Google hacking doesn't mean to hack Google. Google hacking term used when a hacker tries to find vulnerable targets or sensitive data by using the Google search engine.In Google hacking hackers use search engine commands to locate sensitive data and vulnerable devices on the Internet. Google supports a multitude of operators and modifiers that add a ton of power to google searching.
Although Google hacking techniques are against Google terms of service and Google blocks well-known Google hacking queries, nothing can stop hackers from crawling websites and launching Google queries.
I am going to explain some operators used in Google hacking
intitle:
Syntax: intitle:operator
This will return all the pages that have word entered after the intitle (as we used operator here) in the title of the page. If you want to check for multiple keywords in title use allintitle in place of intitle.
allintitle:operator1 operator2....
inurl:
Syntax: inurl:operator
This will return all the pages that have word entered after the inurl in the url of a page. If you want to check for multiple keywords in url use allinurl in place of inurl
allinurl:operator1 operator2 ....
site:
Syntax: site:Domain
This will return all the pages that have certain keywords in that particular site or domain.
link:
Syntax: link:URL
This will list down webpages that have links to the specified webpage.
intext:
Syntax: intext:operator
This will return all the pages that have word entered after the intext in the particular website. If you want to check for multiple keywords in website use allintext in place of intext
allintext:operator1 operator2 ....
related:
Syntax: related:URL
The “related:” will list web pages that are "similar" to a specified web page. For Example:
“related:www.ethicalhack4u.blogspot.com” will list web pages that are similar to the
ethicalhacking homepage
Note T
here can be no space between the "related:" and the web page url.
cache:
Syntax: cache:URL [highlight]
The cache operator will search through google’s cache and return the
results based on those documents. You can alternatively tell cache to
highlight a word or phrase by adding it after the operator and URL.
info:
Syntax: info:URL
This tag will give you the information that Google has on the given URL.
filetype:
Syntax:
filetype
:keyword
This will restricts Google search for files on internet with particular extensions (i.e. doc, pdf
or ppt etc).
Well, the Google’s query syntaxes discussed above can really
help people to precise their search and get what they are
exactly looking for.
Looking for vulnerable sites or servers using “inurl:” or “allinurl:”
Using “allinurl:winnt/system32/” will list
down all the links to the server which gives you access to those
restricted directories like “system32” through web. If you are
lucky enough then you might get access to the cmd.exe in the
“system32” directory. Once you have the access to “cmd.exe”
and are able to execute it then you can go ahead in further
escalating your privileges over the server and compromise it.
Using “inurl:.bash_history” will list down
all the links to the server which gives access to
“.bash_history” file through web. This is a command history
file. This file includes the list of command executed by the
administrator, and sometimes includes sensitive information
such as password typed in by the administrator. If this file
is compromised and if contains the encrypted unix (or *nix)
password then it can be easily cracked using “John The
Ripper”.
No comments:
Post a Comment