Google hacking: Difference between revisions

{{Short description|Hacker technique}}

{{distinguish|Google Hacks}}

{{Use mdy dates|date=February 2023}}

'''Google hacking''', also named '''Google dorking''',<ref>{{Cite web |url=http://www.businessinsider.com/term-of-the-day-google-dorking-2014-8 |title=Term Of The Day: Google Dorking - Business Insider |website=[[Business Insider]] |access-date=January 17, 2016 |archive-date=June 19, 2020 |archive-url=https://web.archive.org/web/20200619024800/https://www.businessinsider.com/term-of-the-day-google-dorking-2014-8 |url-status=live }}</ref><ref>[http://whatis.techtarget.com/definition/Google-dork-query Google dork query] {{Webarchive|url=https://web.archive.org/web/20200116045547/http://whatis.techtarget.com/definition/Google-dork-query |date=January 16, 2020 }}, techtarget.com</ref> is a [[Hacker (computer security)|hacker]] technique that uses Google Search and other [[Google]] applications to find security holes in the [[computer configuration|configuration]] and computer code that [[website]]s are using.

 

Google hacking involves using operators in the Google [[Web search engine|search engine]] to locate specific sections of text on websites that are evidence of vulnerabilities, for example specific versions of vulnerable [[Web application]]s. A search query with <code>intitle:admbook intitle:Fversion filetype:php</code> would locate PHP web pages with the strings "admbook" and "Fversion" in their titles, indicating that the PHP based guestbook Admbook is used, an application with a known [[code injection]] vulnerability. It is normal for [[default (computer science)|default]] installations of applications to include their running version in every page they serve, for example, "Powered by XOOPS 2.2.3 Final", which can be used to search for websites running vulnerable versions.