googlehacking

Google Hacking

1/19

This material was developed with funding from the National Science Foundation under Grant # DUE 1601612

Restart

Back

Digital footprints information about a particular person that exists on the Internet as a result of their online activity.

2/19

If you are familiar with digital footprints, then you already know that information about you and information you share on social media sites can be indexed by search engines like Google and are therefore available on the Internet. But you may be surprised to learn that search engines index most all information on websites and that insecure websites may expose your personal and private information and other sensitive information to indexing.

3/19

Google hacking the use of a search engine to locate a security vulnerability on the Internet.

Search engines, like Google, index content from websites into their database. When insecure websites expose content like usernames and passwords, or information about the website such as webserver operating systems, to indexing, the sensitive information becomes available to anyone through a simple search. Google hacking, also called Google dorking, is the use of Google (or other search engines) to perform searches of the search engine’s database for this type of sensitive information. Google hacking is legal and doesn’t violate any laws, but can provide valuable information about websites to hackers looking for vulnerabilities.

4/19

As mentioned previously, Google hacking can be used to find website content. For example, if you are looking for websites that contain exposed username and password information, you may use the search engine to look for the term “user” within the Uniform Resource Locator (URL). Or perhaps you would look for the terms “userid” and “password” within the text of the webpage, or maybe you would look for the term “login” within the URL for the website.

5/19

Google hacking can also be used to learn about websites. For example, if you wanted to know if the website is hosted by a Windows web server you might search for the text “404 Object Not Found” in the text of a website. Or if you want to know about the presence and status of hosts, and what services they are running, you may search for insecure CGI Nagios Core network status pages by Googling the terms “nagios” and “status.cgi” within the website URL, such as inurl:nagios/cgi-bin/status.cgi.

Metadata data about data.

Examples of types of sensitive information that can be exposed to search engines in insecure website configurations includes:vulnerable web serversopen FTP serverslog files.env filesemail listsSSH private keyslive cameras

6/19

filetype:

used to show the list of web pages that have links to the URL

useful to locate pages that contain certain characters or strings inside their text

link:

used to show you the full list of all indexed URLs for the domain

A few examples of Google hacks that can be performed include:

used to get results whose URL contains one specific keyword

inanchor:

wildcard used to search pages that contain “anything” before a word

site:

intext:

intitle:

* :

used to search for any type of file extensions

inurl:

useful to search for exact anchor text used on links

Click each example for more information.

7/19

used to search for keywords inside the title

cache:

this will show you the cached version of any website

8/19

penetration tester is a person who tests a computer system, network or web application to find security vulnerabilities that an attacker could exploit.

Google hacking can be used by a penetration tester, also known as an ethical hacker, as a reconnaissance method for discovering potential vulnerabilities and misconfigurations of websites. A penetration tester could then leverage the valuable information acquired to exploit the company. For example, a penetration tester may use sensitive company information to execute a social engineering or phishing attack on company employees.

A penetration tester may also use a Google hack to learn about the website’s underlying technology through website misconfigurations. A penetration tester can then use that information to find a known vulnerability of that particular technology and exploit it to damage or deface the site, gain root access to the operating system, inject code into the website, map a network, or penetrate the network through the website.

9/19

10/19

Username

Password

When building and securing a website, be sure to prevent sensitive content and underlying technology information from being indexed by search engines. Some way to do this is to build security into your website by:encrypting sensitive information like login, customer, and contact informationprotecting sensitive areas with authentication and by using IP-based restrictions.blocking sensitive content by using a robots.txt file located in your root-level website directory

To further limit a website’s exposure to Google hacking, security and regular testing of the website should be implemented. This should include:running Google hacking queries against your own website to see if you can find any exposed informationrunning regular vulnerability scans against your siterequesting removal from Google any sensitive information you may find

11/19

site:azurewebsites.net inurl:.gov | .mil | .edu

sensitive cached reports in the text of a website?

Element with Audio HTML

intitle: "index of" intext:log

Wrong! Try Again.

Take a Quiz

Quiz 1 of 6 What google hack should you use to find…

intext:reports filetype:cache

Great Job!

Drag and drop the correct answer here

inurl:/php-errors.log filetype:log

allintitle: "index of/admin"

13/19

Note: red x to appear for incorrect answers

admin webpages including login pages, parent directory, and framework used for the website?

Quiz 2 of 6 What google hack should you use to find…

14/19

15/19

log files of php errors on a website?

Quiz 3 of 6 What google hack should you use to find…

12/19

Take A Quiz

Now that you have reviewed Google Hacking, click “Next” to test your knowledge.

intitle:index.of id_rsa -id_rsa.pub

inurl:top.htm inurl:currenttime

SSH private keys which you can use to sniff and decrypt traffic on a vulnerable website?

Quiz 4 of 6 What google hack should you use to find…

filetype:sql inurl:backup inurl:wp-content

16/19

Quiz 5 of 6 What google hack should you use to find…

17/19

a vulnerable web camera which allows you to take control of the admin panel and reconfigure it?

Quiz 6 of 6 What google hack should you use to find…

a website’s database to exploit, by locating online copies of it uploaded insecurely?

18/19

You have earned a Super Star in Google Hacking for getting all the questions correct on the first attempt.

19/19

Congratulations

Try Again

You did not answer all the questions correctly on the first attempt. Go back and try the quiz again.