Tutorial On Google Dorking

 Google Dorking

You may think you can find all kind of information on google but several type of information may not easily available on google search engine that includes:

1. Sensitive information such as government documents they were protected by privacy and security terms:publicly not available

2. Personal information such as address,phone number

3. Outdated data


(To overcome this, we can use Google Dorking for for good of work and accurate result)

 

 WHAT IS GOOGLE DORKING:

Simply, Google Dorking is a google search technique also known as google hacking. Through Google Dorking we can get some of the insider views that are sensitive or is accidentally  made public on the internet, which are used to get a set of information that are not available with normal query. It is a designed technique that filters different domains using search operators and commands.

The google hacking database was initiated and hosted by a group at Exploit Database, a well known platform for sharing and discovering vulnerabilities. The GHDB is essentially a collection of google dorks,which are specific search queries that can be used to find sensitive information and possible internet vulnerabilities.

The GHDB is not the brainchild of a single individual, but rather a collaborative effort within the cyber security community. Spearheaded by the team at Exploit Database, it’s a curated collection of Google Dorks- specialized search Queries that uncover vulnerabilities or misconfigurations. This database has become a cornerstone of ethical hacking, serving as a powerful tool for professionals seeking to fortify digital defense.

 

 Use:

● Analyse the vulnerabilities of web pages or applications, find loop holes.

● Though Google dorking can be used to find some hidden legal information but many people use it for illegal purposes. People can get access to sensitive information about an individual which can harm them in many ways.

 Google Dorking Commands:

Operators are special commands that extend the capabilities of regular text searches on Google search. Operators will make our work and web searches accurate. Using search commands make it faster to find things in Google.

 How to use:

It is as simple as google search, here we are going to perform search using operators and queries. It will make our search result efficient and accurate.

We can use and, or operators for queries

 Keep in mind:

1) Do not use space between symbol and word in queries.

2) While searching with different commands we will get an “I’m not robot” error. Just click in the box and mark the Recaptcha.


  •  cache:

Provides a cache version of that site. Cache version means it lets us see the older versions of a website or access files that have recently been removed.

E.g. : cache:facebook.com


  •   inanchore:

Used to search an exact anchor text or link. Anchor text is the text on a page that is linked to another web page or a different place on the current page.




  •   intitle/ allintitle:

               intitle is used to search the web pages with desired/specific title


  •  inurl/ allinurl
     inurl is used to search the contents with specific term in url.






 when we want to exclude www.digitalmarketing.org site from our search

 


using “OR” operator here we are getting both results related to marketing and digital marketing

 


Here we can add include another query related to stocks.

Like this we can use multiple filters with the use of “OR” operator.

using AND operator we can have the following result that includes both terms.

 

  



intext/allintext:

  intext is used to search for certain characters or strings.



Here some public login portals are visible


 

filetype:

ext(extension) returns various kinds of files based on provided extensions.



rfc2182.txt



 





Here are some of the git sources available which contain list of leaked password.

 

 

related:

  provide content related to that term.




site:

  Gives result related to that specific site






In order to search results related to blog we can use following comm


When we would like to excluded the blog url from the search.


In case, we used OR operator for both twitter.com and youtube.com here both results are displayed.


Here are the results of twitter site containing YouTube url’s.


keyword: pdf and site:microsoft.com


 define:

        one of the easy filter, where it define the particular description about it.

 



 

info:  or  id:  provide related information for the search term. 






phonebook:





 

map:




 

book:

 





 

movie:


 

weather:


 

link:

find web pages contain link related to given term


 

index of:

An index of password txt is a text file that contains a list of passwords. It can help you keep track of different passwords that you use for different websites, as well as help you stay secure online

 



between years:



 

  • $     ⇒search price
  •  @
  •  stock
  • location

 ➔ given data is just normal search queries, lets take look into deep

 

Let us understand how one can find default Password

The following commands may be used by security analysts for finding default passwords:

1) site:pastebin.com

 

2) inurl:”passwords" filetype:txt


3) inurl:password AND ext:txt OR ext:pdf OR ext:rar


4) initle:"index of password" filretype:rar

 
  • chat logs

 

for following site:

 




  • xls filetype:
  • filetype:xls -site:gov inurl:contact


The following Google Dork can be used to detect vulnerable servers that allow appending "/proc/self/cwd/" directly to the URL of website.

 


References:

1. GHDB:https://www.exploit-db.com/google-hacking-database


Contributors:

1. Shaily Patel, 2nd year, CSE, IIIT PUNE

2. Komal Desodhia, 2nd year, CSE, IIIT PUNE

3. Dr. Nitesh K Bharadwaj, Assistant Professor, Dept. of CSE, IIIT Pune.

4. Dr. Bhupendra Singh, Assistant Professor, Dept. of CSE, IIIT Pune, India.


Comments

Post a Comment

Popular posts from this blog

Analysis of Volatile Memory(RAM) Using Volatility3

Image
  Introduction: Volatility3 is the most advanced and newest volatile memory forensics framework in the world. It is also Open Source, this framework is written in python. It is also the most widely used framework for extracting digital artefacts from volatile memory i.e. RAM image. The framework is intended to introduce people to the techniques for extracting digital artefacts from volatile memory(RAM) samples and provide a platform for further work into this exciting area of research. Downloading and Installation: Requirements: Python 3.5.3 or higher Pefile 2017.8.1 or later. Download volatility from   here  or run the following command in command line to clone the repository. git clone https://github.com/volatilityfoundation/volatility3.git RAM Image Creation: To create a memory dump for analysis we can use DumpIt memory tool which can be downloaded from here . Also, we can use ftkimager to create a memory dump, which can be downloaded from  here . To create the image using ftkima
Read more

$Recycle.Bin Forensics: Analysis of $I (metadata file) and $R (actual content)

Image
  Forensic Insight into Windows 10 $Recycle.Bin  In Windows 10, the deleted files are temporarily located in  "C:\$Recycle.Bin>",  a sub directory under root directory. The completion of file deletion process yields two separate files placed within the $Recycle.Bin path, as follows: $I – Contains metadata specific to the deleted file (original file name path, file size, deletion timestamp, file name size and, file name). $R – Contains the actual contents of the file. The two files ($I and $R) corresponding to the deleted file are named/suffixed with a random six character value after $I and $R, resulting  into a 8–character file name. The system creates SID based folders corresponding to each user account.   In the SID sub-folder, you will find the SID of the user who deleted the file. Each time a user deletes a file from the Recycle Bin, a sub-folder is created for them. As per the requirement an analyst can analyse the contents inside the SID sub-folders.  Let’s
Read more

Usefulness of Epoch in Digital Forensics Investigation (UNIX and MacOS perspective)

Image
 Usefulness of Epoch in Digital Forensics Investigation  (UNIX and MacOS perspective)  In digital forensics investigation, epoch plays an important role in event reconstruction. Hence, we try to provide detailed insight into the UNIX and MAC OS epoch values. An epoch is a date and time that a computer uses to determine the computer's clock and timestamp values. Epoch is sometimes also referred to as epoch time, POSIX time, and Unix time. In simple words, it is the starting point of the operating system that determines a computer’s date and time by counting ticks (seconds/ nanoseconds/picoseconds). Epochs can persist into the file metadata, system files, log files, and other metadata files. The value of epoch varies from operating system (OS) to OS and file system to file system.   The epoch traditionally corresponds to 0 hours, 0 minutes, and 0 seconds Coordinated Universal Time (UTC) on a specific date, which varies from system to system, as the starting date of each system i
Read more