Google Dorks, also called as Google Hacking, is a technique in hacking that uses Google search and other applications to find loop holes in the security in the configuration and in the computer code that the websites use. Using google dorks most likely isn’t illegal, accessing the URL behind that indexed page could be…; Google dorks is a reference to search indexed data stored in google. You may not be breaking the law by clicking a link to a publicly accessible resource.
In other words: Google “Dorking” is the practice of using Google to find vulnerable web applications and servers by using native Google search engine capabilities. Unless you block specific resources from your website using a robots. txt file, Google indexes all the information that is present on any website.
Below picture depicts the possible filters used for google hacking. These filters sorts the required output according to the users need. Some google dorks allows multiple dorks which works similar to‘|’ ( pipe) character in unix systems.
Dorks often use advance operators (such as inurl to search in a URL) to
look for specific content in the different parts of the target web sites. Below, we
show two examples of dorks, where the attacker looks for an installation log (left
by mistake) or for a banner string (used to fingerprint a certain framework):
inurl :” installer — log . txt “ AND intext :” DUPLICATOR INSTALL — LOG “
intext :” Powered by Wordpress “
Typically the following classification proposed in the Google
Hacking Database (GHDB) , which contains 14 categories. The criteria
used to define these categories is the purpose of the dork, i.e., which type of
information an attacker is trying to find. For instance, some of the categories
Advisories and vulnerabilities: it contains dorks that are able to locate various vulnerable servers, which are product or version-specific.
Sensitive directories: these dorks try to understand if some directories (with
sensitive information) that should remain hidden, are made public.
Files containing passwords: these dorks try to locate files containing pass-
Pages containing login portals: it contains dorks to locate login pages for
various services; if such pages are vulnerable, they can be the starting point
to obtain other information about the system.
Error messages: these dorks retrieve the pages or the files with errors messages that may contain some details about the system. Different categories often rely on different techniques such as the use of some advance operators or keywords-and target different parts of a website such as its title, main body, files, or directories.
For research content about google dorks stats read the research paper here and for book click here
The above picture tells which field of a web application is called as which dork. Basically most used one are inurl, site, filetype, etc. To get the required username mail id we can give the username in the query append with ‘+’ character after that. This tells the browser that given string before the ‘+’ character must be present the result obtained. Similarly ‘-’, which tells don’t include the string in the search result.
Similarly the above picture shows the example with some advance dorks. To get the specified result from the google search or to have a refine search, google dork is the best way. This technique can be implemented as a simple commandline tool. Stay tuned with my github account to have simple google dorking tool. Here is an awesome tool, try this one and check it.