Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. The following search query would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, "Powered by XOOPS 2.2.3 Final".
The following search query will locate all websites that have the words "admbook" and "version" in the title of the website. It also checks to ensure that the web page being accessed is a PHP file.
One can even retrieve the username and password list from Microsoft FrontPage servers by inputting the given microscript in Google search field:
Devices connected to the Internet can be found. A search string such as
inurl:"ViewerFrame?Mode=" will find public web cameras.
Another useful search is following
intitle:index.of followed by whatever you want to search. This can give a list of files on the servers. For example,
intitle:index.of mp3 will give all the MP3 files available on various servers.
There are many similar advanced operators which can be use to exploit insecure websites:
|Operator||Purpose||Mixes with Other Operators?||Can be used Alone?||Web||Images||Groups||News|
|intitle||Search page Title||yes||yes||yes||yes||yes||yes|
|allintitle||Search page title||no||yes||yes||yes||yes||yes|
|inurl||Search URL||yes||yes||yes||yes||not really||like intitle|
|allinurl||Search URL||no||yes||yes||yes||yes||like intitle|
|filetype||specific files||yes||no||yes||yes||no||not really|
|allintext||Search text of page only||not really||yes||yes||yes||yes||yes|
|site||Search specific site||yes||yes||yes||yes||no||not really|
|link||Search for links to pages||no||yes||yes||no||no||not really|
|inanchor||Search link anchor text||yes||yes||yes||yes||not really||yes|
|numrange||Locate number||yes||yes||yes||no||no||not really|
|daterange||Search in data range||yes||no||yes||not really||not really||not really|
|author||Group author search||yes||yes||no||no||yes||not really|
|group||Group name search||not really||yes||no||no||yes||not really|
|insubject||Group subject search||yes||yes||like intitle||like intitle||yes||like intitle|
|msgid||Group msgid search||no||yes||not really||not really||yes||not really|
History of Google Hacking
Google Hacking History - Timeline by Bishop Fox
Johnny Long creates "googleDorks" in 2002
The concept of "Google Hacking" dates back to 2002, when Johnny Long began to collect interesting Google search queries that uncovered vulnerable systems and/or sensitive information disclosures - labeling them googleDorks.
The list of googleDorks grew into large dictionary of queries, which were eventually organized into the original Google Hacking Database (GHDB) in 2004. These Google hacking techniques were the focus of a book released by Johnny Long in 2005, called Google Hacking for Penetration Testers, Volume 1.
Since its heyday, the concepts explored in Google Hacking have been extended to other search engines, such as Bing and Shodan. Automated attack tools use custom search dictionaries to find vulnerable systems and sensitive information disclosures in public systems that have been indexed by search engines.
For a full visual timeline, detailing the major events and developments in Google Hacking from 2002 to Present, see the Google Hacking History by Bishop Fox.
- Google Hacking Diggity Project - Bishop Fox - A research and development initiative dedicated to investigating the latest techniques that leverage search engines (such as Google, Bing, and Shodan) to quickly identify vulnerable systems and sensitive data on public networks. An arsenal of free attack and defense tools related to search engine hacking are available for download.
- Google Hacking Database (GHDB) - REBORN - 09Nov2010 - Exploit-db.com folks picked up the effort of maintaining and adding to the original GHDB created by Johnny Long.
- "Google Hacking: .pdf Document", boris-koch.de (printable, .pdf)
- "Google Help: Cheat Sheet", Google (printable)
- "googleDorks created by Johnny Long". Johnny Long. Retrieved 8 December 2002.
- "Google Hacking Database (GHDB) in 2004". Johnny Long. Retrieved 5 October 2004.
- "Google Hacking for Penetration Testers, Volume 1". Johnny Long. Retrieved 20 February 2005.
- "Bing Hacking Database (BHDB) v2". Bishop Fox. Retrieved 27 August 2014.
- "Shodan Hacking Database (SHDB) - Part of SearchDiggity tool suite". Bishop Fox. Retrieved 21 June 2013.
- "SearchDiggity - Search Engine Attack Tool Suite". Bishop Fox. Retrieved 27 August 2014.
- "Google Hacking History". Bishop Fox. Retrieved 27 August 2014.