Google dorking
We touched very briefly on the concept of dorking. Lets see if we can modify some search queries to look for specific files or information. Here is a list of common Google dorks:
- Specify the specific domain with site:domain and some word that might return some useful information (configuration, password, private, admin, etc )
site:uc.edu inurl:configuration
No results. Let’s try an alternate wording of configuration and just try “config”. Two interesting looking results
It seems there is a machine operating with Linux kernel 3.5.3. I wonder if there are any known vulnerabilities in this kernel?
Quite a few! Lets try looking for files. Here we are strictly searching for the term “salary” (intext:salary) in any website under the uc.edu domain (site:*.uc.edu) and we are only looking for PDFs (filetype:pdf). There are many other filters that will allow you to find some intersting stuff if you get familiar with the syntax and combine unique searches and get creative. The official site and more robust and comprehensive examples can be found here (https://www.exploit-db.com/google-hacking-database/)