Google Dorking Cheat Sheet 2024 (Commands List & Tricks)
Introduction
Thanks to technological advancements, we can find any information on Google. We can use Google search engine to seek any data, resources, and information. No wonder Google has made our lives so easier and hassle-free.
However, there is still a lot of data on Google that we don’t know about. Using a hacking technique called Google Dorking, we can find hidden information within minutes. Many hackers use it to hack into sensitive data and collect crucial information. Hence, it is important for ethical hackers to understand what is Google Dorking and gain a fair understanding to prevent such attacks.
In this blog post, we will learn about the Google hacker database, Google Dorking commands, and more in detail.
What is Google Dorking?
Google Dorking, or Google Hacking, means using Google search-hacking techniques to hack into sensitive information and sites that are not available in public search results.
Google Dorking involves using advanced search operators and specific keywords to narrow down search results and discover potentially vulnerable websites, exposed data, or other valuable information.
For example, users can click on various tags, such as sites or images, to extract information or images from a website. They can also use a Google Dork cheat sheet containing different commands to get specific search results.
The Google Dorking technique is often used by security professionals, hackers, and researchers to uncover sensitive or hidden information on the internet.
Examples of Google Dorking
Some common examples of Google Dorking queries include:
- Finding specific file types
You can search for specific file types, such as PDFs, spreadsheets, or databases, using queries like “filetype:pdf” or “filetype:xls.”
- Locating login pages
Queries like “inurl:login” or “intitle:login” can help you find websites with login pages that may be vulnerable to security exploits.
- Identifying vulnerable devices
Searches like “intitle:webcamxp inurl:8080” can reveal webcams or other devices with known vulnerabilities.
- Discovering exposed directories
Queries like “intitle:index.of” can help you find open directories on web servers that may contain sensitive information.
- Finding specific information on a website
You can use queries to search within a specific website, like “site:example.com keyword” to find information on a particular domain.
What is Google Dorking Used For?
Google Dorking can be used for various purposes, both legitimate and potentially malicious, depending on the intent of the user.
Here are some common uses of Google Dorking:
1. Information Gathering
Security professionals and researchers use Google Dorking to gather information about websites, servers, and online assets. This can help identify vulnerabilities, assess the security of web applications, and uncover potential threats.
2. Vulnerability Assessment
Security experts may use Google Dorking to identify websites or systems that have known vulnerabilities. This information can be used to alert website owners or organizations to security issues that need to be addressed.
3. Competitive Intelligence
Companies may use Google Dorking to gain insights into the online presence and strategies of their competitors. This can involve finding hidden web pages, identifying keywords, or uncovering marketing tactics.
4. Academic Research
Researchers and academics may use Google Dorking to discover information for their studies and investigations. It can be a valuable tool for finding publicly accessible data and resources.
5. Website Administration
Website administrators and owners can use Google Dorking to check the indexability of their site’s content, monitor search engine rankings, and assess the visibility of their web pages.
6. Content Discovery
Content creators and bloggers may use Google Dorking to find specific types of content, such as PDFs, images, or research papers, that are relevant to their work.
7. Cybersecurity and Penetration Testing
Ethical hackers and penetration testers use Google Dorking to identify potential entry points and vulnerabilities in systems and websites as part of security assessments. This helps organizations strengthen their security measures.
8. Privacy Awareness
Individuals concerned about their online privacy may use Google Dorking to see what personal information or data is publicly accessible through search engines and take steps to protect their online presence.
Google Dork Cheatsheet (Commands List)
A Google Dorking cheatsheet is a quick reference guide that provides a list of commonly used Google Dorking commands and operators. Here’s a Google Dork cheat sheet for your reference:
| Purpose | Google Dorking Command |
| Find Microsoft Word documents | filetype:doc |
| Find text documents | filetype:txt |
| Find PowerPoint presentations | filetype:ppt |
| Find PDF files | filetype:pdf |
| Find Excel spreadsheets | filetype:xls |
| Find open directories on web servers | intitle:”Index of /” |
| Find Apache default pages | intitle:”Apache2 Debian Default Page” |
| Find Nginx default pages | intitle:”Welcome to nginx!” |
| Find open IIS servers | intitle:”Welcome to IIS” |
| Search for login pages | intitle:”Login” or intitle:”Log In” |
| Search for directory listings | intitle:”Index of /” or intitle:”Browse Directory” |
| Find exposed configuration files | intitle:”config.json” |
| Identify exposed Git repositories | intitle:”index of” inurl:.git |
| Find vulnerable Apache Tomcat installations | intitle:”Apache Tomcat” intitle:”Administration” |
| Discover open Jenkins instances | intitle:”Dashboard [Jenkins]” |
| Search for exposed Subversion repositories | intitle:”Index of /svn” |
| Find open phpMyAdmin installations | intitle:”phpMyAdmin” or intext:”phpMyAdmin MySQL-Dump” |
| Locate exposed Microsoft SharePoint documents | intitle:”Microsoft SharePoint” intext:”Sign in to SharePoint” |
| Find exposed Redis servers | intitle:”Redis” intext:”Server Information” |
| Search for open Elasticsearch instances | intitle:”Elasticsearch Head” |
| Discover exposed MongoDB databases | intitle:”MongoDB Server Information” |
