Google hacking: Difference between revisions

Google hacking involves using operators in the Google [[Web search engine|search engine]] to locate specific sections of text on websites that are evidence of vulnerabilities, for example specific versions of vulnerable [[Web application]]s. A search query with <code>intitle:axxcxxdmbookadmbook intitle:Fversion filetype:php</code> would locate PHP web pages with the strings "admbook" and "Fversion" in their titles, indicating that the PHP based guestbook Admbook is used, an application with a known [[code injection]] vulnerability. It is normal for [[default (computer science)|default]] installations of applications to include their running version in every page they serve, for example, "Powered by XOOPS 2.2.3 Final", which can be used to search for websites running vulnerable versions.

The concept of "Google hacking" dates back to August 2002, when [[Chris Sullo]] included the "nikto_google.plugin" in the 1.20 release of the [[Nikto (vulnerability scanner)|Nikto]] vulnerability scanner.<ref>{{Cite web |title=nikto-versions/nikto-1.20.tar.bz2 at master · sullo/nikto-versions |url=https://github.com/sullo/nikto-versions/blob/master/nikto-1.20.tar.bz2 |access-date=2023-08-30 |website=GitHub |language=en |archive-date=August 30, 2023 |archive-url=https://web.archive.org/web/20230830140742/https://github.com/sullo/nikto-versions/blob/master/nikto-1.20.tar.bz2 |url-status=live }}</ref> In December 2002 Johnny Long began to collect Google search queries that uncovered [[Vulnerability (computing)|vulnerable systems]] and/or [[Data breach|sensitive information disclosures]] – labeling them googleDorks.<ref name=googleDorks2002>{{cite web|url=http://johnny.ihackstuff.com/security/googleDorks.shtml |title=googleDorks created by Johnny Long |publisher=Johnny Long |access-date=December 8, 2002 |url-status=dead |archive-url=https://web.archive.org/web/20021208144443/http://johnny.ihackstuff.com/security/googleDorks.shtml |archive-date=December 8, 2002 }}</ref>