Content deleted Content added
Irrelevant. Tags: Reverted references removed Visual edit |
m Reverted edits by 36.73.150.10 (talk) (AV) |
||
| (19 intermediate revisions by 16 users not shown) | |||
Line 1:
{{Short description|Hacker technique}}
{{distinguish|Google Hacks}}
{{Use American English|date=September 2023}}
{{Use mdy dates|date=February 2023}}
'''Google hacking''', also named '''Google dorking''',<ref>{{Cite web |url=http://www.businessinsider.com/term-of-the-day-google-dorking-2014-8 |title=Term Of The Day: Google Dorking - Business Insider |website=[[Business Insider]] |access-date=January 17, 2016 |archive-date=June 19, 2020 |archive-url=https://web.archive.org/web/20200619024800/https://www.businessinsider.com/term-of-the-day-google-dorking-2014-8 |url-status=live }}</ref><ref>[http://whatis.techtarget.com/definition/Google-dork-query Google dork query] {{Webarchive|url=https://web.archive.org/web/20200116045547/http://whatis.techtarget.com/definition/Google-dork-query |date=January 16, 2020 }}, techtarget.com</ref> is a [[Hacker (computer security)|hacker]] technique that uses Google Search and other [[Google]] applications to find security holes in the [[computer configuration|configuration]] and computer code that [[website]]s are using.
Line 18:
Concepts explored in Google hacking have been extended to other [[search engines]], such as [[Bing (search engine)|Bing]]<ref name=bingHackingBF>{{cite web |url=http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/#bing-hacking-database---bhdb-v2 |title=Bing Hacking Database (BHDB) v2 |date=July 15, 2013 |publisher=Bishop Fox |access-date=August 27, 2014 |archive-date=June 8, 2019 |archive-url=https://web.archive.org/web/20190608014128/http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/#bing-hacking-database---bhdb-v2 |url-status=live }}</ref> and [[Shodan (website)#Automated Search Tools|Shodan]].<ref name=shodanHackingDB>{{cite web |url=http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/#shodan-hacking-database---shdb |title=Shodan Hacking Database (SHDB) - Part of SearchDiggity tool suite |publisher=Bishop Fox |access-date=June 21, 2013 |archive-date=June 8, 2019 |archive-url=https://web.archive.org/web/20190608014128/http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/#shodan-hacking-database---shdb |url-status=live }}</ref> Automated attack tools<ref name=searchDiggityBF>{{cite web |url=http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/#searchdiggity |title=SearchDiggity - Search Engine Attack Tool Suite |date=July 15, 2013 |publisher=Bishop Fox |access-date=August 27, 2014 |archive-date=June 8, 2019 |archive-url=https://web.archive.org/web/20190608014128/http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/#searchdiggity |url-status=live }}</ref> use custom search dictionaries to find [[vulnerability (computing)|vulnerable systems]] and [[data breach|sensitive information disclosures]] in public systems that have been indexed by search engines.<ref name="ghHistoryBF">{{cite web |url=http://www.bishopfox.com/resources/tools/google-hacking-diggity/google-hacking-history/ |title=Google Hacking History |date=July 15, 2013 |publisher=Bishop Fox |access-date=August 27, 2014 |archive-date=June 3, 2019 |archive-url=https://web.archive.org/web/20190603025255/http://www.bishopfox.com/resources/tools/google-hacking-diggity/google-hacking-history/ |url-status=dead }}</ref>
Google Dorking has been involved in some notorious cybercrime cases, such as the Bowman Avenue Dam hack<ref>{{cite news |title=Seven Iranians Working for Islamic Revolutionary Guard Corps-Affiliated Entities Charged for Conducting Coordinated Campaign of Cyber Attacks Against U.S. Financial Sector |url=https://www.justice.gov/opa/pr/seven-iranians-working-islamic-revolutionary-guard-corps-affiliated-entities-charged |publisher=UNITED STATES DEPARTMENT OF JUSTICE |access-date=March 27, 2023 |archive-date=September 24, 2023 |archive-url=https://web.archive.org/web/20230924092759/https://www.justice.gov/opa/pr/seven-iranians-working-islamic-revolutionary-guard-corps-affiliated-entities-charged |url-status=live }}</ref> and the CIA breach where around 70% of its worldwide networks were compromised.<ref>{{cite news |last1=Gallagher |first1=Sean |title=How did Iran find Cia Spies? They googled it |url=https://arstechnica.com/tech-policy/2018/11/how-did-iran-find-cia-spies-they-googled-it/ |publisher=Ars Technica |access-date=March 27, 2023 |archive-date=October 18, 2023 |archive-url=https://web.archive.org/web/20231018103413/https://arstechnica.com/tech-policy/2018/11/how-did-iran-find-cia-spies-they-googled-it/ |url-status=live }}</ref> Star Kashman, a legal scholar, has been one of the first to study the legality of this technique.<ref>{{cite journal |last1=Kashman |first1=Star |title=GOOGLE DORKING OR LEGAL HACKING: FROM THE CIA COMPROMISE TO YOUR CAMERAS AT HOME, WE ARE NOT AS SAFE AS WE THINK |journal=Wash. J. L. Tech. & Arts |date=2023 |volume=18 |issue=2}}</ref> Kashman argues that while Google Dorking is technically legal, it has often been used to carry out cybercrime and frequently leads to violations of the Computer Fraud and Abuse Act.<ref>{{cite journal |last1=Kashman |first1=Star |title=GOOGLE DORKING OR LEGAL HACKING: FROM THE CIA COMPROMISE TO YOUR CAMERAS AT HOME, WE ARE NOT AS SAFE AS WE THINK |journal=Washington Journal of Law, Technology & Arts |date=2023 |volume=18 |issue=2 |page=1 |url=https://digitalcommons.law.uw.edu/wjlta/vol18/iss2/1 |access-date=March 27, 2023 |archive-date=October 23, 2023 |archive-url=https://web.archive.org/web/20231023091719/https://digitalcommons.law.uw.edu/wjlta/vol18/iss2/1/ |url-status=live }}</ref> Her research has highlighted the legal and ethical implications of this technique, emphasizing the need for greater attention and regulation to be applied to its use.
==Protection==
| |||