What is Google Dorking?

We’re all aware of Google’s bounty of resources. But how does it permit ethical hacking? Google Dorking, as named by Johnny Long in 2002, is a resourceful mechanism you can readily use to access almost everything. This includes a user’s username, their passwords, bank transactions, and even a live camera feed.

Sounds scary, right? I feel otherwise. 

You see, when you do a regular search on Google, you can only access limited information, thanks to the system. But with Google Dorking, you have access to multiple information within a page.

Want to track a bug in your code? Google Dorking has you covered! 

Google dorking in ethical hacking has been an extremely useful hack, especially for my projects. It has also helped me gain access to public code repositories, sample datasets, or even forgotten APIs. 

How Does It Work?

Google Dorking is more of an advanced search filter for your favorite app. With Google Dorks, you can mix and match these codes and get extremely specific information. Additionally, Dorking is a technique rather than a tool so you can always customize it. 

Now, coming to the technicalities, special Google dork commands like filetype and intitle can offer you preferred results. These “special commands” are used by Google to target specific locations, file types, and even keywords within website code.

Basically, by using Google’s indexed information, Dorking creates queries that ask for specific data points. Use it the right way, and you may crack the code for your next round of competitor analysis!

In short, Dorking uses these search operators and displays data regarding:

• Confidential files
• Website’s internal data
• Unprotected login portals
• Private directories
• Hidden video streams
• Website vulnerabilities 

A Brief History of Dorking: Is It Hacking?

Johnny Long, our man of the hour, had been working away with codes when he pushed custom searches to look for information that could be easily breached. As suspicious as it sounds, this was all done with good intent and Long even made a list of advanced Google hacking database commands.

Although the origin of the term ‘Dorking’ may be disputed, you can always rely on Long’s contribution towards ethical hacking.

Structure of Query Operators

If you’re unsure what query operator to use for Dorking, here are some:

1. Operator - Start with the operator. Type “inurl” for pages that contain a specific word you’re looking for in the URL.

2. Keyword - This is your phrase, and quite possibly, the butter to your bread. Looking for a password file? “Password” is your keyword. 

3. Modifier - No search is complete with your modifier. Insert, for instance, “filetype” if you’re looking for PDFs.

Access advanced Google Hacking Database (GHDB)

The Google Hacking Database (GHDB), famously compiled by Johnny Long, lists all possible search queries. Coders refer to these as Dorks as we uncover confidential information now and then.

Due to many other malicious users, the GHDB isn't accessible directly to the public. But you can always make an exception by doing your research better. Yes, you can access it via security forums, online tutorials, and other ways like search operators.

List of Google Dorking Commands

Here is my cheatsheet full of Google Dorks:

Does Google Dorking Provide Tools?

Although I've stated that there are specific tools to indulge in Dorking, you can always use these for an easier experience:

1. Google Hacking Database (GHDB) - The traditional advanced google hacking database, or shall I say, Dorkbase is here. It's a set of categorized indexes and isn’t available publicly.

2. Shodan - Shodan is your go-to tool if you’re focusing on internet-connected devices like servers, routers, and cameras.

3. Legitimate search operators - Google itself offers various search operators for advanced searching.

4. Custom scripts and automation tools - You can also create custom scripts and do your automation, but beware, once you’re off ethics, you’re off legality.

5. Penetration testing frameworks - One of my favorites, these frameworks allow security professionals to conduct penetration testing. But remember, a controlled environment and explicit permission are key.

Google Dorking Techniques

The Google Dork list goes on and on. Talking about techniques, here are some of the Google hacking techniques I can vouch for:

• Combine keywords, file types, and site types: Target specific information like budgets in CSV files from websites (e.g., [file type: csv site:za budget]).

• Use native languages: Conduct searches in local languages for increased accuracy and results (e.g., search in French for French content).

• Find misconfigured servers: Discover hidden directories with keywords like "index of" (e.g., [intitle:”index of’ site:kr password]).

• Numrange searches: Refine results by number range (e.g., [site: www.krustykrab.com 123..150]).

• Use multiple keywords or phrases: Increase search specificity for sensitive information (e.g., not to be shared instead of just confidential).

• Search for login information: Combine file type, keywords, and site type (e.g., [file type: PDF site: co login]).

• Bypass registration: Access restricted content using specific keywords like "inurl: database" or "inurl: directory" with the website address.

How to Use A Google Dork command

With these Dork commands, you can access every secret (legally):

1. Log files: Log files, resembling databases, expose sensitive information about a website's PHP version and backend structure. This is accessible through a Google search using "allintext: username file type (csv, PDF, xlsx): log."

