Google Dorks Explained — Google Hacking

What are Google Dorks?

Google Dorks are search queries specially crafted by hackers to retrieve sensitive information that is not readily available to the average user. The technique of searching using these search strings is called Google Dorking, or Google Hacking.

Commands and Operators

Operators are the building blocks of Google dorks. Therefore, we will address them here first before we can write full dork queries.

Alternative Keywords

If you use the operator OR (or |) between two keywords or more, then the search results will return pages that contain matches to at least one of the keywords.

Matching All Keywords

Using the operator AND between two keywords or more forces the search engine to return results relevant to all provided keywords.

An Exact Match

Enclosing the search terms in double-quotes (“search string”) returns only webpages that contain an exact match of the string.

Searching on a Specific Site

The operator “ site: “ limits the search to the specified website.

Excluding a Keyword

If you use the operator ‘ - ‘ followed by a keyword, then this keyword is excluded from the results.

Wildcards

The asterisk operator ‘* ‘ is used as a wildcard and can match any word or group of words. This operator can be very useful when combined with the double quotes operator.

Grouping Keywords

The real power of google operators arises from how you can combine them to form complex queries. In such cases, the use of brackets is necessary to determine which operator has the highest priority.

Keywords in URLs

If you want Google to show only pages containing the search terms in their URL, then you can use the operator “ inurl:

Keywords on the page

The command “ intext: “ returns pages containing the search term in their content.

Keywords in the title

The command “ intitle: “ returns pages that contain the terms of the search in their title, not their content.

File extension

When using the command “ filetype: “, you force Google to only return pages that have a certain extension.

Search in Cache

Google stores a copy of almost every page it visits. These copies can sometimes come in handy, especially if the original web page is no longer available or is too slow to respond.

Examples of Google Dorks

If you’ve reached this far, then you should by now have all the building blocks that you would need to create complex queries.

Camera feeds

The following query reveals live feeds from AXIS cameras.

Email Lists

The next query returns email lists contained in Excel files.

Log Files

As we’ve seen earlier in this post, this query returns log files containing passwords and their corresponding emails.

Open FTP Servers

This search string reveals open FTP servers that can contain sensitive information.

SQL Injection

This query exposes pages that are vulnerable to SQL injection attacks.

Scanning Reports

The following query returns scanning reports that reveal vulnerabilities in the scanned systems.

SQL Database

In this last example, the following query reveals the contents of exposed databases, including usernames and passwords.

Defend Yourself Against Google Dorks

Now that you know how dangerous Google dorks can be, you’re probably wondering how you can protect yourself, or your website, against them.

  • You can create a file called “robots.txt” in your directory, and specify to search engine robots which directories or files they should not index.
  • For sensitive pages, you should include meta tags in your Html code header with Noindex and Nofollow values.
  • You should always password-protect your directories.
  • Never store a password in plaintext. Instead, use salted hashes.
  • Sitedigger is a tool that you can use to help you find vulnerabilities and sensitive data from your site that is exposed through Google results.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store