Google hacking – use Google to find passwords, usernames …

Google now a days is the most popular search engine there is on the internet. This is because it is so good at what it is doing. Because of that you can use it to find sensitive information. Google hacking is therefore nothing else than using complex Google queries to find information related to computer security.

Use Google to find what you are looking for
There are several tricks you have to know to use Google to find sensitive information. First take a look at the Google operators and the cheatsheet. There are the several operators described which you can use to form complex queries.

Important operators

  • filetype — is used to specify what kind of file the acessed file should be, e.g. filetype:php returns only php files
  • inurl — defines what should be included in the url of the accessed site, e.g. inurl:edu returns all pages that have edu in their url
  • intitle — defines what should be included in the title of the accessed site, e.g. intitle:”index of” returns all sites that have “index of” in their title

These are the operators you will often use, so get familiar with them. Play around a little bit, e.g. try: icq filetype:log and see what Google returns.

Google Hacking Database
Johnny Long, the person who made Google hacking famous, has a database on its website. Take a look at it. There are hundreds of queries which you can use to find relevant information.

Please do not abuse this and cause harm in any way, this article was written to make you understand what kind of security breaches are out there and therefore be able to fix them.

I hope this was helpful.

Bookmark and Share

Advertisements

One Response to “Google hacking – use Google to find passwords, usernames …”

  1. Automated Google Hacking « Grey.NET Security - Hacking & Computer Security blog Says:

    […] Google. In this article I am going to focus on Google’s search engine since that is what Google Hacking is about. The term actually refers to using Google in an advanced way to find sensitive […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: