Thursday, February 29

What is Google Dorking



With the technological advancement of society, everyone can use Google, one of the most popular search engines used. In our day to day we use Google to search for information, data and other resources, but it is not limited to this.

The idea of ​​using Google as a hacking tool or platform is not new, and hackers have been taking advantage of this popular search engine for this type of action for years, although there does not always have to be a bad intention behind it.

In this report we will explain in depth what does this technique consist ofnot very well seen in the world of security and is widely used by researchers to obtain information beyond what we can find in the search engine by entering four words.

What is Google Dorking?

Google Dorking, also known as Google hacking, refers to the use of techniques in this large web search engine to hack vulnerable sites or search for information that is not available in public search results. If we talk about the legal part, it is usually used by journalists, researchers and of course in the field of cybersecurity.

Basically what we are doing is taking the search engine to its limits to find unprotected sensitive information on any topic.

To understand the context of the word, a Google Dork is an employee who unintentionally posts sensitive company information on the Internet. A “dork” is a slang term for someone who is quite inept.

A normal Google search involves a keyword, a phrase, or a question. But, in Google dorking, this person uses special operators to enhance the search and command it to search for files or website misconfigurations.

Google Dorking is not hacking in itself, although be very careful with the intentions with which it is done. Hackers can use this type of technique and other cyber-attacks to access illegal data or exploit security flaws in websites, which is why this technique is taking on a negative connotation in the security community.

Also Read  "Have you tried restarting?": the magical solution of computer scientists is not a myth and there is a technical explanation

It is worth mentioning that the Dorking, It is not something exclusive to Google. Other search engines like Bing or DuckDuckGo also work with this technique.

How hackers use Google Dorking to hack websites

Google dorking involves the use of special parameters and search operators called “dorks” to reduce search results and look for exposed sensitive data and security holes in websites.

Parameters and operators direct the crawler to search for specific file types at any specified URL, resulting in open FTP servers, government documents, accessible cameras, passwords…

To use Google Dorking we will have to use the search bar and enter the already named “dorks” and keywords to filter by, and the more we include, the better and more refined the result will be.

Those who are going to enter this search, will employ operators. These are commands that are used to filter the information that is indexed in different ways, allowing what is known as an advanced search.

Most used Google Dorking operators and examples of use

They will be seen below some of the most used operators and their purpose. Furthermore, as we have already mentioned, it is interesting to note that the use of operators can be combined to make the search more precise.

COMMAND ACTION EXAMPLE
untitled allows a hacker to search for pages with specific text in their HTML title intitle: “login page”
allintitle similar to the previous operator, but only returns the results of the pages that meet all the criteria of the keyword allintitle:Google Dorks
inurl allows you to search for pages based on the text contained in the URL inurl:dorking
allinurl similar to above, but only finds all the specified words in a URL allinurl:Google Dorks
filetype helps limit search results to specific files, such as PHP, PDF, or TXT filetype:pdf
ext similar to filetype, but this operator searches for files based on their extension ext:pdf
intext searches all content on a given page for the given keywords intext:password
allintext requires the page to match all given keywords allintext: passwords
if you limits the scope of the query to a single website site:computerhoy.com
wildcard operator finds pages that contain anything related to the search term
site:*computerhoy.com Subtraction operator (-): remove unwanted search results
cybersecurity -Computerhoy Quote operator (“”) exact match search
“Computer today” cache It will show the cached version of the website in question
cache:computerhoy.com OR Logical operator, can also be represented by |
Also Read  'Guild Wars 2' already has an arrival date on Steam and it's just what it needed to prove (even more) its worth as an MMORPG

ext:pdf OR ext:txt

Now that you know some of the most used operators, we are going to leave you with some useful examples since combined, you can generate great results.

For example, if we want to search for a PDF on a specific topic such as fake news, we can use the following operators: “fakenews” filetype:pdf.

On the other hand, if what we want is to search for references to a website that is outside of it, we could use these operators: intext:computerhoy.com-site:computerhoy.com. To find more examples of Dorks, GHDB is a fantastic resource.

GHDB (Google Hacking DataBase) is an open-source project that compiles a series of known dorks that can reveal interesting and probably confidential information that is publicly available on the Internet.

This project is maintained by Offensive Security, a well-known organization in the world of cybersecurity. Within this project you will be able to see quite advanced dorks classified in different categories and that will undoubtedly be useful when carrying out investigations. One important aspect to highlight is that, as this has normally been used by hackers to enter vulnerable sites and extract personal information, Google has introduced a captcha in this process. So,

it is quite likely that you will come across the following message.

You will have to enter a captcha almost every time you use a dork. In this way, Google prevents bots from using Google for illegal purposes.

Is Google Dorking Illegal? Although it may seem intimidating, Google dorking it is not an illegal activity

and you will not end up in jail for using it, because if you use it responsibly, it will only serve to refine your search results and not to infiltrate an organization. Now keep in mind that Google is tracking your searches all the time, so

Also Read  17 applications to flirt or find your better half

if you access sensitive data or perform searches with malicious intent, Google will have you on file.

If you want to do some kind of deeper search to rescue data or gain access to a restricted site, try to have prior authorization.

Prevent others from Google Dorking with you

As we have already seen throughout this report, these types of techniques are used to collect information that is not well protected.

Some of the best ways we can do to keep ourselves or our company from being vulnerable are to encrypt sensitive data, such as usernames, passwords, payment information, messages, addresses and phone numbers. Of course, occasionally review or have personal information on your website and evaluate if there is any data subject to being collected by a “hacker”.

This is known as egosurfing, that is, looking for ourselves and seeing what information is being made public without wanting it.

If so, we should review the privacy settings and if, for example, we are making something public through Google Drive, or if it is our own website, edit the robots.txt file

Leave a Reply

Your email address will not be published. Required fields are marked *