text within search results by using advanced operators in the Google search engine. The more popular examples are finding specific versions of vulnerable Web applications. For example, all web pages would be located, which includes the particular text contained within them with just a query intitle:admbook intitle:Fversion filetype: PHP.
All the internet-connected devices could be found. For example, all the public web cameras will be found just by a search string such as inurl:”ViewerFrame?Mode=”. and there are many more like another useful search can be intitle:index.of followed by the search keyword, and after that, it will give the list of the files on the servers.
For example, all the mp3 files available on the various types of servers would be given by the query search intitle:index.of mp3.
Difference between Google and Google Dorks.
The main difference between Google and Google dork is that if we want some information on any particular topic than we will go to Google & type that we want to get that information. while in Google Dork it uses Search Sequence that uses Advance Operators to find the information that is not easily visible to the public.
List of Advanced Operators.
To exploit insecure websites, other similar advanced operators that can be used are:
Operators with a purpose to Search the Page Title:
- intitle: it can get mixed with other operators and can be used alone as well.
- allintitle: it also combines with other operators and also works alone.
These type of operators Search the URLs:
- inurl: it doesn’t search webs but searches images and is entirely in groups.
- alinurl: it is also like inurl, but it also explores webs.
Purpose of this type of operator is to Search the specific files:
- filetype/ext: it thoroughly searches in groups.
Purpose of these operators is to Search text of page only:
- intext: it is also similar to intext, which gets mixed with other operators as well as can be used alone.
- allintext: it does not combine with other operators.
These operators Search in ranges of something:
- numrange: it locates the range of numbers.
- daterange: it searches the range of dates.
You can get a complete list of 2000+ Google Dorks here.
Demerits of Google Dork.
Google dorks unwittingly create back doors by putting corporate information at risk, which allows attackers to gain access to unauthorized information by entering into the network without permission. The attackers use advanced search strings known as Google dork queries to locate sensitive information.
Uses of Google Dork
To narrow down search engine results, it is used by the researchers, IT administrators, and other professionals because it is built with advanced search operators. The search operators who are commonly used are:
1. site: restricts query results to a specific domain or website.
2. filetype: restricts query results to .pdf files or any other specific type of data.
3. intext: restricts the result to those content records that contain specific phrases or words.
There is some published information on the internet which are not meant to be found. But it can be found by any attacker by using complex queries because the search operators can be strung together. Google Dorking or Google hacking is known as the use of advanced search operators to find information that is not easily accessed through simple searches.
Syntax to find information:
1. Syntax to find the music:
-inurl:(htm|html|php) intitle:“index of” +“last modified” +“parent directory” +description +size +(extension) “song name”
(extension can be .mp3, .ogg, .wma and song name is the name of the song that you want).
2. Syntax to find the book:
-inurl:(htm|html|php) intitle:“index of” +“last modified” +“parent directory” +description +size +(extension) “book name”
(extension can be .pdf, .rtf, .txt, .chm, .doc, etc. and book name is the name of the book that you want).
3. Syntax to find the Modified Password List:
Intitle:“index of” passwords modified
READ MORE: 10 Best Laptops for Watching Netflix & Prime
As time goes by, you will be unlocking more new dorks of google. So, your duty is to keep yourself updated from time to time. So this was all about google dorks and how it works to filter specific searches. I hope you liked itechhacks articles. If we have missed out on any such useful information about either of the methods mentioned above, then please let us know about it in the comments section below. Cheers!