Sensitive files & Google Hacks | Best Internet Security
Please enable Javascript in your browser.

↩ Main

Google Hacks (Dorks) uncover secret excel sheets, pdf files, word documents for thousands of websites

By on January 13, 2018

Books for Google hack science

Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications. The following search query would locate all web pages that have that particular text contained within them. It is normal for default installations of applications to include their running version in every page they serve, for example, "Powered by XOOPS 2.2.3 Final"

intitle:admbook intitle:Fversion filetype:php

One can even retrieve the username and password list from Microsoft FrontPage servers by inputting the given microscript in Google search field:

 "#-Frontpage-" inurl:administrators.pwd 
  or filetype:log inurl password login

Devices connected to the Internet can be found. A search string such as inurl:"ViewerFrame?Mode=" will find public web cameras.




Another useful search is following intitle:index.of [1] followed by a search keyword. This can give a list of files on the servers. For example, intitle:index.of mp3 will give all the MP3 files available on various servers.

Search for Index of / exposed sites




Google dorks: Hackers Weapon ?


In October 2013, unidentified attackers used Google dorks to find websites running vulnerable versions of a proprietary internet message board software product, according to security researchers,” the FBI warning says.

After searching for vulnerable software identifiers, the attackers compromised 35,000 websites and were able to create new administrator accounts.

A simple “operator:keyword” syntax, such as “filetype:xls intext:username,” in the standard search box would retrieve Excel spreadsheets containing usernames. Additionally, freely available online tools can run automated scans using multiple dork queries.



Shock as web users employ ‘search’


The warning also offers a useful link to Google’s own testing centre for pre-empting such attacks, the Google Hacking Database. Webmasters can use this to check whether files are “visible” to Google dorks, then hide them if they wish.

Ars Technica points out that the warning refers to “malicious cyber actors” and refers to a notorious case in which reporters were accused of “hacking” a website by using freely available information and an automated tool, GNUGet.

However, as Ars explains, the warning is not really meant to highlight a “new” technique, i.e Google dorks, but to warn webmasters to make their websites more secure.

In a restricted intelligence document distributed to police, public safety, and security organizations in July 2014, the Department of Homeland Security warned of a “malicious activity” that could expose secrets and security vulnerabilities in organizations’ information systems. The name of that activity: “Google dorking.



Chemicloud Web Hosting

How can check if my Website is Google hacked ?


Although there is thousands of exploit testing possibilities as listed in the above mentioned exploit DB link, but an initial check for your website, could be as explained below

Search Google with this query intitle:"index.of /" site:yourdomain.com and don't forget to replace "yourdomain.com", with your actual site.

If you saw your website private directories listed in the search results, it means that your site might be exposed to malware attacks, and many other vulnerabilities.






Solution


Block unwanted traffic - Try Now - source:Incapsula

You should protect your website using a website firewall (WAF), Top WAF market Leaders report for Q4 2017. We recommend you to try incapsula WAF, 15 Days FREE trial. Using incapsula WAF, you can look into :

1) Header Data

2) IP and ASN Verification

3) Behavior Monitoring

4) IP Reputation

5) Client Technology Finger Printing

Also incapsula offer a CDN as part of their WAF solution, beside Distributed denial of service DDos attacks protection.





Elmalla A. (@elmalla) is Chief Sales Officer at i-AWCS, which focuses on web application security solutions.




Generic placeholder thumbnail

Are VPNs Safe ?

VPN Providers & CIA
Generic placeholder thumbnail

STD Testing Privacy

STD labs & Data Leaks
Generic placeholder thumbnail

Web Hosting Issues

Hosting Tips & Tricks