Advanced Google Searching (Google Hacking)
Google is a powerful search engine that hackers often use it to find passwords, and confidential or sensitive documents that companies do not realize are even available to the public. Most computer people use Google, but do not know how to use all of its search parameters. The term "google hacking" is a method used by unscrupulous people to not only uncovers sensitive data, but also to expose web server vulnerabilities. Here I list several Google search parameters and examples.
The syntax "intext"
searches for the words within a specific website and ignores the URLs and page
titles. For example: intext:confidential will return only links to those web
pages that has the search keyword " confidential " in its webpage.
The syntax "intitle:"
instructs Google to search for pages that contain the words behind intitle: For
example intitle:index of master.passwd will return pages within Unix or Linux
where the master.passwd files are. /etc/passwd "allintitle:" will
produce a list of all words in the title. Google will ignore the slashes.
The syntax "inurl:"
instructs Google to search for pages that contain specific words or characters
included in the URL such as this inurl:windows. The results of this query will
produce such pages that have the word "windows" in it. allinurl: will
produces the results of URLs with all of the specified words in its query.
The syntax "link:" will produce a
list of webpages that have a link to a specified webpage. For example:
link:www.thenetworkadministrator.com will create a Google list of websites with
links to www.thenetworkadministrator.com.
The syntax related: lists web pages
that are "similar" to a specific web page. For Example:
related:www.thenetworkadministrator.com will list web pages that are similar to
that of TheNetworkAdministrator's homepage.
The syntax site: instructs Google to search for keywords in a particular site or domain. For example: exchange site:microsoft.com will search for the keywords "exchange" in those web pages in all the links of the domain microsoft.com.