Google Dorking: AmIDoinItRite?

Jan 14, 2012 08:47 AM

What is Google Dorking?

Well, simply put, "Google Dorking" is just an efficient way to utilise keywords in order to perform very specific searches on a given subject. In this case, one would look for websites/servers that are vulnerable to attacks or are configured improperly by using specific search criteria that should yeild results, should it find matches to known mistakes/errors in a website or webserver.

Let's face it, some admins leave security settings as their default without much thought, when say they set up a MYSQL database, and that's where hackers find an opening.

The keywords used are varied and many, and when used properly can bring you straight to a website riddled with holes. A recent article at Gizmodo details how hackers found an unprotected FTP server and stole 43k social security numbers of students and faculty.

Your First Dorkage

Right, what's the point of theory, when practice just kicks so much ass? Let's fire up guglz in a new tab/window and type this in:

admin account info" filetype:log

The very first result that I got was this:

As you can see, we found a server log. Neat.

Let's 1-up ourselves...

Type in:

"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd

The first website I got was:

And the address is: http://www.jacobswartz.com/_vti_pvt/service.pwd

takes you to a username and password file.

Now if you just delete the service.pwd bit, and leave - http://www.jacobswartz.com/_vti_pvt/

It will take you here:

A whole directory. Yay.

Another example?

"index of/" "ws_ftp.ini" "parent directory"

Third result from the top, takes us to the parent dir of a Virginia University webpage.

So, even though what we did right now was searching for stuff, we have accessed some very low key areas of a few websites, but I am assuming the authors of those pages intended them not to be public.

To be perfectly honest, you can spend hours running different queries, and come up with f*ck-all, but you can also get lucky. If you know specifically what you set out to do, build your queries on that thought. Then find something that looks like it's prone to an sql injection (see pic).

A comic strip featuring a person humorously addressing computer troubles at a school, discussing broken items and playful names.

...or another type of exploit and pound away.

Now that (hopefully) I have gotten you interested in this, why don't you check out the links below for a HUGE listing of dorking queries, which you can either use as-is or improve upon or adapt to your needs! Go forth and wreak havoc!

Nah just kidding, as with all hacks/exploits, don't do anything to anyone that you don't want done to you.

But... I encourage you to learn while utilising this technique. After all, smart people learn from the mistakes of others.

Should you find something missing from the article, or if you wish to express your critique, please leave me a comment at the bottom of the page.

Cheerio!

Mr.F

Resources and Further Reading

Also check out this WonderHowTo link to a video on how Dorking works.

The next big software update for iPhone is coming sometime in April and will include a Food section in Apple News+, an easy-to-miss new Ambient Music app, Priority Notifications thanks to Apple Intelligence, and updates to apps like Mail, Photos, Podcasts, and Safari. See what else is coming to your iPhone with the iOS 18.4 update.