Google Hacking (also called Dorking) is an information-gathering technique used by hackers to find significant, valuable, and sensitive information right from a google search. This search feature built by google was intended to serve as a way for researchers and students to execute very specific and powerful search queries. Unsurprisingly, cybercriminals leverage this advanced feature to serve their own nefarious motives. Hackers can use Google hacking to find vulnerabilities in web applications, discover files, error messages, and other sensitive information.
Google hacking works by using operators in the search bar such as “site:example.com”, “filetype:pdf”, “intitle:example”. You have probably figured out that these operators work in this format “operator: term to be searched”
Now let us go over some of the more common search queries attackers may use. These can be used in regards to your organization to see what a person can find out about your company using Google.
Finding exposed usernames and passwords
‘allintext:username filetype:log site:yourwebsite.com’
Finding vulnerable web servers
Inurl:/proc/self/cwd
Finding open FTP servers
Intitle “index of” inurl:ftp
These are just a few examples of the things that can be uncovered through a quick Google search. There are also many Dorking cheat sheets online that you can use to help you craft queries to investigate your company’s exposure on the internet. Do not do a big DORK and expose sensitive information on Google. With a little research, you could be Dorking your way to better security in no time. Of course, this is no substitute for a fully-fledged cybersecurity maturity plan, just an interesting way for you to get closer to your organization's current security posture. Learn how TechGuard can help you establish a solid, long-term strategy for preventing cyberattacks that suits your needs. Contact us today.