Google Dorking: How to Hack with Google?
Google Dorking is a powerful technique that leverages advanced search operators to refine search results and locate specific information indexed by Google.
— Dusty
We recently posted about OSINT: Open Source Intelligence, in which we mentioned Google Dorking as a method of gathering OSINT. Today we will finally be explaining What Google Dorking is, How it can be used, and How to check if you're safe from being Dorked!
What is Google Dorking?
Google Dorking, also known as Google Hacking, is a must have skill for anyone who uses Google regardless of if you’re a “hacker” or not. At its core, the definition of Google Dorking is simple.
Dorking is the technique of using "Advanced Search Operators" to search for specific information across the vast amount of Google's indexed information. This helps narrow down the millions or even billions of possible search results for any standard query.
While the average person does not know about Google Dorking, this does not mean it is only a tool for hackers. As we stated in our OSINT article, all of Google's indexed data is publicly available and therefore is legal for everyone to access(there are some grey areas we will discuss later). You could learn a few simple Dorking commands below and start using these techniques to immediately improve the efficiency and accuracy of your Google searches.
Why do hackers use Google Dorking?
Site misconfigurations can lead to Google indexing private information, which means such data will become publicly available to every Google user on the planet. Hackers want to exploit these accidental misconfigurations by using Google Dorking to locate this private info.
Dorking can help find Government documents, Companies internal documents, FTP servers, Log files, IP cameras, and more.
So while you aren’t “hacking” someone or something directly using Google due to the vast amounts of information Google has indexed, Dorking can be very dangerous to people, companies and governments who have private data that has been made public by mistake.
Is Google Dorking illegal?
Google Dorking is just a form of advanced searching through Google's publicly available data. So, people that use Google Dorking are not breaking the law, they are just using publicly available search methods on the Google platform. However this is where those grey areas come in...
If you are Dorking the websites of companies, governments or anyone for that matter, for malicious purposes such as to find private information to exploit then don’t be expecting just a slap on a wrist and please consult a lawyer rather than our blog to find out about the possible legal consequences relevant to you in your jurisdiction.
So as long as your intentions are clean and you aren’t exploiting anything, you’re safe to use Google Dorking to improve your search results.
What else is Google Dorking used for?
While Google Dorking can be dangerous in the hands of malicious actors, it can be used for many other non-malicious purposes such as:
- Penetration Tests: Cyber Security Experts will use Google Dorking in the enumeration phase of their penetration tests to gather information about their targets. In this case a target would most likely be a Web application so Dorking can be used to find subdirectories/subdomains, critical information, admin panels and more.
- Market Research: Businesses will often use OSINT in their market research strategy. As a part of this they can and often will use Google Dorking to research their competitors but also their customers to find how well their products are being received and also to locate trends that can provide a competitive advantage.
- Research: Journalists, writers and researchers can all use Dorking to make their investigations into specific topics of interest much more refined and efficient.
- Students: Many students will learn to use Google Dorking methods to research for their essays and assignments or maybe for "slightly" more unethical reasons such as I did. If you want to read about that then click the drop down below.
My "Slightly" Unethical Use of Dorking
When I was in highschool I would sneakily look at the upcoming exam papers in the teacher's cabinet to memorise the exam code and name which would be something similar to “1MA1/1H GCSE Mathematics Higher Paper 1”. I would also try to flick through the exams to memorise or take a picture of a few questions.
This information allowed me to go home and Google Dork for either the exam name or one of the questions across the internet.
e.g allintext:1MA1/1H GCSE Mathematics Higher Paper 1
Oftentimes I would find the exams or questions published on the unsecured websites of other schools in the country which I could use directory traversal techniques to download the full exam and corresponding mark scheme.
The excuse I used to justify this was that since I found these exams very easy and was already getting top grades it was completely fine and didn't count as cheating.
In reality, I just found the risk of sneaking into the class to find the stack of exams and then the process of Google Dorking for the exams mark scheme really, really fun.
