Hello readers, And how is your practice going on? Are you practicing well? If yes then continue doing so and if not then start early to gain early and master early. New Year brings with it new opportunities for everyone, including you and me too. Online Security Breaches are increasing at a very fast pace and experts are needed to check and cure them. IT Security professionals are in great demand. So don't miss such opportunities and keep practicing as no one knows when suddenly a wave of opportunity may change one's entire life. With basics covered we continue our amazing journey of Mastering Ethical Hacking further. After reading the title of this post that is "Google Hacking" even you like
others who don't know what actually Google Hacking is, might be wondering that the post would be about hacking Google servers, Google mail, websites associated with Google, and etc etc. But my friend that is not what Google Hacking means. Basically Google Hacking refers to using Google-the most advanced search engine on the planet to gather information about the target that is to formulate complex search queries, in order to filter through large amount of result pages and to display only highly targeted information. Yes, apart from simply typing in the search box there are also other ways with the help of which one can gain much more precise, and useful information about the target from Google which otherwise is restricted to unauthorized personnel.
Before moving on to how we can use Google to gain almost 80% of the information about the target, let me tell you How Google search works when you enter a query. The diagram below illustrates it.
Search Engines work by gathering contents of a vast number of webpages from the Internet. But everyone knows that there are lots and lots of websites and domains out there on the Internet, so how does search engines accomplish this mammoth task. This mammoth task is accomplished with the help of programs called Indexers or Spiders. They are a sort of automated web browsers that follow all the links they see on the pages they visit, except, excluding the links which are mentioned in a Robots.txt file of a domain/website. Once the contents have been fetched, an intelligent system decides how the pages are indexed. Search Engines such as Google store the complete content of a webpage which is known as cache, whereas, many other search engines only store keywords. Now lets come to the point of our discussion - 'How to perform Google Hacking?' Google hacking can be performed by formulating complex search queries against
the target. To do so we use google operators. Before moving on to the advanced
ones let me first explain you about the basic ones first :-
1. Phrase Search("") : Used for finding an exact match. For example a search for ["Web hacking"](with quotes) will miss the pages that refer to website hacking.
2. Excluding terms(-) : Using the Minus sign we can mention keywords which we want to exclude from our search. For example, the search [web hosting -free] will get a result of all pages which mentioned web hosting on there page but no mention of the word 'free'.
3. Wildcard(*) : Used as a placeholder for any unknown term(s) and then find the best matches. If used properly this little feature can be very powerful. For example, the search ["Index of *"] can get results for indexes of various things such as index of passwords, index of backups, etc. Notice how combining the phrase search operator and wildcard we obtained a lot of important information.
4. The OR operator : Used to find pages that contain either of the keyword out of the two between which the OR operator is placed. For example, the search [Hacking OR Ethical Hacking] will get a result of pages which have mentioned either Hacking or Ethical Hacking on their website.
Having explained about the basic ones lets quickly move to the advanced ones.
1. Cache : Used to fetch the Google's cache of the webpage. Using cache operator one can easily view the contents of the target site without actually opening it. And, since no request for data is sent to Google, one's IP is also not logged in the server as well.
2. Links : Finds all the webpages which link to the webpage in question.
3. Related : Displays webpages which are related to the webpage in question.
4. Info : Displays all the information Google has about he website.
5. Site : Used to conduct site specific queries.
6. Intitle : Searches for the keyword in titles of all webpages.
7. Filetype : Used to fetch a file of particular type such as pdf,doc,txt,etc.
These are a few of the important operators out of many. We call all these Google operators - Google Dorks. For a complete list of these Google dorks click here.When these advanced operators are used in combination with each other and with basic operators in an efficient way then a lot of information is spitted out. Proper countermeasures such as proper configuration of web servers to provide least information, not uploading sensitive information on the web, installing honeypots etc should be taken to safeguard as much information as possible, the primary job of an IT Security professional.
So what we learnt is that Google itself does not provide any information about the target to the attackers, but its advanced search capabilities are exploited to their best for such tasks.
With this thank-you for reading this post, and keep practicing as 'Practice makes a man Perfect'.
others who don't know what actually Google Hacking is, might be wondering that the post would be about hacking Google servers, Google mail, websites associated with Google, and etc etc. But my friend that is not what Google Hacking means. Basically Google Hacking refers to using Google-the most advanced search engine on the planet to gather information about the target that is to formulate complex search queries, in order to filter through large amount of result pages and to display only highly targeted information. Yes, apart from simply typing in the search box there are also other ways with the help of which one can gain much more precise, and useful information about the target from Google which otherwise is restricted to unauthorized personnel.
Before moving on to how we can use Google to gain almost 80% of the information about the target, let me tell you How Google search works when you enter a query. The diagram below illustrates it.
Search Engines work by gathering contents of a vast number of webpages from the Internet. But everyone knows that there are lots and lots of websites and domains out there on the Internet, so how does search engines accomplish this mammoth task. This mammoth task is accomplished with the help of programs called Indexers or Spiders. They are a sort of automated web browsers that follow all the links they see on the pages they visit, except, excluding the links which are mentioned in a Robots.txt file of a domain/website. Once the contents have been fetched, an intelligent system decides how the pages are indexed. Search Engines such as Google store the complete content of a webpage which is known as cache, whereas, many other search engines only store keywords. Now lets come to the point of our discussion - 'How to perform Google Hacking?' Google hacking can be performed by formulating complex search queries against
the target. To do so we use google operators. Before moving on to the advanced
ones let me first explain you about the basic ones first :-
1. Phrase Search("") : Used for finding an exact match. For example a search for ["Web hacking"](with quotes) will miss the pages that refer to website hacking.
2. Excluding terms(-) : Using the Minus sign we can mention keywords which we want to exclude from our search. For example, the search [web hosting -free] will get a result of all pages which mentioned web hosting on there page but no mention of the word 'free'.
3. Wildcard(*) : Used as a placeholder for any unknown term(s) and then find the best matches. If used properly this little feature can be very powerful. For example, the search ["Index of *"] can get results for indexes of various things such as index of passwords, index of backups, etc. Notice how combining the phrase search operator and wildcard we obtained a lot of important information.
4. The OR operator : Used to find pages that contain either of the keyword out of the two between which the OR operator is placed. For example, the search [Hacking OR Ethical Hacking] will get a result of pages which have mentioned either Hacking or Ethical Hacking on their website.
Having explained about the basic ones lets quickly move to the advanced ones.
1. Cache : Used to fetch the Google's cache of the webpage. Using cache operator one can easily view the contents of the target site without actually opening it. And, since no request for data is sent to Google, one's IP is also not logged in the server as well.
2. Links : Finds all the webpages which link to the webpage in question.
3. Related : Displays webpages which are related to the webpage in question.
4. Info : Displays all the information Google has about he website.
5. Site : Used to conduct site specific queries.
6. Intitle : Searches for the keyword in titles of all webpages.
7. Filetype : Used to fetch a file of particular type such as pdf,doc,txt,etc.
These are a few of the important operators out of many. We call all these Google operators - Google Dorks. For a complete list of these Google dorks click here.When these advanced operators are used in combination with each other and with basic operators in an efficient way then a lot of information is spitted out. Proper countermeasures such as proper configuration of web servers to provide least information, not uploading sensitive information on the web, installing honeypots etc should be taken to safeguard as much information as possible, the primary job of an IT Security professional.
So what we learnt is that Google itself does not provide any information about the target to the attackers, but its advanced search capabilities are exploited to their best for such tasks.
With this thank-you for reading this post, and keep practicing as 'Practice makes a man Perfect'.
No comments:
Post a Comment