How to Hack Google

Google hacking

From Wikipedia, the free encyclopedia
Jump to navigationJump to search
Google hacking, also named Google dorking,[1][2] is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.

Basics[edit]

"Google hacking" involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. A search query with intitle:admbook intitle:Fversion filetype:php would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, "Powered by XOOPS 2.2.3 Final".
Devices connected to the Internet can be found. A search string such as inurl:"ViewerFrame?Mode=" will find public web cameras.
Another useful search is following intitle:index.of followed by a search keyword. This can give a list of files on the servers. For example, intitle:index.of mp3 will give all the MP3 files available on various types of servers.

Advanced operators[edit]

There are many similar advanced operators which can be used to exploit insecure websites:
OperatorPurposeMixes with Other Operators?Can be used Alone?WebImagesGroupsNews
intitleSearch page Titleyesyesyesyesyesyes
allintitle[3]Search page titleyesyesyesyesyesyes
inurlSearch URLyesyesyesyescompletelylike intitle
allinurlSearch URLyesyesyesyesyeslike intitle
filetypespecific filesyesyesyesyescompletely
intextSearch text of page onlyyesyesyesyesyesyes
allintextSearch text of page onlyyesyesyesyesno
siteSearch specific siteyesyesnoyesyescompletely
linkSearch for links to pagesyesyesyesyesyescompletely
inanchorSearch link anchor textyesyesyesyescompletelyyes
numrangeLocate numberyesyesyesyesyescompletely
daterangeSearch in date rangeyesyesyescompletelycompletelycompletely
authorGroup author searchyesyesyesyesyescompletely
groupGroup name searchyesyesyesyescompletely
insubjectGroup subject searchyesyeslike intitlelike intitleyeslike intitle
msgidGroup msgid searchyesyescompletelyyes

History of Google hacking[edit]

See also: Johnny Long § Google hacking
The concept of "Google hacking" dates back to 2002, when Johnny Long began to collect Google search queries that uncovered vulnerable systems and/or sensitive information disclosures – labeling them googleDorks.[4]
The list of Google Dorks grew into a large dictionary of queries, which were eventually organized into the original Google Hacking Database (GHDB) in 2004.[5][6]
Since its heyday, the concepts explored in Google hacking have been extended to other search engines, such as Bing[7] and Shodan.[8] Automated attack tools[9] use custom search dictionaries to find vulnerable systems and sensitive information disclosures in public systems that have been indexed by search engines.[10]

References[edit]

  1. ^ Term Of The Day: Google Dorking - Business Insider
  2. ^ Google dork query, techtarget.com
  3. ^ Karch, Marziah. "Allintitle Definition"About.com. About.com. Retrieved 29 February 2020.
  4. ^ "googleDorks created by Johnny Long". Johnny Long. Archived from the original on 8 December 2002. Retrieved 8 December 2002.
  5. ^ "Google Hacking Database (GHDB) in 2004". Johnny Long. Archived from the original on 7 July 2007. Retrieved 5 October 2004.
  6. ^ "Google Hacking for Penetration Testers, Volume 1". Johnny Long. Retrieved 20 February 2005.
  7. ^ "Bing Hacking Database (BHDB) v2". Bishop Fox. Retrieved 27 August 2014.
  8. ^ "Shodan Hacking Database (SHDB) - Part of SearchDiggity tool suite". Bishop Fox. Retrieved 21 June 2013.
  9. ^ "SearchDiggity - Search Engine Attack Tool Suite". Bishop Fox. Retrieved 27 August 2014.
  10. ^ "Google Hacking History". Bishop Fox. Retrieved 27 August 2014.

External links[edit]

Comments

Post a Comment

Popular posts from this blog

WordPress Vs Blogger: Which Blogging Platform Is Right For You

Image
Skip to primary navigation Skip to main content Skip to footer WordPress Vs Blogger: Which Blogging Platform Is Right For You? David Hartshorne Last Updated:  February 19, 2020 What’s the best blogging platform? It’s a frequent question received here on Blogging Wizard. And with so many blogging platforms available it’s an entirely valid question. But what suits one person, won’t suit another. So to help you overcome your selection headache, we’ve compared WordPress and Blogger. And what’s more, we’ve included both flavors of WordPress, so there are three great blogging platforms for you to mull over. Let’s get started: Contents Blogger Blogger was founded in 1999 by Pyra Labs and acquired by Google in 2003. By 2006, every account was hosted on Google’s servers, making the platform a lot more reliable. Blogger or BlogSpot? Before we go any further, let’s clear up any confusion regarding the terms  Blogger  and  BlogSpot . ...
Read more

nstagram to help creators profit directly from videos, in direct competition with YouTube

Image
Instagram to help creators profit directly from videos, in direct competition with YouTube Starting next week, Instagram will show ads before clips that run on its IGTV service for longer-form videos. The company plans to share 55% of the revenue with creators. SARAH FRIER 28 May, 2020 Representational photo | Pixabay San Francisco:  Instagram will let creators profit directly from their videos, helping popular users generate more revenue during the Covid-19 crisis, while moving into more direct competition with YouTube. Starting next week, Instagram will show ads before clips that run on its IGTV service for longer-form videos. The company plans to share 55% of the revenue with creators, the same portion that YouTube gives its stars. The company will also start testing a way for users to sell digital badges in their live videos. If viewers buy a badge, their names will stand out among fans’ comments, designating them as supporters. The video host will receive all the money directl...
Read more