Showing posts with label Google Hacking. Show all posts
Showing posts with label Google Hacking. Show all posts

Beginner Guide to Google Dorks (Part 1)

Google is a tool which helps in finding what one is looking for. Google operators are the terms provided to us for making our search easy and refined. These operators also termed as advanced Google operators provides the exact information. It reduces the time of search by instantly providing the information as we don’t have to move from one page to another one. These operators’ works as a query.
The basic syntax is->operator: term to be searched
Some of these operators are enlisted below:
Intitle
e.g->intitle:hackingarticles

This query will return the pages which include the term “hackingarticles”in it.


inurl
e.g->inurl:hackingarticles
This query will return the pages which includes the term hackingarticles in its URL.


Related
e.g->related:pentest
It will provide the result related to our query i.e.pentest


Allintext
This operator will perform the task of locating a particular string in the text of the page .
e.g->allintext:rajchandel
The above given query will return only those pages which include the terms rajchandel in the text.


Filetype
e.g->www.kccitm.edu.in filetype:pdf
This query searches the file of the provided extension only. The above given query will search only the pdf files present on the given site.


Cache
This operator will show the cached version of the webpage instead of the current one. This operator is followed by the URL of the page of which we want to have the cached version.



Define
This operator provides the definition of a term as a result.
e.g->define:pentest.


Link
This operator will help you to search the pages which links to other pages. This operator is provided a URL instead of a term to search.
e.g->link:www.kccitm.edu.in


Allintitle
This operator is slightly different from the intitle operator.
In intitle operator there was no compulsion of the term in the query to be present in the title whereas in allintitle operator this is must for the term in the query to be present in the title.
e.g->allintitle:hackingarticles


ADVANTAGES:
1. These operators provides the exact results which we are looking for.
2. There is no wastage of time as there is no redirecting from one page to another.
3. There are different operators for every task to perform i.e. Phonebook to obtain residential and business phone numbers and so on.

DISADVANTAGES
1. There are some operators which do not mix with another in the same query, for e.g, allintitle,allintext operators .






BASIC GUIDELINES TO USE GOOGLE OPERATORS
1. There should be no space between the operators, colon and the search as violating this rule will not generate the desired result.
2. If the search term is a phrase then there should be no space between the operator, colon as well as the first quote of the phrase.
3. Some advanced operators cannot be combined with others such as allintitle, allintext etc.
4. Boolean operators and special characters such as ‘OR’ and ‘+’ can be used in the queries but they should not be placed in the way of the colon.
HOW HACKERS USE GOOGLE OPERATORS
Everyone  use google but most of them don’t know to make use of google.
Google operators are very famous among hackers and they take full benefit of it.
Sensitive information needed by hackers which are not easily retrieved through common search can be produced by the help of google operators.
If a hacker wants to retrieve a pdf file of a particular site then he/she has to use the operator “Filetype” with the URL as well  as the extension of the file.
A hacker can retrieve the site of the specified domain with the help of the operator “site”. This operator is followed by the separating colon and the  domain name.
It’s an easy tool for a hacker to get the exact outcome in just a click.
Thanks for reading the article. In next article we will be discussing about more google dorks with web penetration testing.

Author: Shrishtee Suman is Technical Writer in hacking Articles she is pursuing B. Tech in CS. Her interests are mainly in Web Penetration testing and vulnerability research. Contact Here

Goofile - Search for Filetypes from Command Line

Goofile is other python tool which is used for finding the different files existed in the website. There is only single command line in the usage of the tool. 

Open your backtrack terminal and type cd /pentest/enumeration/google/goofile


If you would like to search for files with the extension "pdf" on this website, run this command:

Python goofile.py –d www.example.com –f pdf

-d: domain to search

-f: filetype (ex. pdf)

How to block a website in Google search results

First login in your Gmail account than Go to google.com and search for what you want. You got the search results and you saw that domain which you don’t want to see again in your search results.


Click the browser’s back button from the website, which will give you the previous search results, but this time you can see a new link as shown in below image. Now you will be able to see “Block all Feature to this Website.


Manage your blocked sites by clicking on the above ‘Manage blocked sites’ link or log-in to google and accessing the reviews URL. You can also block a website manually.


In this way you can block (remove) a website from appearing in your Google search results. You can block maximum of 500 sites and these blocked sites can be managed by clicking the gear button on the top-right corner of the search page.


Then click on Search Settings and then scroll down to see manage blocked sites.

How to Access Deleted Webpage

Google Cache Hacks
Google cache to display any page from the past. This is relatively easy to do if you look at the URL of a Google cached page.
Google takes a snapshot of each page it examines and caches (stores) that version as a back-up. The cached version is what Google uses to judge if a page is a good match for your query.


Enter the URL of the Page that You Want to See Cached:

 


How to Create Your own Google Cache Generator


Copy above code in notepad and save raj.html

Wayback Machine
The Internet Archive is a more extensive database of old web pages. With the Google Cache, newer ones overwrite older pages.



