dorks
"Dorking" is a technique that involves issuing specific commands into a given search engine to discover vulnerable applications or to harvest data.
Some cool examples:
^ This will find public webcams.
^ .env files define environment variables. These files aren't meant to be public, and here we're taking advantage of that by searching public indexed .env files passwords.
^ "index of" in a page's title indicates a directory. Here, we're searching for "contacts.txt" within those public directories.
^ This searches for indexed pages that manage HP's laserjet pro printers. If you're feeling particularly brave, the default user/password is "admin" & "password" ;)
• "Google Hacking Database", explot-db.com
• "Google Advanced Search Operators", ahrefs.com
Google Dorks
Google, being the most popular search engine, is the most well-known type of dorking. Use Google search operators to do so.Some cool examples:
inurl:"ViewerFrame?Mode="
db_password filetype:env
intitle:"index of" "contacts.txt"
intitle:HP LASERJET PRO MFP inurl:/SSI/index.htm
Shodan
While google is a general search engine, Shodan is a search engine explicitly for internet-connected devices. Shodan makes dorking incredibly powerful, as it makes finding potentially vulnerable devices almost trivial.Further Reading
• "Top 40 Shodan Dorks", https://securitytrails.com/• "Google Hacking Database", explot-db.com
• "Google Advanced Search Operators", ahrefs.com