Ethical Hacking Using Google
In this article, I will explain the basic concepts of Google Dorking. This is the exploitation of search parameters for OSINT, and interfacing with internet-accessible devices.
Important Disclaimer: This tutorial is not intended nor condoning the illicit collection of data, or surveillance of private areas. The functionality of this article only works on publicly accessible devices, and data posted and crawled by Google. Any use of this article for malicious purposes is outside of the responsibility of the poster.
What Is Google Dorking?
Google “Dorking” is the act of using search parameters provided by Google for its browser. You can use this to find files, websites relating to a topic, or message groups. However, this feature lets you conduct OSINT data collection and ethical research as well.
All of the files, addresses and data collected via this is public. Only data that has been posted/published/indexed by google is accesible. However, certain addresses may violate a copyright agreement and Google will filter it out.
Example 1 – “filetype:”
Let us begin with an example using the first search parameter, filetype.
The following search term will return any .env (environment/log) files which contain the string db_password. Often times, these files never show up search results and may contain now public information such as database passwords and even educational log files.
Here is an example of a .env file located by that search term:
Example 2 – “intitle/inurl”
Intitle and Inurl can be used to locate strings of text on Google, either in the title or the url of the address itself. In this example, we will attempt to look for any exposed FTP servers:
Here, we look for the string “index of” in any site which contains “ftp” in its URL. This should return any index page of FTP servers. In this case, we received 740,000 results. Here is an example FTP server, crawled by Google, that was located:
Example 3 – Webcam XP5
The following example is an interesting one. By using “intitle”, you can access internet-open webcams that require no login and are indexed by google. These include surveillance cameras of roads, server rack security cameras and many others internationally.
Beware, however, when viewing these pages. Should SWF be disabled on your browser, Chrome and Edge automatically attempts to download SWF macros sent by the site. This may be a reverse connection point from a smart enough hacker.
In this short article, I hope I have given you some insight as to how to use these search terms to “dork” googles engine, and to retrieve/crawl pages which may be useful to ethical hackers.
The deeper you get in Google with Dorking, the more mystery there may be lying on the surface web. Browse responsibly. Thank you for reading, and consider following Batch-Man for future content.
I am a programmer and a computer hobbyist in the United States. I make articles about a variety of topics.