2.2.7 Google Hacking

Google Hacking

Google Hacking involves leveraging Google's advanced search operators for information gathering purposes. Johnny Long, a pioneer in this field, highlighted the use of Google to discover misconfigured web servers, sensitive information inadvertently left exposed, password files, log files, directory listings, and more.

Google Search Operators

• Fingerprinting Web Servers:

  • Querying Apache online documentation:

    vbnetCopy codeintitle:"Apache HTTP Server" intitle:"documentation"

  • Restricting the search to a specific target:

    vbnetCopy codeintitle:"Apache HTTP Server" intitle:"documentation" site:target.com

• Open Directory Listings with .bak Files:

  arduinoCopy code"Index of" bak

  arduinoCopy code"Directory listing for" bak

• Searching for Files with Specific Extensions:

  • Search for files with .bak extension:

    makefileCopy codefiletype:bak

  • Search for files with .inc extension on a specific site:

    vbnetCopy codefiletype:"inc" site:target.com

Google Hacking Applications

Through Google Hacking, one can:

• Identify error messages containing valuable information.

• Discover sensitive files and directories (passwords, usernames, configs, etc.).

• Uncover server or application vulnerabilities.

• Locate pages with login portals.

Additional Resources:

• Google Guide - Advanced Operators
• Google Hacking Database

Leveraging Google's powerful search capabilities using specific operators allows security analysts to efficiently discover information that might be unintentionally exposed on the web. Regularly checking and adapting Google Hacking techniques contribute to a comprehensive approach in information gathering and vulnerability assessment.