Google Dorks, Continued
I had been discussing the concept of Google dorks on the social network Misskey, and some people had said that the concept was unfamiliar to them. So let's dive a little deeper into this.
As explained before, Google dorks, also known as SQL dorks or Google hacks, are search terms that work on Google (and some other search engines) to find sensitive or confidential information. This sometimes includes such things as vulnerable login portals, passwords, SSH keys, social security numbers, names, and bank account information!
A recent dork shared by security researcher Ritika Keni was the following: inurl:pastebin “CVV”. Using this dork returns results containing credit card account details available on the web, which may or may not be valid. It is up to the researcher to sift through the results and figure out which ones work or not.
Another one that returns interesting (and potentially harmful) results is:
site:*.blob.core.windows.net ext:xls | ext:xlsx (login | password | username)
As this dork specifies, it is searching for .xls and .xlsx (Excel) files that contain the text “login,” “password,” and “username.” So, as you might expect, many of the results have included spreadsheets with people's real names, usernames and passwords for things like Zoom. Given that numerous people are using Zoom for conferencing right now, this is something that should be alarming! Even more concerning are the spreadsheets that have personally identifiable information about people's locations, phone numbers, etc.
Back in 2018, IT Security Guru published an article entitled Is the bright web more dangerous than the dark? The term, which has only come into usage over the past few years, refers to information, like the types above, that are publicly available on the web and can be found with a quick search in many cases. In essence, while the dark web often gets demonized for its criminal activity and dark content, the clearnet contains just as much, if not more, personal information, and it does not necessarily have to be difficult to find.
Exploit DB has a much more comprehensive list of Google dorks which is continuously being updated by researchers, so if you want to try this out yourself, stop by there and test out a few from the list.
Here are some other examples you might want to try for fun:
site:pastebin.com intext:pass.txt “AutoCreate=TRUE password=“ “iCONECT 4.1 :: Login” “Index of /” +passwd “Index of /” +password.txt “Index of /admin” intitle:“webcamXP” inurl:8080 “not for distribution” confidential “mysql dump” filetype:sql site:.in inurl: admin login
If there is something to learn from this, it is also to go back and check any confidential information that you think might be publicly available and have it removed, if at all possible (though this can sometimes be a challenge too).