V2 - Hack Like Pro using Google Dorks

Mini Blog cybersecurity
, , ,
1

Some advanced Google Dorks examples for reconnaissance, along with explanations:

  1. Finding specific file types within a site:

    • Dork: site:example.com filetype:pdf
    • Explanation: Searches for PDF files within example.com.
    • Advanced Example: site:example.com filetype:pdf "financial report"
    • Usage: Locates financial reports in PDF format on example.com.

  2. Discovering configuration files:

    • Dork: intitle:"index of" "config"
    • Explanation: Looks for directories indexed by search engines that contain configuration files.
    • Advanced Example: intitle:"index of" "config" site:example.com
    • Usage: Finds configuration files within example.com.

  3. Locating backup files:

    • Dork: inurl:backup
    • Explanation: Finds URLs containing the word “backup”.
    • Advanced Example: inurl:backup filetype:sql
    • Usage: Searches for SQL backup files.

  4. Finding admin login pages:

    • Dork: intitle:admin
    • Explanation: Searches for pages with “admin” in the title.
    • Advanced Example: intitle:admin inurl:login
    • Usage: Identifies login pages with “admin” in the URL.

  5. Exposing sensitive documents:

    • Dork: filetype:docx
    • Explanation: Searches for Microsoft Word documents.
    • Advanced Example: filetype:docx intext:"confidential" -site:example.com
    • Usage: Finds confidential Word documents while excluding results from example.com.

  6. Detecting vulnerable scripts:

    • Dork: inurl:/phpinfo.php
    • Explanation: Looks for pages revealing PHP configuration.
    • Advanced Example: inurl:/phpinfo.php -site:php.net
    • Usage: Identifies PHP info pages, excluding official PHP documentation.

  7. Finding exposed email lists:

    • Dork: filetype:xls intext:"email"
    • Explanation: Searches for Excel files containing the word “email”.
    • Advanced Example: filetype:xls intext:"email" "password"
    • Usage: Locates Excel files that may contain email and password combinations.

  8. Exploring open directories:

    • Dork: intitle:"index of /"
    • Explanation: Finds open directory listings.
    • Advanced Example: intitle:"index of /" "parent directory" inurl:ftp
    • Usage: Identifies open FTP directories.

  9. Identifying exposed databases:

    • Dork: inurl:phpmyadmin
    • Explanation: Looks for URLs related to phpMyAdmin.
    • Advanced Example: inurl:phpmyadmin intext:"Welcome to phpMyAdmin"
    • Usage: Finds pages welcoming users to phpMyAdmin, potentially revealing accessible databases.

  10. Locating login portals with specific text:

    • Dork: intitle:login intext:"username" intext:"password"
    • Explanation: Finds login pages with “username” and “password” in the text.
    • Advanced Example: intitle:login intext:"username" intext:"password" site:example.com
    • Usage: Searches for login portals on example.com requiring username and password.

  11. Discovering public network devices:

    • Dork: inurl:"/dana-na/auth/url_default/welcome.cgi"
    • Explanation: Identifies SSL VPN login pages.
    • Advanced Example: inurl:"/dana-na/auth/url_default/welcome.cgi" -site:example.com
    • Usage: Finds public SSL VPN login pages excluding a specific site.

  12. Finding public webcams:

    • Dork: inurl:/view/view.shtml
    • Explanation: Locates public webcam interfaces.
    • Advanced Example: inurl:/view/view.shtml intext:"network camera"
    • Usage: Searches for network camera interfaces viewable publicly.

  13. Exposing API keys and tokens:

    • Dork: intext:"api_key" filetype:env
    • Explanation: Searches for API keys within environment files.
    • Advanced Example: intext:"api_key" filetype:env site:github.com
    • Usage: Finds API keys in environment files on GitHub.

  14. Finding sensitive information in logs:

    • Dork: filetype:log intext:"password"
    • Explanation: Searches log files for occurrences of the word “password”.
    • Advanced Example: filetype:log intext:"password" site:example.com
    • Usage: Identifies log files containing passwords on example.com.

  15. Finding internal documents:

    • Dork: filetype:doc site:example.com
    • Explanation: Searches for Word documents within a specific site.
    • Advanced Example: filetype:doc site:example.com intext:"internal use only"
    • Usage: Finds internal documents on example.com marked for internal use only.

Remember to use these dorks ethically and responsibly, adhering to legal and ethical guidelines.