If we're unsure about something, the first thing we usually do is ask someone who might know, right? But if they don't know either, the next thing we'll do is jump on Google (or whatever search engine we prefer) to find the answer! It's like our go-to move now. We usually search by typing some keywords. Simultaneously, it'll display to you the list of all possible results on the screen. The results may number up to anything; sometimes, you'll find the solution by referring to the result on the last page. But there's another technique to find specifics that actually satisfy our queries.
Google dorking or hacking is an advanced search technique that gives the results that are not usually visible through standard search. In this article, we'll show you how to use Google Dorks, how it actually works, its benefits, and some of the potential risks.
What is Google Dorking or Hacking?
Google Dorking, aka Google Hacking, is an advanced search technique used to look for specific data and unleash sensitive information. It takes advantage of Google's powerful search algorithms to identify specific text strings, to find specific file types, and to reveal targeted information within search results. Although it's legal, it purely depends on the user's intention. Additionally, it is used by penetration testers to identify vulnerabilities in networks and webpages.
The term "Google Hacking" first appeared in 2002 when Johny Long started compiling Google Search Queries that revealed vulnerable systems or the revelation of sensitive information under the moniker "googleDorks."
The list of Google Dorks grew into a large dictionary of queries, which were eventually organized into the original Google Hacking Database (GHDB) in 2004.
How does Google Dorking work behind the scenes?
Actually, Google dorks don't use any secret method to query and fetch data. It simply uses the Google advanced search operators to filter through Google's massive index of web pages.
Before understanding Dorking, you have to know how Google Search works:
Crawling: Google uses the automated programs (crawlers or bots) that browse web pages and access other content on the internet.
Indexing: Then it stores the collected information in a large database called Google Index, which is like a directory of all the web pages Google is aware of.
Ranking: When the user searches, Google uses the index to find the relevant information and rank it based on the user query and other user factors.
This is how Google Search works. In the same context, dorking just makes use of some advanced operators and methods to filter and focus on specific information from the Google index.
Basic Commands:
In this technique, users usually combine one or more methods to execute the operations. Some of the common commands are as follows:
site: <site URL> It looks for the data within the specific site or domain.
filetype: <filetype> It is used to find the data in a specific file type.
site: <site URL> filetype: <filetype> It looks for the data in a specific file format within the site or domain.
inurl: <site URL> It looks for the specific string or phrase in the URL.
intext: <"string"> To find pages where a specific word or phrase appears in the body text of the page - not just in the title or URL.
site: <site URL> It finds pages that have a specific word or phrase in their title tag.
cache: <site URL> It is used to view the cached version of a webpage - that is, the version Google saved when it last indexed the site.
inanchor: <site URL> It is used to find pages that are linked to using specific anchor text.
location: <location name> It is used to limit your search results to a specific geographic location - like a county, city, or region.
You can find more commands
here.
Dangers of Google Dorking:
As said earlier, the purpose of this technique purely depends on the user's intention. If any data is made publicly accessible accidentally, there are more chances that the malicious users can steal and misuse the data. Unauthorized users can access the confidential files like passwords, private databases, and financial documents.
Even if the user is "just searching," accessing certain information without permission can break cybersecurity laws like GDPR, CFAA, or India's IT Act. Cybercriminals use Google dork to orchestrate cyberattacks.
How can we protect ourselves from dorking:
The following preventive measures can be taken to protect the sensitive online data from dorking:
- Use robots.txt file in your website to guide the search engine which part of the website can be crawled.
- Strengthen the security of private areas by enforcing IP-based access restrictions and implementing robust password authentication mechanisms.
- If the data is sensitive, use password protection. Password-protected content is inaccessible to Google, meaning it will not appear in search results.
- Encrypt the sensitive online data. Even if files are indexed or discovered using advanced search techniques (Google Dorking), encryption ensures the information remains unreadable without the correct decryption key.
- Run vulnerability scans regularly using tools like OWASP ZAP or Burp Suite to find the loopholes in your website. It will help you strengthen the site.
- Check for the exposed information from your site regularly.
Can we use Google dorking on other search engines?
Yes, we can use dorking on other web engines like Bing, Yahoo, etc. It also depends on how indexing is carried out in those search engines.
Google Dorking itself is not illegal, but using it to access, download, or misuse sensitive information can be illegal. It's also a major reason why cybersecurity professionals use dorking ethically in penetration testing.
