Hack Website Using Google Hacking or google Dorking – Part I

You normally use Google for finding anything online. Google is most widely used search engine all over the world. Google Hacking is the answer to your questions. But you should know that google can be used in information gathering. Or finding any vulnerabilities of any URLs. According to ethical hacking researcher of international institute of cyber security still many websites can be hacked using just Google dorks. Google dorks can be used to find vulnerabilities in URLs. Google dorks is an never ending list as new technology with new vulnerabilities.

How Does Google Dorks Work :-

[Cache]:

  • You must have aware that whenever you visit any website. Website is saved in google cache. Using [Cache] keyword Google will show its cache web pages.
  • Type cache:securitynewspaper.com
Above screenshot shows google cache memory
  • You can also use below options for opening the cache for any website.
  • Clicking on the cache link will show the above URL with cache information.
  • If you detect any web application firewall, you can used this techniques to open blocked website and view contents.

[inurl]:

  • This query will search for keyword in URL. Type inurl:admin login
  • Above screen shows admin login in every URL.
  • This query can be used to get admin pages of any website

[Link]:

  • This query will show the result URLs that have URLs pointing towards hackthissite.org
  • Type link:www.hackthissite.org
  • Above shows the result of hackthissite.org.

[Info]:

  • This query will show information about the URL which Google have on the web.
  • Type info:www.slavehack2.com
  • Above screenshot shows the info about slavehack2.com.

[Related]:

  • This query shows the URLs which are similar to specified URL. Below you can see specified URL with same web page.
  • Type related:testphp:Vulnweb.com
  • Above screenshot shows the same websites related to testphp:Vulnweb.com

[define]:

  • This query will show the definition of the word/ query you have searched for.
  • Type define:cyber security
  • Above query shows the definition of particular keyword we have searched for.

[stocks]:

  • For knowing the stocks of any company enter stocks:GOOG Remember to enter company ticker symbols not the company name.
  • Above you can see the google stocks.

[site]:

  • This query will find all the pages of target website. For ex – site:hackthissite.org will show all the available pages in search results.
  • Above you can refer that all URLs are showing of hackthisisite.org

[allintiitle]:

  • This query will show search results of all words from the title allintitle. Type allintitle:google hack
  • Above screenshot shows results of allintitle mentioning google hack.

[intitle]:

  • This query will show search only first word. For ex- if you type intitle:google hack. It will show result with google in title & hack inside the URL if available.
  • Above query uses google as first priority. If you want to find complete word. Use the above google dork.

[allinurl]:

  • This query will search for all the keywords entered in URL. Type allinurl:certifiedhacker
  • This will find certifiedhacker in URLs.
  • Above screenshot shows certifiedhacker in URLs. It might show some of them in title but query will only work with URL.

More Examples Using Google Dorks :-

inurl:admin login <query>

  • Type inurl:admin login query. For security reasons we have hide the query name shown below.
  • This query will show admin logins of written names. Here we have used country name. You can use any query for finding admin logins.
  • Opening the links shows the admin logins. From here you can use another methods of bypassing the logins. Such admin logins should not be opened for public. As brute force attacks could be done or sql injection attacks can used to bypass such logins.
  • Above screenshots are admin login of query we have used. Using some another queries.
  • Type inurl:admin login.jsp This query will show all admin pages which developed with jsp. Exposing backend language can also be in information gathering phases.

[inurl:/view.shtml]:

  • Type inurl:/view.shtml for watching live cams. This query will show web cams which are left with poor security measures. Or such cams are not configured properly.
  • Above shows the link of open live cams. For ex – below you can see open live cams.
  • You can use some another google dorks for finding open cams.
inurl:/view.shtml
inurl view index.shtml
inurl view index.shtml near me
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:view/index.shtml
inurl:view/view.shtml
intitle:”live view” intitle:axis
intitle:liveapplet
intitle:liveapplet inurl:LvAppl
inurl view index.shtml near my location
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210″
inurl:indexFrame.shtml Axis
  • Above dorks can be used for finding open cams.
  • On of the ethical hacking researcher of International Institute of Cyber Security was able to find the secure facility using this approach.

[inurl:admin filetype:<filetype>]:

  • For finding unprotected files of any type can be found online. Type inurl:admin filetype:xls will find the excel files.
  • Changing file type will display another files.
  • Above shows excel & word files. You can download such files.