What is Google Hacking?
Google Hacking is a simple term to find Google Dorks using Google.com. Let me be short and tell you how you can make your own dorks and also how can you find MANY vulnerable websites using this. Google dorks can find any type of vulnerability!
Types:
There can be infinite queries but here I'll tell you some basic and most useful ones..
1. Inurl - As the name tells, it searches for item in the URL
2. Intitle - It searches for item in the title
3. Filetype - It searches for specified filetypes
4. Url - Simply searches for specified URL . I'll explain it later ;)
There are some more, but let's just stick with these cause they're most useful.
1. INURL:
1) Goto http://www.google.com/
2) Type: inurl: php.id=4
RESULT: You will see all the url with back ID as: php.id=4.
USE: With this we can search for sql injections..
MORE: We can search for .aspx pages, search boxes, text passwords, servers, login pages etc...
SPECIAL: If you want to hack some government website, type: inurl:/.gov
2. INTITLE
1) Goto http://www.google.com/
2) Type: intitle:Facebook
RESULT: You will see all the page titles with "Facebook"
USE: With this you can search custom sites, like your schools login page ;)
SPECIAL: You can use it with "url:" for precise search
3) FILETYPE
1) Goto http://www.google.com/
2) Type: filetype:txt
RESULT: You will see all the sites with .txt files on the public directory in their server
USE: You can search filetypes if you want to
SPECIAL: Type- inurl:pass filetype:txt
No comments :
Post a Comment