2. Susceptible web servers: Identify web servers with vulnerabilities using the search term "inurl: /proc/sef/cwd/" to locate examples susceptible to hacking.

3. Email lists: Easily discoverable with Google Dorks, spammers exploit this method to add email addresses to their spam lists, using the format "Site: .com filetype: csv inurl: email.csv."

4. SSH private keys: Google search with "Intitle: index.of id_rsa -id_rsa.pub" reveals private keys shared on the internet, often not meant for disclosure.

5. Live camera feeds: You can access worldwide camera feeds via Google Dorks, and live cameras, especially military or government ones. Use "Inurl: top. Htm inurl: currenttime" or "[intitle: Webcam XP 5]" for webcam transmitted coverage.

6. Exposed FTP servers: You can access sensitive information in file transfer protocols through "[Intitle: index of inurl: ftp]" to reveal exposed FTP servers.

7. Env files: You can find insecurely placed .env files with crucial web development configurations using specific Google Dorks.

8. Media files (MP3, MP4, PDF): Google Dorks like "[Intitle: index of (filetype)]" simplify the download of files without using streaming platforms or online libraries.

9. Weather Dorks: Google query "intitle: weatherwing WS2" provides access to internet-connected weather measuring devices globally.

10. WordPress admin login: A Google Dork "Intitle: index of wp-admin" enables the easy discovery of WordPress administrative login pages and their login information.

11. Apache 2 servers: Find vulnerable Apache 2 servers with the command "Intitle: Apache2 Ubuntu Default Page: It works."

12. Government files: Discover restricted government documents using "[allintitle: restricted filetype: doc site: gov]."

13. Zoom bombs: Disrupt online video meetings using Google Dork "inurl: zoom.us/j and intext: scheduled for."

14. Database dumps: Insecurely configured databases, indexed through "Index of database.sql.zip," allow access to dumped SQL files on servers.

The Advantages of Google Dorking

I’ll keep it short. To summarize all of my thoughts so far, here are the best advantages of Google Dorking:

• Find useful resources for your projects.
• Identify website vulnerabilities and gather tons of other data for security testing.
• Boost security awareness.

The Dangers of Google Dorking

Truth be told, there are potential dangers to using Dorks and these are:

• Potential misuse —theft and/or exposure of sensitive data.
• False positives and misleading results.
• Privacy breaches and security vulnerabilities.

How to Prevent Google Dork Infiltration

Unless you’ve been living under a rock, you know the steps you can take to secure your web search. Here’s my two cents:

• Go for strong passwords - Ensure to strengthen your passwords at every junction. Make it a point to regularly update software, and employ firewalls and intrusion detection systems wherever possible.

• Limit publicly accessible information - Avoid storing sensitive data like passwords or internal documents directly on websites or publicly accessible servers. Regularly review and remove any unnecessary information exposed online.

• Educate and raise awareness - Train yourself on potential security risks associated with Google Dorking and the importance of safeguarding sensitive information.

In A Nutshell

Google Dorking is a powerful tool for ethical hackers and security professionals. Remember, with great power comes great responsibility. Use Dorking ethically and responsibly to make the web a safer and more informative place. Implement the best practices available on the web and Dork well! 

To get better at cybersecurity and keep up with the latest techniques, check out upGrad's cybersecurity courses. They're designed to help you learn all you need to know from experienced instructors. 

Frequently Asked Questions 

1. What is Google Dorking used for?

Google Dorking is a tool primarily meant for advanced search operations for unmasking information available on the web. 

2. What are the benefits of Google Dorks?

Google Dorks can find hidden information about websites like usernames and passwords, email lists, and phone numbers. It can also access sensitive and private data like bank accounts and transactions.

3. What is a Google Dork for username and password?

The Google Dork for usernames is “inurl:username” and “inurl:password” for passwords.

4. Is Google Dorking legal?

Google Dorking differentiates itself from illicit practices as it is often used by multiple security professionals to trace existing vulnerabilities in the system.

5. What do Google Dorks include?

Google Dorks includes private and confidential resources like usernames, passwords, credit card information, and email addresses.

6. Who uses Google Dorking?

As a coder, I use Google Dorking in the field of ethical hacking and for identifying potential vulnerabilities in the system.

7. What is an example of a Google Dork?

An example of Google Dork is ‘filetype:pdf’ which shows results for PDF files within the constraints of a page’s URL.

8. What is the file type for Google Dorking?

Some of the file types for Google Dorking are “filetype:”, “inurl:”, “allinurl:”, and “intext:”.