| Identify open CouchDB instances | intitle:”CouchDB – Welcome” |
| Search for exposed Memcached servers | intitle:”Memcached Server Information” |
| Find open RDP servers | intitle:”remote desktop inurl:rdweb” |
| Locate exposed VNC servers | intitle:”VNC viewer for Java” |
| Find open Telnet servers | intitle:”welcome to” intext:”telnet” |
| Search for exposed SNMP devices | intitle:”welcome to” intext:”snmp” |
| Find open SMB shares | intitle:”Index of /smb.conf” |
| Identify open FTP servers | intitle:”Index of /ftp” |
| Search for open NFS shares | intitle:”Index of /exports” |
| Find open network printers | intext:”printer meter” |
| Search for open VoIP systems | intitle:”Asterisk Management Portal” |
| Identify exposed AXIS cameras | intitle:”Live View / – AXIS” |
| Discover unsecured webcams | intitle:”webcamXP 5″ inurl:8080 |
| Find open Linksys webcams | intitle:”Linksys Viewer – Login” -inurl:mainFrame |
| Search for exposed D-Link webcams | intitle:”D-Link” inurl:”/video.htm” |
| Find open Panasonic IP cameras | intitle:”Panasonic Network Camera” |
| Locate open Foscam cameras | intitle:”Foscam” intext:”user login” |
| Identify open Samsung Smart TVs | intext:”SMART TV” inurl:password.txt |
| Search for open Netgear routers | intitle:”Netgear” intext:”NETGEAR” |
| Discover open Ubiquiti devices | intext:”Ubiquiti” intitle:”AirOS” |
| Search for open MikroTik routers | intext:”MikroTik RouterOS” inurl:winbox |
| Find exposed Siemens SCADA systems | intitle:”Siemens SIMATIC” intext:”Web Server” -inurl:/portal |
| Locate open Schneider Electric systems | intext:”Schneider Electric” intitle:”PowerLogic Web- |
| Search for exposed Johnson Controls systems | intitle:”Johnson Controls – WorkPlace” intext:”User name :” |
Advanced Google Dorking Commands and Operators
Along with several Google Dork commands and operators, there are some advanced combinations of operators too that you can use to filter search results to maximize efficiency.
However, you can refer to the Google Hacker database to avoid typing these operators and combinations every time to search for any information. This database contains hundreds of combinations of multiple and advanced operators.
1. Searching for Vulnerable Webcams
Find webcams with known vulnerabilities:
intitle:"D-Link" inurl:"/view.htm"
2. Finding Open Elasticsearch Instances with Specific Data
Search for Elasticsearch instances containing specific data:
intext:"kibana" intitle:"Kibana"
3. Exploring Open MongoDB Instances with Authentication Bypass
Search for MongoDB instances without authentication:
intext:"MongoDB Server Information" intitle:"MongoDB" -intext:"MongoDB Server Version"
4. Identifying Exposed OpenCV Instances
Search for OpenCV instances with exposed data:
intitle:"OpenCV Server" inurl:"/cgi-bin/guestimage.html"
5. Finding Exposed InfluxDB Instances
Search for InfluxDB instances with default configurations:
intitle:"InfluxDB - Admin Interface"
6. Locating Exposed RabbitMQ Management Interfaces
Search for RabbitMQ management interfaces:
intitle:"RabbitMQ Management"
7. Discovering Exposed Jenkins Builds
Search for Jenkins builds with specific information:
intitle:"Console Output" intext:"Finished: SUCCESS"
8. Finding Exposed Grafana Dashboards
Search for Grafana dashboards:
intitle:"Grafana" inurl:"/dashboard/db"
9. Exploring Open NVIDIA Jetson Devices
Search for NVIDIA Jetson devices with open ports:
intitle:"NVIDIA Jetson" intext:"NVIDIA Jetson"
10. Locating Open Fortinet Devices
Search for Fortinet devices with open interfaces:
intext:"FortiGate Console" intitle:"Dashboard"
11. Discovering Exposed OpenEMR Installations
Search for OpenEMR installations with specific data:
intitle:"OpenEMR Login" inurl:"/interface"
12. Finding Exposed Jenkins Script Console:
Search for Jenkins script consoles with default credentials:
intitle:"Jenkins Script Console" intext:"Run groovy script"
These advanced commands for Google dorking can be useful for specific security assessments and research purposes. Always ensure you have proper authorization and follow ethical guidelines when using advanced Google Dorking commands. Unauthorized or malicious use can have serious legal and ethical consequences.
Google Dorking Tools
Google Dorking tools are software or scripts designed to automate the process of searching for specific information using Google Dorking queries. These tools can help security professionals, researchers, and ethical hackers efficiently discover vulnerabilities and sensitive information on the internet.
Here are a few Google Dorking tools and resources:
- Google Hacking Database (GHDB)
The GHDB is a collection of Google Dorking queries and examples created and maintained by the security community. It serves as a reference for finding information on the internet, including vulnerabilities and exposed data. You can access it at https://www.exploit-db.com/google-hacking-database.
- Google Dorks Tool
There are various open-source and commercial tools available that facilitate Google Dorking. These tools often provide a user-friendly interface for constructing and executing Dorking queries. Examples include “DorkMe” and “Google Hacking Database Scraper.”
- Shodan
While not specifically a Google Dorking tool, Shodan is a search engine that focuses on finding internet-connected devices and services. It can be used to discover open ports, exposed services, and vulnerable devices. Shodan provides its own set of search operators to find specific information.
- Custom Scripts and Automation
Some security professionals and researchers develop custom scripts or automation tools to conduct Google Dorking searches tailored to their specific needs. These scripts can help streamline the process of searching for vulnerabilities and exposed data.
- Online Vulnerability Scanners
Some web vulnerability scanners incorporate Google Dorking functionality as part of their scanning process. These scanners can automatically use Dorking queries to identify potential security issues on websites and web applications.
Many penetration testing frameworks, such as Metasploit and Burp Suite, include modules or extensions that allow security professionals to integrate Google Dorking into their assessments.