Popular Post Guest Posted January 30, 2016 Popular Post Posted January 30, 2016 Hidden Content firsr what is Google Hacking Database or googledorks query : is a search string that uses advanced search operators to find information that is not readily available on a website also it can return usernames and passwords, email lists and website vulnerabilities Ok let`s take a look at some google`s special commands which can be used to dig some critical juicy information [ intitle ] Specifying intitle, will tell google to show only those pages that have the term in their html title. For example intitle:"login page" will show those pages which have the term "login page" in the title text. [ allintitle ] Similar to intitle, but looks for all the specified terms in the title [ inurl ] Searches for the specified term in the url. For example inurl:"login.php" [ allinurl ] Same as inurl, but searches for all terms in the url. [ filetype ] Using "filetype:" syntax google searches for a particlur file type(i.e .doc, .exe etc.)for example, “filetype:txt site:gov top secret”(without quotes) will look for the file type ".txt" extension in all the government domains with .gov extension and containing the word top secret either in the page or in the .txt file. [ ext ] Similar to filetype. ext:pdf finds pdf extension files. [ intext ] Searches the content of the page. Somewhat like a plain google search. For example intext:"index of /". [ allintext ] Similar to intext, but searches for all terms to be present in the text [ site ] Limits the search to a specific site only. site:nullbyte.com Basic Formula of dork,“inurl:.”domain”/”dorks” “ so “inurl” = input URL “domain” = your desired domain ex. .gov “dorks” = your dork of your choice You can use following words instead of inurl : intitle: inurl: intext: define: site: phonebook: maps: book: froogle: info: movie: weather: related: link: now I am going to explain you how to use some for finding vulnerability in websites INTITLE: You can use the intitle to find anything in the title of the website. Which also could be usefull to find downloads or anything else. intitle: index of mp3 This is an example to download mp3 songs for free INTEXT: this is my favorite you can find literally everything using intext, you could even use the inurl dorks whith this. intext:"Design & Developed By Seawind Solution Pvt.Ltd." Google will give you all the websites created by IT Masons taht recently has bypass Admin Page Vulnerability in some websites, DEFINE Google will define this massage and will look for what had this error for example, define:”sql syntax error” SITE: when we use it, google will looks for a site . site:netflix.com Google will look for any site related with netflix INFO: google looks for anything you inputted but only information about string which you have puted next to info info:netflix WEATHER: You can find information about weather on google using this dork weather: 31/01/2016 london Other interesting Search Queries To search for sites vulnerable to Cross-Sites Scripting (XSS) attacks:allinurl:/scripts/cart32.exe allinurl:/CuteNews/show_archives.php allinurl:/phpinfo.php To search for sites vulnerable to SQL Injection attacks:allinurl:/privmsg.php inurl:trainers.php?id= inurl:play_old.php?id= 6
Popular Post gabriele24 Rare Rare Posted January 31, 2016 Popular Post Posted January 31, 2016 grazie vedo 5 2
nostromo Rare Posted April 23, 2016 Posted April 23, 2016 thank you for the info, google is a mighty tool (and probably an overlord, too...)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now