hello my dear colleagues, I made a visit to nullbyte and found that there is not a complete tutorial about the google dorks, so I felt the need for this tutorial, and seeing that there are many newbies around, so here's a tutorial that will teach you how to use google to hack.
1-HISTORY
The concept of "Google Hacking" dates back to 2002, when Johnny Long began to collect interesting Google search queries that uncovered vulnerable systems and/or sensitive information disclosures - labeling them googleDorks. some people call it googlehacking.
Google: If you still do not know what is google, then you need to take a crash course in "how to use the internet"
Dork:Someone who has odd interests, and is often silly at times.
A dork is also someone who can be themselves and not care what anyone thinks
In my opinion A Google dork is an employee who unknowingly exposes sensitive corporate information on the Internet.
As a passive attack method, Google dorking can return usernames and passwords, email lists, sensitive documents, personally identifiable financial information (PIFI) and website vulnerabilities.
That information can be used for any number of illegal activities, including cyberterrorism, industrial espionage,identity theft and cyberstalking
2-OPERATORS
as well as programming, google dorks also has its operators, I will not be able to show all operators but here are the most commonly used Operators.
Lets take a look at the special google search operators that are used to construct those high powered google hack search terms.
intitle
Specifying intitle, will tell google to show only those pages that have the term in their html title. For example intitle:"login page" will show those pages which have the term "login page" in the title text.
allintitle
Similar to intitle, but looks for all the specified terms in the title.
inurl
Searches for the specified term in the url. For example inurl:"login.php".
allinurl
Same as inurl, but searches for all terms in the url.
filetype
Searches for specific file types. filetype:pdf will looks for pdf files in websites. Similarly filetype:txt looks for files with extension .txt
ext
Similar to filetype. ext:pdf finds pdf extension files.
intext
Searches the content of the page. Somewhat like a plain google search. For example intext:"index of /".
allintext
Similar to intext, but searches for all terms to be present in the text.
site
Limits the search to a specific site only. site:nullbyte.com
3- THE FORMULA OF GOOGLE DORKS
Dorks : They are like search criteria in which a search engine returns results related to your dork.
The process can be a little time consuming, but the outcome will be worth it after learning on how to use dorks.
Basic Formula of dork,
"inurl:."domain"/"dorks" "
So you would normally understand it like this:
"inurl" = input URL
"domain" = your desired domain ex. .gov
"dorks" = your dork of your choice
Here is another example of that
You can use following words instead of inurl :
intitle:
inurl:
intext:
define:
site:
phonebook:
maps:
book:
froogle:
info:
movie:
weather:
related:
link:
All these also help yo find other things then vulnerables.
Anyway now I am going to explain you how to use some for finding vulnerability in websites.
INTITLE:
You can use the intitle to find anything in the title of the website. Which also could be usefull to find downloads or anything else.
intitle: index of mp3
This is an example to download mp3 songs for free.
INURL:
The inurl basicly looks for anything after the : in the site urls.
inurl:index.php?id=
INTEXT:
you can find literally everything using intext, you could even use the inurl dorks whit this.
intext:"Design & Developed By Seawind Solution Pvt.Ltd."
Google will give you all the websites created by IT Masons taht recently has bypass Admin Page Vulnerability in some websites,
to try just choose a target from google and add this to the url /adminpanel/
And fill username and password like the information below :
Username : '=' 'OR'
Password : '=' 'OR'
and you will get the admin panel of the website some example:
http://www.vulnerablewebsite.com/adminpanel/index.php
DEFINE
Google will define this massage and will look for what had this error for example,
define:"sql syntax error"
SITE:
Obvious, when we will use it, google will looks for a site .
site:wonderhowto.com
Google will look for any site related with wonderhowto.
PHONEBOOK:
It will look for the phone number related to me, so use your victims name or yours instead.
phonebook:Mrnakupenda
MAPS:
Google will look on google maps for your search.
BOOKS:
Google has an online library store. If you want to find interesting books use this dork.
book:java language
This will look for any book gogole hase indexed whith java language in it.
FROOGLE:
Used for froogle search instead of google.
INFO:
google looks for anything you inputted but only information about string which you have puted next to info: .
info:firefox
Above dork will show you alot off things about firefox like what is firefox etc.
MOVIE:
You can find information about movies on google using this dork.
movie:watch Transformers online
WEATHER:
You can find information about weather on google using this dork.
weather: 01/08/2015 london
RELATED:
This will look for anything related to what you have entered next to related: .
related:hacking
Google responds whith sites about hacking stuffs.
LINK:
This one will works better instead of only looking in search url, it will also look in the site for urls that possibly are vulnerable.
link:index.php?id=
This is verry usefull I would say even more then inurl.
Vulnerability Approach :
Once you search website using above dorks, now its time to check whether the website is vulnerable to SQL injection or not, we simply put in a quote " ' " at the end of the url address.
So our site will look like this,
http://www.site.com/index.php?id=123;
i will explain how to proceed advanced sqli in the next tutorial
4-SOME EXTRAS
As far as i researched Google Dorks can help us getting the data of many websites.
These are some Google Dorks which can affect our online business:
site:.com intitle:"Thank You For Your Order" intext:Click Here to Download
site:.com intitle:"Thank You For Your Purchase" intext:Click Here to Download
intitle:Thank you for your Purchase! intext:PLR OR MRR OR Package OR Bonus
inurl:/thankyou.html intitle:Thank you for your order! intext:Click Here to Download
5-CONCLUSION
Google dorks are very important, so I advise before you start your exploits against a particular victim the best way is to use google and see what you can find about the victim, and believe me, byt using google, a lot of times I did not even turn on Linux kali, by simple search on google, I found the password of my victim.
6- USEFUL WEBSITES
As far as i researched the best website for fresh google dorks is the exploit db website https://ww.exploit-db.com
here you will find fresh google dorks and you can also submits yours.
another cool website is http://www.google-dorking.com
you can also mention some websites here
to say that the best way to learn is by teaching, so I'm here to share what I know, and as always
I hope you will make correction where I'm wrong, because it is from mistakes that we learn ..
MrNakup3nda
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
12 Comments
Nice article! The dork definition makes me feel like a dork.
me 2 sometimes
Great tutorial, thanks.
Then, you can meet Shodan.
i kno shodan, its a banner grabber, but really danger too, i know the basics of the query usin shodan, but an advanced tutorial would b nice
Great article!
If anyone is interested in seeing Googledorking in action, this video shows you how it's done. The script fuckshitup used in the video can be found here.
I haven't forgot about you Windows users.
Here is a screenshot of fuckshitup running on Windows 7.
The script can be found here (Windows only).
Here is a link to fsu usage.
Was looking around for an article on this since I was away for a while. Nice to see how comprehensive and to the point it is. :)
A very decent article. I had never before heard of Googledorks. I can't wait to try out all those new search terms to see what I can find.
Please I will need a guide on hoe to extract a website database details. anyone with good info should let me know.
Hi, I have made a tool aim at simplifying the use of google advanced search .
Here is the web http://www.betterxin.com.
I believed our site will be a great addition to your content. So I was wondering that if you were willing to add our link to this page.
Thank you for your consideration.
Great!
It's very informative please can I follow you to learn security in any area you will like to take me through and how can I follow you
Share Your Thoughts