GOOGLE HACKING

GOOGLE HACKING – USING “GOOGLE DORKS”

This article is about Google hacking with the help of the dorks, I’m sure after reading this you will thank me for the particular info which I am going to provide you. The best part is you cannot be traced! Those who are new to the phase “Google Dorks” let me give you an introduction to Google search engine and Google dorks. Google is the most used search engine in this world because of it’s most efficient response. Google has some bots which crawl all over the net and copy almost all content available on databases to Google’s database. Therefore, it gives you the response when you type a word on Google search, it just checks its database and gives the response as you desire!

For making response more efficient Google has provided few functional words calleddorks. Here is an example of how a dork looks like: “site:“. This particular is used for finding out the websites with a particular word in their domain name. Such as if you search in Google as  ”site: uk” you will find the sites which belong to United Kingdom (U.K.) only! This makes your search response very accurate when you are searching something, especially related to a country.

Suppose you want to find some information regarding a site then you have the dork “site:example.com”. Just replace the example.com by the site whose information you need to know! And the most good thing is you can use several dorks at a time to make your result even more accurate.

You might be wondering why have I called this article as Google hacking when this a just a simple technique to make the Google response accurate. Actually you know the answer, I have told you in the starting itself…. Yes the Google bots I’m talking about! What happens here is the Google bots copy almost everything available on internet, that is they even copy sensitive information like usernames, passwords and credit cards numbers etc…

And other shocking thing is that you can also access unsecured webcams using Google dorks!

Isn’t that what you actually looking for?

So now you will definitely ask me how to get them?

The answer is dorks, we are going to use some best dorks available and extract the sensitive juicy info from the Google’s database.

Here are few examples of dorks with explanation which will help you finding some sensitive info:

Dorks for finding usernames and passwords:

auth_user_file.txt                                                       Gives you list of crackable passwords

“login: *” “password: *” filetype: xls                      Gives passwords file in saved in excel

filetype:log inurl:”password .log”                          Clear text password files

Dorks for finding Credit cards:

“ATM PIN” ReZult                                                        Credit card dumps by phishers

Dorks for MYSQL dumps:

?intitle:index.of?”.mysql_history                          Gets you the MySQL  history files

Input validation vulnerabilities:

intext:”Powered by X-Cart: shopping cart software” -site:x-cart.com

These were just simple dorks which will get you some juicy info, but there are thousands more which will give you access to very confidential data. If you don’t believe me then I must share a real life scenario, once I was trying out all the dorks which could be found on sites like exploit-db.com or hackersforcharity.org and trust me I got some restricted files of NASA where there were information regarding their transactions!

So go surf and find new dorks… And feel free to comment!