Google Dorks — Hacking by Google Search Engine. (2024)

Hello to all my fellow Ethical Hacker, i have come today with how to do hacking from google. In this blog we will see how to search your target with the help of google. So, lets started!

First you need to know,

What is Google Dork?

The sets of information above are protected by certain ethical barriers. No ordinary citizen is supposed to get access to them. However, what if you are a detective, news room journalist or an auditor of some government agency? How do you get access to these tiny yet essential details? That is where Google dorking is important. It is method employed by ethical hackers to make queries on search engines when they are sourcing for very delicate pieces of information. Examples of these pieces of information include the tax files of certain big organizations, the data set of certain victims covered up by the government or pretty much any piece of info you would not find when you just conduct any normal search.

Not to create too much tension, this is not like some sort of secret exclusive to a certain cult. No! Pretty much anyone with the knowledge of basic search engine queries can carry out a Google Dorking operation. Besides, it does not require pulling a technical stunt or possessing a Harvard degree in cyber security. It all boils down to understanding some basic methods and instructing the computer to execute some basic commands. It allows any individual to be able to use the World Wide Web to its full capacity.

Google Dork operators:

Google search operators are special characters and commands (sometimes called “advanced operators”) that extend the capabilities of regular text searches. Search operators can be useful for everything from content research to technical SEO audits.

Some operators are:

1. intitle:
2. allintitle:
3. inurl:
4. allinurl:
5. intext:
6. allintext:
7. filetype:

Now, in detail about these operators.

How to use search operators.

1. intitle: Search only in the page’s title for a word or phrase. Use exact-match (quotes) for phrases. Example: intitle:security tools
2. allintitle: Search the page title for every individual term following “allintitle:”. Same as multiple intitle:’s. Example: allintitle:"Security Companies"
3. inurl: Look for a word or phrase (in quotes) in the document URL. Can combine with other terms. Example: inurl:admin
4. allinurl: Search the URL for every individual term following “allinurl:”. Same as multiple inurl:’s. Example:allinurl:admin
5. intext: Search for a word or phrase (in quotes), but only in the body/document text. Example: intext: hacking tools
6. allintext: Search the body text for every individual term following “allintext:”. Same as multiple intexts:’s. Example: allintext: hacking tools
7. filetype: Match only a specific file type. Some examples include PDF, DOC, XLS, PPT, and TXT. Example: email security filetype: pdf

Some Techniques of Google Dorking

1. Explore LOG Files For Login Credentials

This is a process to find the .LOG files accidentally exposed on the internet. This is basically a LOG file containing clues about what the credentials to the system might be or various user/ admin accounts that exists in the system.

Search query to perform the action

allintext:password filetype:log after:2019

When you enter this command in your google search box, you will find list of applications with exposed log files.

Dork command using two google operators

You can also use two combined google operators all in text and filetype.

allintext:username filetype:log

The above command with expose you all the results that includes username inside *.log files

2. To Explore Open FTP Servers

The lack of setting access permissions in the FTP can be the direct cause of internal information getting published unintentionally. Even dangerous, if the FTP server is in “Write” status, this can create risk of the server being used as “storage” for computer viruses and illegally copied files.

With the following dork command, you will be able to easily explore the publicly exposed FTP Servers, which can sometimes explore many things.

intitle:"index of" inurl:ftp

3. Explore Specific websites with specific domains

Let’s say you want to explore websites or certain organization that has certain domain. You can simply do that by entering the following code:

“inurl:."domain"/”dorks” “

Example: “inurl:.gov/index.php?id=”

You can use the above example to explore all the list of government sites. You can also replace inurl: with some other google search operators for interesting results.

4. Explore Configurations Using ENV files

.env is used by various popular web development frameworks to declare general variables and configurations for local as well as dev environment.

DB_USERNAME filetype:envDB_PASSWORD filetype:enc=v

By using the command you can find list of sites that expose their env file publicly on the internet. Most of the devs inserts their .env file in the main website public directory, which can cause a great harm to their site if gets in hand of any cyber criminals.

If you click into any of the exposed .env file, you will notice unencrypted usernames, passwords and IPs are directly exposed in the search results.

These are some ways with the help of which you can search your target. Hopefully, you guys must have learned something new. Use these stuff and Exploit!

Thank you for reading. Be an #Ethical Hacker and stay safe.