Google dorking or we can say google hacking is basically a technique in which we use a google search operators and some specific string to find out something in particular on search engine like google, which we can not find easily.
For example: If you want to download a movie, and search for “Download Spiderman 3 movie”, you will get a lots of torrent links and spam links, and using torrent is illegal. So in this case if google dorking is used – We will search on google in this way – “Spiderman 3 Drive:google.com”.
Now what exactly happened here? We used some string in particular which directly gave us the movie spiderman 3 i.e uploaded to google drive, and from google drive, one can easily download with one click. So you see the power of google dorking? Stay with us and keep reading to know a lot more.
For Some special offers and newsletter, Subscribe to our newsletter.
How hackers use google dorking?
Hackers don’t use google like a normal person to find movies, images etc., but hackers use use google dorking to find security loopholes and other things that are not easily available if you do a normal search query on google.
Hackers can use google dorking to find public CCTV cameras, or to locate login page of a particular website, or to look for any open database, and a lot more.
Do you know? Google provides you with the option of advanced google search – https://www.google.com/advanced_search\
Google search operators:
These are some of the main google search operators:
|Pages containing keywords in:|
|allinurl: / inurl:||– the URL|
|allintitle: / intitle:||– the Title|
|allintext: / intext:||– the text|
|allinanchor: / inanchor:||– the anchor text|
|filetype:||– file types|
|site:||Narrow results to a site|
|related:||Shows similar sites (being phased out)|
|cache:||Shows a page copy in the Index|
|define||Gives a definition (or use “what is”)|
|The quotes (“”)||Search for a phrase|
|The minus (-)||Exclusion|
|Numrange (..)||Search for a range of numbers|
|Asterisk (*)||Stands for a word or a few words|
|AROUND (n)||Proximity search|
|before:, after:||Date search|
We will use these operators further to perform google hacking.
Another example for you to understand how google dorking works:
Suppose you want to find login page for starbucks, Search on google : “site:starbucks.com inurl:login”
Let’s understand what we have done here:- By writing site:starbucks.com, we told google to only show search results of site starbucks.com, and by inurl:login, we told google to show results in which URL contains the word login. So by combining this we can find login pages of starbucks.com.
Google Hacking Database
I will provide you with a URL, this contains lots and lots of strings that you could search for on google, and find vulnerabilities in web applications or maybe see some webcams :p
Here we searched for webcam and look at the results we got!
When I searched for that string on google I got this result. Can you believe? we can see through someone else’s CCTV.
WARNING: BE ETHICAL, DON’T CROSS THE LINE. ELSE WATCH THE MOVIE SNOWDEN, YOU MIGHT SEE SOME STUFF THAT WILL MAKE YOU DO ETHICAL THINGS.
So these all information is publically available, as we found it on google. I did not perform any hacking attack to get the access to CCTV.
Find passwords using google dorking
site:pastebin.com intext:admin.password Let’s try this string
Look at the power of google dorking. You see. This is just the basic level that I can show you on google without getting any violation strike.
Open FTP Servers
“intitle:”index of” inurl:ftp” Try this!
I bet, by now you must have imagined the possibilities of what can be done with google dorking.
Still don’t wanna signup for newsletter?
- Google Dorking – Commands | Database | Hacks
- Best Books on Hacking You Must Read to Become A Hacker- 2021
- What Are The Different Types Of Encryptions?
- 5g Wireless Technology ppt – Free Download
- Importance of Backlinks, It’s Impact, and Roadmap – 2021
Try to combine different google search operators and comment down below what you found using Google dorking / Google hacking.
What is google dorking?
Google Dorking, also known as Google hacking refers to a technique which can be used to do an advanced google search by using some special google search operators to look for the specific information on google that can’t be found with a normal google search, like, open webcams, public FTP servers, Login pages, etc.
Is google dorking illegal?
No, google dorking is not illegal up to a point. If you are searching for vulnerabilities in web applications and reporting them to the company, it is perfectly fine. But if you use google dorking to search for vulnerabilities and then exploiting them for your own gain, that is illegal and misuse of google Dorking.
How does google dorking work?
Google dorking uses some advanced search operators which when combined into a string to give a specific result.
How is google dorking used by hackers?
Hackers can use google dorking to find open FTP servers of a company, or to find any vulnerability in web applications, etc.
Have any more questions? Ask us on Discord