Introduction
Google is not just a search engine, it is a powerful tool used by ethical hackers and penetration tasters to extract sensitive information. This technique, called Google darkening, helps in finding hidden data, vulnerable files, and security loopholes. Ethical hackers use it for security, but hackers also exploit it to find weak points in the system.
What is google dorking?
Google Dorking, or Google Hacking, is a technique used for advanced searching, which normally does not appear in standard searches. It involves the use of Google search operators that help users find:
- login pages
- Vulnerable website
- Vulnerable URLs
- Sensitive documents or files
- Unsecured webcams or databases
Common Google Dorking Operators
Here are some common google dorking operators
1. site: – Search within a specific website
site:cybermentor33.com
site:in #show online .in website 
This displays all indexed pages of a particular website.
site:com #show only .com website
2. filetype: – Search for specific file types
filetype:pdf site:google.comThis query finds all PDF files hosted on the specified website.
filetype:pdf ethical hacking booksThis query find all pdf files of this book
3. intitle: – Search for specific words in the title
intitle:"index of" passwordsThis helps locate directory listings that might contain passwords.
4. inurl: – Search for keywords in a URL
inurl:loginThis finds URLs admin login page.
inurl:login.phpThis query find only php login pages.
5. ext: – Search for specific file extensions
ext:logThis helps find log files that might contain sensitive data.
6. link: – Find pages linking to a specific site
link:google.comThis query shows all pages that link to the given website.
7. Related: – It will provide the result related to our query like pentest.
related:pentest
7. allintext: – This operator will perform the task of locating a particular string in the text of the page.
allintext:vivekgautamThe above-given query will return only those pages which include the terms vivekgautam in the text.
9. define: – This operator provides the definition of a term as a result.
define:pentest
Google Dorking in Hacking
1. Finding Exposed Login Pages of specific country or domain
site:in inurl:admin loginThis query helps locate open admin login portals of indian website.
Here “in” is the indian website domain extension.
domain extension of specific country:
India = .in
Pakistan = .pk
Nepal = .np
china = .cn
2. Uncovering Unsecured Security Cameras
inurl:/view.shtmlThis query helps find open IP cameras accessible on the internet.
2. Discovering Open Databases
site:pk inurl:phpMyAdminThis can help find open phpMyAdmin panels, which may allow unauthorized database access.
4. Extracting Sensitive Files
filetype:xls OR filetype:csv "password"This finds spreadsheets that may contain passwords.
Conclusion
Google Dorking or google hacking is a powerful tool that helps ethical hackers detect security vulnerabilities before cybercriminals exploit them. However, in the wrong hands, this technique can be dangerous. Organizations must understand its risks and enhance their security to prevent data breaches.
