What Are Google Dorks And How To Find Vulnerable Web Pages Using It
Google takes the lion’s share in the tech ecosystem as compared to any other tech giant and is being used extensively all around the clock.
The Google search engine is the most robust and powerful search engine when it comes to getting the most accurate results. But those standard on-the-go actions that we perform on google are what just a fraction of what it has to offer. We can use it to perform numerous hacks, whether to get live footage of misconfigured webcams or to find an entire playlist of videos of the favorite Netflix show, the hacks are infinite!
In this article, we will be exploring all the features of Google and how we can use it to make the most out of it rather than a simple search tool. The article is split into three different sections:
This is entirely novice-friendly and doesn’t require any experience whatsoever, and you’d be able to use all this information straightaway.
Understanding The Search: Google Search Engine
Google uses spiders or crawlers, which are automated bots that scan every single webpage available on the internet. Then from the meta tags, other semantic HTML tags, and the
robot.txt file (the file submitted by site admins to the search engines to tell them what pages to scan), bots understand the website, and start indexing the site on Google’s database accordingly.
Once a crawler has visited, scanned, and categorized a web page, it then keeps following other links within that web page, thus making the search engine more vigorous and comprehensive.
The way Google then serves the search results is a bit complicated. It makes use of several algorithms (such as PageRank or Fred) that enables Google to serve the most appropriate results. Retaining these details, let’s sink directly into some advanced search operators.
Google Search Operators
Google allows the use of many special operators or sets of strings to get more customized search results. We will learn some of the most helpful search operators and then will see how to combine these operators to create powerful dorks.
Let’s take an example. Suppose we want to find a specific set of web pages from a website. Knowing that Google might have already indexed the whole site, we can use it to hunt for those web pages.
For the demonstration, let’s suppose we want to find all the How-To articles from WonderHowTo:
Entering the below parameter in the Google search will give the desired results:
site:wonderhowto.com How To
How Does It Work?
In the above example,
site is a parameter or a special Google operator, which limits the search to a specific website only. Followed by a colon
:, that states that
site is a parameter, not a regular search keyword. Other search operators also work the same way.
Putting all the search parameters here would make this article very dull and ineffective, so we are only embracing the most useful ones in the articles, though you a complete list has been provided for free download at the end.
Basic Google Search Operators
The plus operator is used to combine keywords in the search results.
Used to compare two things directly from the search.
Double quotes emphasize specific text and to give it more importance as compared. The double quotes limit the search within the selected keywords.
Two dots are like the range operator that performs the search within the specified—first, the small value-the the three dots-the the higher value.
The minus parameter excludes keywords from the search.
The tilde (before the digit one key on a keyboard) includes similar terms in the search.
Advanced Google Search Operators
Intitle parameter shows the results that contain the keyword in the webpages title tag. It can be used to find precise pages on the web (such as login pages).
Works the same as intitle, but it scans for all the exact words in the title.
Inurl is used to scan for the terms in the URLs of websites. It turns instrumental when you are looking for targeted websites (such as cryptocurrency or movie websites).
Works the same as inurl but scans for all the words in the URL.
Filetype parameter is used to scan for a particular file type (such as pdf files). Another operator ext: also works the same way.
Used to search within the content of a web page (very similar to how well-known search works).
Works the same as intext but it needs all the terms to be included in the results.
Used to get the definition of common terms straight away.
Used to hunt within a particular site alone.
Allows finding websites alike to the site you specify in the search query.
Instead of hunting within just website URLs, the links parameter is used to scan within links or complete URLs.
The info parameter gives nothing else than the information of the input tags.
The cache keyword is used to look for google’s cached version of the website. It is very useful to look for a region censored website or a site that is currently down.
The Art Of Google Hacking: Google Dorks
Here comes the most refreshing part! With all this knowledge, we can now combine a couple of google search parameters and suitable keywords to craft our very own Google dorks to perform desired actions.
Note: The material we are about to reveal is just for educational purposes; please don’t go out of morals and use them for any explicit purposes.
- Using Google To Find Emails At Bulk
- Downloading Your Favorite Movie Using Google
movie name -inurl:(htm|html|php|pls|txt) intitle:index.of “last modified” (mp4|wma|aac|avi)
- Finding Playlist Of Videos Of Your Favorite Netflix Show
index of "show name"
- Using Google To Public Web Cameras (Vulnerable)
- Hunting Password Log Files Using Google
allintext:password filetype:log after:2019
- Key Clear Text Sensitive Information
- Using Google To Find Your Favorite Book Of Choice
-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(extension) "Book name"
- Searching For Modified Password Lists
intitle:"Index of" passwords modified
- Finding Songs and Other Relating Media Files
-inurl:(htm|html|php) intitle:"index of" +"last modified" +"parent directory" +description +size +(extension) "Song"
- Cloudflare C-Panel Sensitive Files
intitle:"index of" "/Cloudflare-CPanel-7.0.1"
- Finding Accidentally Open Credential Files
- Getting Useful Logs Of Laravel Framework
index of /storage/logs/
Here are some resources to look for newer Google Dorks:
- Exploit Database Discover more Google dorks from the community.
- Download a comprehensive list of Google Dorks here.
Using Google Dorks isn’t illegal only if done for good intentions; still, accessing credentials is a hundred percent illicit, and you may have to land in the hands of law, and Phleebs won’t be held liable for any harm whatsoever. Please use them only for educational purposes and to help others.
I swear I just Googled his password.