Advanced Google Searching (Google Hacking)

 

Google is a powerful search engine that hackers often use it to find passwords, and confidential or sensitive documents that companies do not realize are even available to the public. Most computer people use Google, but do not know how to use all of its search parameters. The term "google hacking" is a method used by unscrupulous people to not only uncovers sensitive data, but also to expose web server vulnerabilities. Here I list several Google search parameters and examples.

 

     filetype:

 



The syntax "filetype:" instructs Google to search for files on the Internet with specific extensions. For example: filetype:doc site:gov confidential Google will produce all the word documents, from all the gov domains that may contain the word confidential. Another example is, filetype:pdf site:com access-list. You may use any domain type, (com, gov, edu…) 

      cache:

 



The syntax "cache:" will display the version of the web page that Google has in its cache. For Example: "cache:www.microsoft.com" will display Google's cache of the Microsoft homepage. 

          intext: 


The syntax "intext" searches for the words within a specific website and ignores the URLs and page titles. For example: intext:confidential will return only links to those web pages that has the search keyword " confidential " in its webpage.

          intitle:


 

The syntax "intitle:" instructs Google to search for pages that contain the words behind intitle: For example intitle:index of master.passwd will return pages within Unix or Linux where the master.passwd files are. /etc/passwd "allintitle:" will produce a list of all words in the title. Google will ignore the slashes. 

intitle: examples:

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov


          inurl:


The syntax "inurl:" instructs Google to search for pages that contain specific words or characters included in the URL such as this inurl:windows. The results of this query will produce such pages that have the word "windows" in it. allinurl: will produces the results of URLs with all of the specified words in its query. allinurl:windows/cracks.

inurl: examples:

inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php
inurl:gov filetype:xls "restricted"



         link:

   


 

The syntax "link:" will produce a list of webpages that have a link to a specified webpage. For example: link:www.thenetworkadministrator.com will create a Google list of websites with links to www.thenetworkadministrator.com


         phonebook:

 



The Google syntax "phonebook" searches for U.S. street addresses and phone number information. For Example: "phonebook:James+FL" will list down all names of person having "James" in their names and located in "Florida (FL)".

related:

 


The syntax related: lists web pages that are "similar" to a specific web page. For Example: related:www.thenetworkadministrator.com will list web pages that are similar to that of TheNetworkAdministrator's homepage. 


          site:

 


The syntax site: instructs Google to search for keywords in a particular site or domain. For example: exchange site:microsoft.com will search for the keywords "exchange" in those web pages in all the links of the domain microsoft.com.

 

 


Make a free website with Yola