Skip to main content

Making the most out of Google – Google Hacking


What is Google Hacking ?

Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.

Get more hacking tricks

Google Advance Search
A little more sophisticated…
Google Operators:
–Operators are used to refine the results and to maximize the search value.  They are your tools as well as hackers’ weapons
Basic Operators:
                     +, -, ~ , ., *, “”, |, OR
Advanced Operators:
         allintext:,  allintitle:,  allinurl:,  bphonebook:,  cache:,  define:,  filetype:, info:,  intext:,  intitle:,  inurl:,  link:,  phonebook:,  related:,  rphonebook:,  site:,  numrange:,  daterange
Basic Operators
          (+) force inclusion of something common
         Google ignores common words (where, how, digit, single letters) by default:
      Example:  StarStar Wars Episode  +I
         (-) exclude a search term
      Example: apple –red
         (“) use quotes around a search term to search exact phrases:
      Example: “Robert Masse”
         Robert masse without “” has the 309,000 results, but “Robert masse” only has 927 results.  Reduce the 99% irrelevant results
Basic Operators
         (~)  search synonym:
            Example: ~food
Return the results about food as well as recipe, nutrition and cooking information
         ( . ) a single-character wildcard:
            Example: m.trix
Return the results of M@trix, matrix, metrix…….
         ( * ) any word wildcard
Advanced Operators: “Site:”
         Site: Domain_name
         Find Web pages only on the specified domain.  If we search a specific site, usually we get the Web structure of the domain
Advanced Operators: “Filetype:”
        Filetype: extension_type
        Find documents with specified extensions
        The supported extensions are:
– HyperText Markup Language (html)                  – Microsoft PowerPoint (ppt)
– Adobe Portable Document Format (pdf)            – Microsoft Word (doc)
– Adobe PostScript (ps)                                             – Microsoft Works (wks, wps, wdb)
– Lotus 1-2-3                                                               – Microsoft Excel (xls)
  (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)        – Microsoft Write (wri)
– Lotus WordPro (lwp)                                               – Rich Text Format (rtf)
– MacWrite (mw)                                        – Shockwave Flash (swf)
         Text (ans, txt) 
         Note: We actually can search asp, php and cgi, pl files as long as it is text-compatible.
      Example: filetype:xls
Advanced Operators “Intitle:”
        Intitle: search_term
        Find search term within the title of a Webpage
        Allintitle: search_term1 search_term2 search_term3
        Find multiple search terms in the Web pages with the title that includes all these words
        These operators are specifically useful to find the directory lists
            Find directory list:
            Intitle: Index.of “parent directory”
Advanced Operators “Inurl:”
        Inurl: search_term
        Find search term in a Web address
        Allinurl: search_term1 search_term2 search_term3
        Find multiple search terms in a Web address
            Inurl: cgi-bin

            Allinurl: cgi-bin password

Want to find IP Address of your friend

Advanced Operators: “Cache:”
        Cache: URL
        Find the old version of Website in Google cache
        Sometimes, even the site has already been updated, the old information might be found in cache
Requires two parameters, a low and high number
        Ex. Numrange:12344-12346
        Ex1. Numrange:12344..12346
It has been suggested that this is one of the most dangerous searches. That could be used to harvest phone numbers, credit cards, etc.
In fact in Google help doesn’t make mention of this directive – Be careful using this
Advanced Operators
        Conduct a number range search by specifying two numbers, separated by two periods, with no spaces.  Be sure to specify a unit of measure or some other indicator of what the number range represents
              Computer $500..1000
              DVD player $250..350
Advanced Operators “Link:”
        Link: URL
        Find the Web pages having a link to the specified URL
        Related: URL
        Find the Web pages that are “similar” to the specified Web page
        info: URL
        Present some information that Google has about that Web page
        Define: search_term
        Provide a definition of the words gathered from various online sources
             Define: Network security
Advanced Operators “phonebook:”
        Search the entire Google phonebook
        Search residential listings only
        Search business listings only
          Phonebook: robert las vegas (robert in Las Vegas)
          Phonebook: (702) 944-2001 (reverse search, not always work)
          The phonebook is quite limited to U.S.A
Google, Friend or Enemy?
        Google is everyone’s best friend (yours or hackers)
        Information gathering and vulnerability identification are the tasks in  the first phase of a typical hacking scenario
        Positive, stealth and huge data collection
        Google can do more than search
Hope you get much more information about Google….

%d bloggers like this: