By Elmalla A. on April 1, 2017
Originally written for A.
Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. The following search query would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, "Powered by XOOPS 2.2.3 Final"
One can even retrieve the username and password list from Microsoft FrontPage servers by inputting the given microscript in Google search field:
"#-Frontpage-" inurl:administrators.pwd or filetype:log inurl password login
Devices connected to the Internet can be found. A search string such as inurl:"ViewerFrame?Mode=" will find public web cameras.
Another useful search is following intitle:index.of  followed by a search keyword. This can give a list of files on the servers. For example, intitle:index.of mp3 will give all the MP3 files available on various servers.
Google dorks: Hackers Weapon ?
In October 2013, unidentified attackers used Google dorks to find websites running vulnerable versions of a proprietary internet message board software product, according to security researchers,” the FBI warning says.
After searching for vulnerable software identifiers, the attackers compromised 35,000 websites and were able to create new administrator accounts.
A simple “operator:keyword” syntax, such as “filetype:xls intext:username,” in the standard search box would retrieve Excel spreadsheets containing usernames. Additionally, freely available online tools can run automated scans using multiple dork queries.
Shock as web users employ ‘search’
The warning also offers a useful link to Google’s own testing centre for pre-empting such attacks, the Google Hacking Database. Webmasters can use this to check whether files are “visible” to Google dorks, then hide them if they wish.
Ars Technica points out that the warning refers to “malicious cyber actors” and refers to a notorious case in which reporters were accused of “hacking” a website by using freely available information and an automated tool, GNUGet.
However, as Ars explains, the warning is not really meant to highlight a “new” technique, i.e Google dorks, but to warn webmasters to make their websites more secure.
In a restricted intelligence document distributed to police, public safety, and security organizations in July 2014, the Department of Homeland Security warned of a “malicious activity” that could expose secrets and security vulnerabilities in organizations’ information systems. The name of that activity: “Google dorking.
How can check if my Website is Google hacked ?
Although there is thousands of exploit testing possibilities as listed in the above mentioned exploit DB link, but an initial check for your website, could be as explained below
Search Google with this query intitle:"index.of /" site:yourdomain.com and don't forget to replace "yourdomain.com", with your actual site.
If you saw your website private directories listed in the search results, it means that your site might be exposed to malware attacks, and many other vulnerabilities.
Drop us an email: info[at]i-awcs.com , and we can send you a FREE report about all the exposed folders, and files on your website.
We offer you FREE help to secure your confidential data on your website (hidden from Google & Hackers), and if you want us to continously monitor your website for any future exposure to google hacks please visit our google hacks fix packages.