How to Hack Google (Google Cheat Sheets)

Google Keyboard Shortcuts



Google Analytic Cheat Sheet




Google Maps Cheat Sheet



Gmail Shortcuts



Google Calculator Cheat Sheet



Google Chrome Cheat Sheet



Google Documents Cheat Sheet



Google Advance Search


Google Spread Cheat Sheet



Google Presentations Cheat Sheet



Google Dorks Cheat Sheet


How to Insert Your Image in Google Search

First open www.shinysearch.com
Click on the option “ Click to Select Style”


Click on the option “Upload Your Picture”


Choose your Desired Image and Click on upload


Now click on the option “Set as Home Page.”


How to set ShinySearch as your homepage?

For Firefox Users

1.       Copy the below website address
http://www.shinysearch.com/myhome.php?style=mypic_full&img=b26b7e0e353d82b7642905e68ca5476e&ltext=Your%20Name
2.       Click on the "Tools" menu  & then click on "Options..."
3.       Click on the "Main" image on the top left
4.       Delete the contents on  the "Home page" field, and then paste the  website address and Click Ok.


For Chrome Users

1.       Copy the below website address
http://www.shinysearch.com/myhome.php?style=mypic_full&img=b26b7e0e353d82b7642905e68ca5476e&ltext=Your%20Name
2.       Click the Wrench icon in the top right corner & then Click "Options"
3.       In the Homepage Section on the middle, Select the "Open this page:" option and then paste the copied website address.
Click the Close button


For Internet Explorer Users

1.       Copy the below website address
http://www.shinysearch.com/myhome.php?style=mypic_full&img=b26b7e0e353d82b7642905e68ca5476e&ltext=Your%20Name
2.       From the "Tools" menu at the top of the screen, choose "Internet Options...”
3.       Find and choose the "General" tab.
4.       Delete the contents in the”Address" field, then paste the copied website address.
Click on OK button.

Google Wireless Transcoder

Google Wireless Transcoder will download the target web page, including those jpeg pictures of the site, and reformat the web page layout for best viewing in mini web browser of smart-phones.

This Google Application is developed to convert a normal web page into format that is optimized for rendering in WAP browser.

Features

·         It breaks long pages into multiple sub-pages.
·         Transcode all pages to mobile friendly
·         serves fully cached pages (including Pictures)

You can access it by using this simple query string http://google.com/gwt/n  in your mobile browser & Type the website URL (Any URL that you want to surf) in the search box which is at below the text “Enter the URL”


Google Hacks (A Compact Utility to several Google Hacks)

Google Hacks allows users to search Google using different Google search hacks. Google Hacks is a compilation of carefully crafted Google searches that expose novel functionality from Google'ssearch and map services.
You can search everything of your search results, view a map, search for music, search for books, and perform many other specific kinds of searches. You can also use this program to use google as a proxy.


Google Hack Result



Google Hacking with Site Digger Tool

SiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues proprietary information and interesting issues, information, security nuggetson websites.


How to Google Search in MS Excel

First download this zip file and extract it

Copy Googlesearch and RDB_Google_Excel in following directory

C:\Program Files\Microsoft Office\Office12\Library


Then click the Microsoft Office button, click Excel Options


Then click on addin tabs. Click Excel Add-ins, and click Go



Verify Google Search for Excel 2007 is checked in this list and then click OK


Now open your Excel file click on option button and click on Google Search option from the lower left-hand corner.

Another way to open the add-in is to use the shortcut Alt FG.


Now Google search in your excel

How to Google Search in Command Prompt

Goosh (the unofficial Google shell) provides command line interface on the web for several Google services to keep the command line junkies happy.

Goosh allows you to quickly search Google web, images, news and Wikipedia search. The output is presented in a very nice readable command line environment.

Go to  Goosh Prompt

Google web search from Command Prompt

Syntax:   web search (Keywords)

Start the search using s followed by the keyword as shown below. This will gives you the top most 4 URL as result.



Search Google News from Command Prompt

Syntax:    News (Keywords)


Search Google Image from Command Prompt

Syntax:    image (Keywords)


Search You Tube video from command Prompt

Syntax:    video (keywords



Search Wikipedia from command Prompt
 Syntax:    wiki (keyword


Open Website in Browser from Command Line
 Syntax:    go (URL)

All Available Ghosh Commands

Command
Aliases
Parameters
Function
Web
(Search , S, W)
[Keywords]
Google web search
News
(n)
[Keywords]
Google news search
More
(m)

Get more results
Blogs
(blog , b)
[keywords]
Google blog search
read
(rss , r)
Read feed of url
Feeds
(feed , f)
[keywords]
Google feed search
places
(place, map, p)
[address]
Google map search
Translate
(trans , t)
[lang 1] [lang 2]
Google translation
Images
(image , i)
[keywords]
Google image search
video
(videos , v)
[keywords]
Google video search
Clear
(c)

Clear the screen
Wiki
(Wikipedia)
[keywords]
Wikipedia search
Help
(man , h, ?)
[Command]
Displays help txt
cd

Change mode
Site
(in)
Search in a specific website
Open
(o)
Open url in a new window
go
(g)
Open url
1ucky
(l)
[keywords]
Go directly to first result
1s

[command]
List commands
Addengine


Add gosh to Firefox search box
Load

Load an extension
Calculate
(calc)
[mathematical]
Evaluate a mathematical


[expression]
expression
Settings
(Set)
[name] [value]
Edit settings
Gmail
(mail)
[compose
Read &write mail in a Gmail
Login


Login with Google account
Logout


Log out of gosh