Theme images by MichaelJay. Powered by Blogger.


Subscribe Via Email

Sign up for our newsletter, and well send you news and tutorials on web design, coding, business, and more! You'll also receive these great gifts:

AD (728x60)

Follow on Google+

Recent Posts

Popular Posts


Follow on Facebook

Flickr Images

A Theme For

Follow Me on

Flickr Photos

Featured Post (TOP)

Like Us

Popular Posts

Monday, 23 March 2015

Google Dorks Part 1


USING “GOOGLE DORKS”  For reconnaissance

Google hacking is indeed the best way for passive reconnaissance. The best part is you cannot be traced! Those who are new to the phase “Google Dorks” let me give you an introduction to Google search engine and Google dorks.
Google is the most used search engine in this world because of it’s most efficient response. Google has some bots which crawl all over the net and copy almost all content available on databases to Google’s database. Therefore, it gives you the response when you type a word on Google search, it just checks its database and gives the response as you desire!

Hackers that desire to use the Google search engine for reconnaissance purpose need to know Google Basics such as modifiers and operators.
Principal search modifiers are:
Requires a term to match exactly
Avoid results that match the term
Search for a specific phase

While then principal search operators are:
Search Operators
If you start your query with allintext:,Google restricts results to those containing all the query terms you specify in the text of the page. 
If you start your query with allintitle:, Google restricts results to those containing all the query terms you specify in the title.
If you start your query with allinurl:, Google restricts results to those containing all the query terms you specify in the URL.
If you include filetype:suffix in your query, Google will restrict the results to pages whose names end in suffix. For example, [user guide filetype:pdf ] will return Adobe Acrobat pdf files that match the terms “user” “guide” . filetype is very useful for finding “hidden” documents and commonly exploited file types. Typical searches for vulnerabilities (eg. Searching for vulnerable scripts and files) include suffixes php, cgi, jsp, swf and asp.
The query intext:term restricts results to documents containing term in the text. Intext allows to find pages containing known phrases.
The query intitle:term restricts results to documents containing term in the title. Using intitle it is possible to find pages with common titles (e.g. “Administrator”).
If you include inurl: in your query, Google will restrict the results to documents containing that word in the URL.
If you include site: in your query, Google will restrict your search results to the site or domain you specify. For example, [ privacy: ] will show privacy information from NSA site and [ privacy: gov ] will find pages about peace within the .gov domain.  The site: operator is useful to locate files within a specific domain and allows also to search all its indexed. During the attack phase site: is useful to map all services provided by the target.

Combining the above operators and modifier it is possible to execute complex queries, let’s think to be interested to search for email applications present on the website to submit a communication to site management. Analyzing the following table it is possible to note the improvement in the quality of the research obtained combining the Google operators.

Searched string
Number Results
232.000 results
3.940 results
[inurl:formmail.cgi filetype:cgi]
5.920 results
[inurl:formmail.cgi filetype:cgi]
56 results

You would see an amazing  use of these dorks in my next post "USING “GOOGLE DORKS”-FOR RECONNAISSANCE

Hope it would have been informative for you,and I would like to thank you for visiting.

 All the information provided on this site are for educational purposes only. The site is no way responsible for any misuse of the information.Please read the Disclaimer before using this Information anywhere.

Author:Vivek Yadav

No comments:
Write comments

Interested for our works and services?
Get more of our update !