Google Dorks Hacks + Explanation

A Google dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators to find information that is not readily available on a website. Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries.

Google will highlight those words within the cached document.

usage: cache:www.google.com web

This will show the cached content with the word “web” highlighted.

This will list webpages that have links to the specified webpage.

usage: link:www.google.com

This will list webpages that have links pointing to the Google homepage.

This will list web pages that are “similar” to a specified web page.

usage: related:www.google.com

This will list web pages that are similar to the Google homepage.

This will present some information that Google has about that web page.

usage: info:www.google.com

This will show information about the Google homepage.

This will provide a definition of the words you enter after it, gathered from various online sources.

Google will restrict the results to those websites in the given domain.

usage: help site:www.google.com

This will find pages about help within http://www.google.com.

Google will restrict the results to those with all of the query words in the title.

usage: allintitle: google search

This will return only documents that have both “google” and “search” in the title.

Google will restrict the results to documents containing that word in the title.

usage: intitle:google search

This will return documents that mention the word “google” in their title, and mention the word “search” anywhere in the document (title or no).

dork is basically used to find the entered text in url.

usage: inurl:google search

This will return documents that mention the word “google” in their url, and mention the word “search” anywhere in the document (url or no).

This google dork is used to find entered text in url and description as if we enter intext: welcome admin user name . now this will search every text in description and url too.

This google dork is used to find text every where weather in title or description or in url etc as if we enter inall:admin login this will search every where admin login text in website.

ext:

You can use ‘filteype’ at place of ‘ext’.:

ext:ppt hacking – this will return powerpoint presentations (ppt files) on topic ‘hacking’.

ext:doc hacking – this will return microsoft word files on topic ‘hacking’

Extensions that google supports are pdf,swf,rtf,doc,ppt,dwf,ps,kml,kmz,xls.

Files Containing Usernames:

filetype:conf inurl:proftpd.conf -sample

finding admin panel examples:

inurl:/admin/index.php & intext:/welcome admin user name pass

inurl:admin/login.asp

inurl:admin/login.php

and lot more.

Unsafe control panels Dorks examples:

inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin

inurl:phpmyadmin/index.php

SQL Injection example:

intext:SQL syntax & inurl:index.php?=id

Files containg passwords examples:

filetype:sql insite:pass && user

ext:sql intext:@hotmail.com intext :password

filetype:sql inurl:wp-content/backup-*(Search for WordPress MySQL database backup.)

filetype:sql "phpmyAdmin SQL Dump" (pass|password|passwd|pwd)

inurl:ftp "password" filetype:xls

filetype:sql "PostgreSQL database dump" (pass|password|passwd|pwd)

filetype:ini "[FFFTP]" (pass|passwd|password|pwd)

filetype:ini "FtpInBackground" (pass|passwd|password|pwd)

filetype:ini "precurio" (pass|passwd|password|pwd)

filetype:ini "SavedPasswords" (pass|passwd|password|pwd)

filetype:ini "pdo_mysql" (pass|passwd|password|pwd)

inurl:config/databases.yml -trac -trunk -"Google Code" -source -repository"login: *" "password= *" filetype:xls

ext:php

intext:"$dbms""$dbhost""$dbuser""$dbpasswd""$table_prefix""phpbb_installed"

filetype:sql "insert into" (pass|passwd|password)

inurl:"editor/list.asp" | inurl:"database_editor.asp" | inurl:"login.asa" "are set"

ext:yml database inurl:config

inurl:"Sites.dat"+"PASS="

finding upload paths example:

inurl:.co.in & inurl:upload.php & intext:browse

CAM Dorks:

inurl:"ViewerFrame?Mode="

intitle:"Live View / - AXIS" | inurl:view/view.shtml

inurl:"MultiCameraFrame?Mode="

intitle:"WJ-NT104 Main"

inurl:LvAppl intitle:liveapplet

"Powered by webcamXP"

inurl:indexFrame.shtml "Axis Video Server"

intitle:flexwatch intext:"Copyright by Seyeon TECH Co"

inurl:"CgiStart?page="

inurl:/view.shtml

intitle:"Live View/ — AXIS

inurliview/view.shtml

inurl:ViewerFrame?M0de=

inurl:ViewerFrame?M0de=Refresh

inurliaxis-cgi/jpg

inurliaxis-cgi/mjpg (motion-JPEG) (disconnected)

inurl:view/indexFrame.shtml

inurliview/index.shtml

inurliview/view.shtml

liveapplet

intitle:"live view" intitle:axis

intitleiliveapplet

allintitle:"Network Camera NetworkCamera" (disconnected)

intitleiaxis intitle:"video server"

intitleiliveapplet inurl:LvAppl

intitle:"EvoCam" inurl:"webcam.html"

intitle:"Live NetSnap Cam-Server feed"

intitle:"Live View/ — AX|S"

intitle:"Live View/ — AXIS 206M"

iintitle:"live View / — AXIS 706W"

intitle:"Live View/ — AXIS 210?

inurl:indexFrame.shtml Axis

inurl1"MultiCameraFrame?Mode=Motion" (disconnected)

intitleistart inurl:cgistart

intitle:"WJ-NTI 04 Main Page"

intitleisnc-220 inurl:home/

intitleisnc-cs3 inurl:home/

intitleisnc-r230 inurl:home/

intitle:"sony network camera snc-pl ?

intitle:"sony network camera snc-ml ?

site:.viewnetcam.com -www.viewnetcam.com

intitle:"Toshiba Network Camera" user Iogin

intitle:"netcam live image" (disconnected)

intitle:"i-Catcher Console — Web Monitor"

Back to top button
Close