The tech giant – Google is known to be a powerful search engine to find text, images, videos, books, and news by everyone. On the contrary, the powerful capabilities of google are utilized by hackers for hacking web sites.
How hacking is possible through Google?
Google is a powerful web crawler that can index anything within your website including sensitive data and can even expose your web application vulnerabilities upon google search using advance google operators. These advanced search operators are designed to make searching more focused and efficient.
Google hacking is also known as Google Dorking, is a combination of computer hacking techniques to find security loopholes in web applications by using google search operators and other applications powered by google. Hackers take advantage of these advanced search operators to locate web application vulnerabilities in web applications and apply them to exploit the website.
Google Advanced Search Operators
Some of the advanced search operators by google are mentioned below:
Advanced Search Operators | Description |
site: | Limit the search query to a specific domain or web site. |
filetype: | Limit the search to the text found in a specific file type |
link: | List the websites having a link to a specific web page |
Cache: | Display the web pages stored in Cache |
related: | Search for Similar web pages |
allintext: | Search for websites containing a specific keyword |
intext: | Search for documents containing a specific keyword |
allintitle: | Search for websites containing a specific keyword in the title |
intitle: | Search for documents containing a specific keyword in the title |
allinurl: | Search for websites containing a specific keyword in URL |
inurl: | Search for documents containing a specific keyword in URL |
Google Hacking & Google Hacking Database (GHDB)
For Google Advanced Search, you can also go to the following URL:
https://www.google.com/advanced_search
Google Hacking was made famous by Johnny Long. The advance search query strings have been compiled into a Google Hacking Database (GHDB). The original database is located at http://www.hackersforcharity.org/ghdb/. GHDB is used for footprinting and thereafter used for exploiting sensitive directories, vulnerable sites, server error messages, etc. The advanced search queries are used in combinations for a more specific search.
Google advance search query example from GHDB: intitle:”index of” “/Cloudflare-CPanel-7.0.1” shows:
The search query results revealed sensitive information of Cloudflare-CPanel (such as sensitive directory information).
Preventive Measures
Once a website is exposed to the internet, a file called robots.txt with a set of rules is added to the root of the website to stop Google or other search engines from crawling and indexing the website. If this file is misconfigured or absent, then a lot of sensitive information from the website is easily exposed and anybody can view that data and exploit the vulnerabilities associated with it. Therefore, it is important to configure robots.txt with the correct configuration. Other proactive measures include encryption of data and sensitive directories using VPNs, firewalls and strong encryption techniques, perform regular vulnerability assessment scans, penetration tests, and risk analysis on websites to check for vulnerabilities and risks from time to time.
Contact LIFARS Immediately for Your Cybersecurity Mitigation Plans.