Disclaimer : Each and every post and the content of this blog is meant for educational purpose ONLY. The posts are written to gain knowledge. Any illegal act such as hacking, phishing, etc., committed by any one after reading the posts; will NOT be the responsibility of the owner as well as any one related directly or indirectly to this website. It will be the sole responsibility of the person who carries out the act.
Google Hacking is a term that encapsulates a wide range of techniques for querying Google to reveal vulnerable Web applications & sometimes to pinpoint vulnerabilities within specific web applications. Besides revealing flaws in web applications, Google Hacking allows you to find sensitive data, useful for the “reconnaissance” stage of an attack, such as emails associated with a site, database dumps or other files with usernames & passwords, unprotected directories with sensitive files, URLs to login portals, different types of system logs such as firewall and access logs, unprotected pages that contain sensitive information such as web-connected printers or cameras with data about their usage status, location and so on.
Advanced operators for querying Google
Advanced operators allow you to get more specific search results from your queries.
Advanced operators usually take the form of operator:search-term and are directly written in your query string. There should be no space between the operator and the search term & the search term itself cannot contain spaces, or the query will fail. To use spaces, we would have to surround the phrase with quotation marks.
For example, by querying Google for site:tutorialspoint.com filetype:pdf , we use two advanced operators – the site operator which will limit the results to only those originating from the given website and the filetype operator which will return results limited to a certain file type (in this case, pdf).
Below is table that contains some of the commonly used Google operators and symbols for Google hacking:
|intitle:||Searches in the title of the pages (the ‘title’ HTML element that is located in the ‘head’ element of the page’s markup).||intitle:admin
|inurl:||Searches with the URL of the crawled web pages.||inurl:wp-content/uploads filetype:sql
inurl:ssh intitle:index.of authorized_keys
|intext:||Searches within the text of the web pages (the text possibly seen by regular users browsing the web pages).||intext:”powered by webcamXP 5″
intext:”Powered by net2ftp”
intext:”Apache Server Status”
|allintext:/allinurl:/allintitle:||All 3 operators work similarly to the ones mentionaed above except they do not work with other operators & look for all words after them in the text/url/title of the web page.||allintext:”Please login to continue…” “ZTE Corporation. All rights reserved.”
allintitle:Welcome to Windows XP Server Internet Services.
|filetype:||Limits the results to web resources matching the desired file type (not always correct).||filetype:xls
|site:||Limits the results to web resources within a given website.||filetype:xls site:apple.com
|info:||Shows additional links/actions which can be followed such as showing Google’s cache of the website, visiting similar pages, viewing pages which link to the given page and so on.||info:apple.com|
|–||Excludes the term/ operator from the results.||inurl:citrix
inurl:login.asp – site:citrix.com
|“search-term”||Adding the phrase in quotation marks returns only results that are an exact match to what is sought for.||inurl:”server-status”
intext:”Apache Server Status”
|*||A wildcard for any unknown/arbitrary words. It is not used for completing a word like foot* but pinpoints that any word could be at that search position.||a * saved is a * earned.|
|+||The phrase that follows the + modifier must exist within the results. It can be used to include an overly common word which Google typically neglects in queries.||“Machine Gun”+uzi|
|.||A single character wildcard, any single character can be in that place.||inurl:.ssh