শনিবার, ১৭ ডিসেম্বর, ২০১৬

Google dorking hacking techniques

What is Goolge Dorking ?

Google dorking is an advanced technique to retrieve or obtain information from google.Google dorking is mostly used to find vulnerable targets and sensitive data using advance search queries.
In other words google dorking is an art of making google search efficient and simpler.

Basic google dorking techniques:

Just like programming languages google also uses search operators.There are plenty of search operators to refine google search.Some commonly used are:
1 . intitle     returns the pages that contain the strings you specify example:
intitle:python tutorial   it will return the pages which have python tutorial in the title text.
2 . allintitle:admin login   it returns the pages whose title have both admin and login in the tilte.
3 . inurl:adminlogin.php     It returns the pages which have adminlogin.php in their url. You can use similar term to find asp pages inurl:adminlogin.asp. 
inurl:login    
4 . related:www.tutorialpoint.com    It will return similar website to tutorialpoint.
5 . cache:www.tutorialpoint.com    It returns cached pages even when website is down or internet not workin.
6 . ext:ppt python   it will return ppt files on python.
7 .  site:www.python.com   it returns the links within the python.com
8 . 
book:python language   it will search for python books inside google online library. 

Dorks for Finding Vulnerable for SQL injection

  1. inurl:newsDetail.php?id=
  2. inurl:news.php?id=
  3. inurl:avd_start.php?avd=
  4. inurl:event.php?id=
  5. inurl:product-item.php?id=
  6. inurl:aboutbook.php?id=
  7. inurl:show.php?id=
  8. inurl:newsitem.php?num=
  9. inurl:play_old.php?id=
  10. inurl:games.php?id=
  11. inurl:page.php?file=
  12. inurl:newsDetail.php?id=
  13. inurl:gallery.php?id=
  14. inurl:article.php?id=
  15. inurl:view_product.php?id=
  16. inurl:sw_comment.php?id=
  17. inurl:sql.php?id=
  18. inurl:avd_start.php?avd=
  19. inurl:news.php?id=
  20. inurl:kategorie.php4?id=
  21. inurl:faq2.php?id=
  22. inurl:opinions.php?id=
  23. inurl:pages.php?id=
  24. inurl:participant.php?id=
  25. inurl:participant.php?id=
  26. inurl:chappies.php?id=
  27. inurl:prod_detail.php?id=
  28. inurl:productinfo.php?id=
  29. inurl:review.php?id=
  30. inurl:page.php?id=
  31. inurl:newsid=
  32. inurl:news_display.php?getid=
  33. inurl:news-full.php?id=
  34. inurl:newsid=
  35. inurl:item_id=
  36. inurl:shredder-categories.php?id=
  37. inurl:main.php?id=
  38. inurl:download.php?id=
  39. inurl:avd_start.php?avd=
  40. intitle:Login * Webmailer
  41. inurl:staff_id=
  42. inurl:staff_id=
  43. inurl:show.php?id=
  44. inurl:newsDetail.php?id=
  45. inurl:newsitem.php?num=
  46. inurl:pageid=
  47. inurl:article.php?ID=
  48. intitle:ANNOUNCE -inurl:lists
  49. inurl:curriculum.php?id=
  50. inurl:tekst.php?idt
  51. nurl:newsticker_info.php?idn=

Advance Google Dorking techniques


Dork for finding password lists

inurl:wp-content/uploads filetype:xls | filetype:xlsx password
filetype:log intext:password | pass | pw
inurl:"ftp" intext:"user" | "username" | "userID" | "user ID" | "logon" | "login" intext:"password" | "passcode" filetype:xls | filetype:xlsx
intext:smtp | pop3 intext:login | logon intext:password | passcode filetype:xls | filetype:xlsx
ext:xls intext:NAME intext:TEL intext:EMAIL intext:PASSWORD
inurl:etc -intext:etc ext:passwd

Dork for finding usernames

site:extremetracking.com inurl:"login="
intext:"SteamUserPassphrase=" intext:"SteamAppUser=" -"username" -"user"
inurl:root.asp?acs=anon
filetype:conf inurl:proftpd.conf -sample
Posted by at
Labels:

কোন মন্তব্য নেই:

একটি মন্তব্য পোস্ট করুন

এতে সদস্যতা: মন্তব্যগুলি পোস্ট করুন (Atom)