Compulsory Disclaimer: I do not advise anyone do this, education is important and cheating and hacking is wrong! lmao
So it all comes down to how someone would use Google Dorking and their intentions. There’s no denying that when used correctly, Dorking can be highly efficient and bring exceptional results.
How to Use Google Dorking?
There are many Google Dorking operators, but some are extremely popular because they are simple and easy to use. Here are some of the top Google Dorking operators you can use immediately.
Operator | Description |
---|---|
intext:"keywords" | Searches for the occurrences of keywords. |
allintext:"keywords" | Searches for occurrences of all the keywords given. |
inurl:"keywords" | Searches for keywords in a URL. |
allinurl:"keywords" | Searches for a URL matching all the keywords. |
intitle:"keywords" | Searches for occurrences of keywords in title. |
allintitle:"keywords" | Searches for occurrences of all keywords in title. |
site:"dustybugger.com" | Lists all the results for your query only from the site specified. |
filetype:"pdf" | Searches for a particular filetype. |
numrange:1-99 | Used to locate specific numbers in your searches. |
after:2001 before:2005 | Used to search within a date range. |
cache:dustybugger.com | Shows the version of the web page that Google has in its cache. |
-"keyword" | Removes unwanted results. (e.g. "Mobile Phones -Iphone") |
* e.g "How to Build a * " | Wildcard (*) produces results that matches any word or phrase in the place of the asterisk. (e.g "How to build a Gaming PC" or "How to build a shed") |
keywords AND keywords | AND will produce results matching both keywords. |
keywords OR keywords | OR will produce results for either keywords. |
keywords | keywords | Same as OR. Pipe(|) will produce results for either keywords. |
() | Groups multiple searches. E.g "(series x OR series s) site:xbox.com" |
Google often updates their operators which can change how they work, remove operators, or introduce new ones. So depending on when you read this article these operators may have been updated.
Can I Protect Myself from Google Dorking?
The only way to guarantee safety from Google Dorking is to never post anything online so that it cannot be indexed by Google. However that isn't exactly suitable for most people and organisations in this day and age. Here are a few other methods to help increase your security:
- Encryption: Encrypting private data will ensure that if any private data is accidentally published on Google, the encryption will stop any attacker from exploiting the data.
- Robots.txt configuration: Robots.txt will tell Google what parts of your website shouldn’t be indexed. A lack of indexing means those directories will remain private and unpublished on Google. If you don’t provide this configuration Google might crawl, index and publish those private directories.
- Vulnerability Scans: Vulnerability scanning tools will often automate the most common Dorking techniques to test for any sensitive data exposure. Running these vulnerability scans often will ensure you aren't exposing any data as "low hanging fruit" to the most common and easy techniques.
- Dork Yourself!: Although Dorking for information about yourself might seem strange, it’s a great way to identify what others can see and access, so you can clean up and remove any sensitive information before anyone else finds it. I regularly Dork my own websites, email addresses and usernames to make sure I'm not exposing anything I don't want to.
How Do I Remove My Data From Google?
If you find that your website is exposing sensitive data then it is possible to request for that data to be removed from the Google Search Console. Google tends to remove data very fast, so it's on you to stay on top of your websites online profile and report any findings to Google as soon as possible.
If it's not on your website then it might get tricky. For example, say you Dorked yourself using an old email or username of yours:
allintext:myemail@gmail.com
or
allintext:myoldusername123
and found a bunch of old posts and pictures from when you were young and stupid on a forum or social media site that exposes too much sensitive information. Since it is not your website you can't just go into Google Search Console and request it's removal. You'd most likely have to try and login and delete all your old posts.
What if you no longer remember the password or have access to the email account to reset the password? Well in those cases your best bet is to reach out to each website's support team individually and explain the situation while hoping they'll actually be helpful.
Conclusion
Google Dorking is a powerful technique that leverages advanced search operators to refine search results and locate specific information indexed by Google. This technique can bring many advantages and make your searches more efficient but Google Dorking can also be used maliciously by anyone, to target anyone, including you.
So it is essential to have good Operational Security and be careful with what you publish online.
Stay safe. Have fun.