Welcome
  • 👋Welcome!
  • 🔍About Me
  • 🔨Projects
    • Aircrack-ng
    • SQL Injection
    • Data Exfiltration
    • Persistence
    • Lateral Movement
    • Pico Ducky
    • Useful Commands
      • Windows
      • Linux
    • Reverse Shell
    • Metasploit
    • Useful commands for website hacking
    • Web Status Code Guides
    • Zaid Website Hacking Course Notes
    • Security+ Notes
  • Try Hack Me
  • Hack The Box
    • Support
  • Hacker One
  • 👶Freshman
    • System 140
      • Tech Glossary
      • Week 1
        • Connecting to Cyber.Local
        • Number Systems Journal 1
      • Week 2
        • SYS 140 Lab 1
        • Chapter 3 A+
        • johnson_homework1
      • Week 3
        • Derek Johnson Lab3
        • System Fundementals Hw #2
        • Derek Johnson w3 journal
      • Week 4
        • Derek Johnson RAM Lab
        • Notes
        • SYS140_Chapter7_lab
      • Week 5
        • Tech Journal
        • SYS140_Chapter7_lab
      • Week 6
        • Lab #5: PC Purchase
        • Tech Journal Week 6
      • Week 7
        • Rainmeter Lab
      • Week 8
        • Week 8 Journal
      • Week 9
        • Homework #5: I/O Research Questions
        • Accessibility Lab
        • Chapter 13 Journal
      • Week 10
        • Homework #6 Chap. 15 Commands
        • NetworkToolsLab
        • Lab 2
      • Week 11
        • Lab 9a Scripting Practice
        • Lab 9b Scripting Practice
      • Week 12
        • Week 12 Journal
      • Week 13
        • Lab 10b Linux Command Line Programs
        • Sysinternals
        • Information Literacy Integration_21
      • Week 14
        • 11/28/2022 Notes
        • Automatic Updating
        • Lab Guide on Windows 10 dd
      • Week 15
        • DF Lab_SYS140wk15
    • Security 110
      • Tech Glossary
      • Week 1
        • Professional Document Template
      • Week 2
        • Deploy a Virtual Machine
      • Week 3
        • UDP Scan Lab
      • Week 4
        • TCP Scan Lab
      • Week 5
        • Google Hacking
      • Week 6
        • Data Security Principles - Information States
        • Osint Findings
        • Security Goals
      • Week 7
        • Data Security Principles
          • SEC 110_Assignment_3 1
      • Week 8
        • Wireshark Lab
      • Week 9
      • Week 10
        • Crypto Scheme
        • 1 Caesar Cipher Activity
        • Encryption in Transit Lab
      • Week 11
      • Week 12
        • 2 Digital Certificates
        • 1_ Hash Functions Lab
        • 1_ MCRYPT
      • Week 13
        • 2_ HASHING ACTIVITY
        • Public Key Encryption
        • Public Key Encryption Part 2
      • Week 14
        • 3 Password Audits
      • Week 15
        • 2_ Digital Signatures
        • Web Security Research
    • Network 150
      • Week 1
        • johnson lab1.1 01 20 23
      • Week 2
        • Journal-Notes-01-24-23
        • Intro to Packet Tracer
        • 01 25 23 IntroToPacketTracer Johnson
      • Week 3
        • johnson-01-27-23-ObservingLan
      • Week 4
        • Johnson 3.2 02 05 23
        • Lab 3.2 notes
        • 1 johnson 02 05 23
      • Week 5
        • Lab 4-1: ARP Packet Tracer Lab
        • Lab 4-2
        • Lab-4-2-submission
        • Lab 4-3
        • 3 Johnson
        • Lab 5-1
        • Week 11
          • Dynamic Routing
      • Week 8
        • Lab 7.1 deliverable
        • Lab 7.1 Notes
      • Week 12
        • Rip-Lab-10.1
        • 10-1 Lab Johnson
        • 10-2-Johnson
      • Week 13
        • Lab 11-1 VLANs in Packet Tracer Johnson
      • Week 14
        • Lab-12-2-Johnson
        • Lab Notes
      • Lab-14-1-Johnson
    • Security 250
      • Week 1
        • Week 1: Lab Attack Simulation
        • Week 1a: Legal Analysis
      • Week 2
      • Week 3
      • Week 4
        • johnson 3bLab phishingquiz
      • Week 5
        • Steganography sec250 FA 2022 (1)
        • Shell lab SP17 DBGrevised (1)
        • Notes
      • Week 6
        • Vulnerability Information Gathering Johnson
        • Mid Term Notes
      • Week 11
        • NMAP Lab Commands
      • Week 12
        • Open VPN Lab
  • 🧒Sophomore
  • 🧑‍🦱Junior
  • 🧓Senior
  • 📧Contact
    • Links
Powered by GitBook
On this page
  • What is Google dorking?
  • The first google search I ran was the following
  • The next search I ran was to find cameras running webcamXP5
  • The last search I ran was the following
  • Summary
  1. Freshman
  2. Security 110
  3. Week 5

Google Hacking

PreviousWeek 5NextWeek 6

Last updated 2 years ago

What is Google dorking?

Google dorking is a term which is used to describe specific google searches that reveal certain information and files that normal term searching would not otherwise find. Security professionals use google dorking to see what potentially dangerous information there is published regarding an organization and attackers use it to find vulnerabilities to exploit.

The first google search I ran was the following

allintext:username filetype:log

This returned log files that were unintentionally published on the internet. This file shows sensitive information like usernames and passwords which attackers can use to gain access to websites and servers.

The next search I ran was to find cameras running webcamXP5 

intitle:”webcamXP 5”

This returned a bunch of webcams and cameras that have webcamXP 5 downloaded onto them. The permissions were never changed to restrict the camera’s connection to the internet allowing for people to view these webcams online.

The last search I ran was the following

db_password filteype:env

This returned env files which contained more sensitive information like usernames and passwords for databases for different websites and applications. They were also published unintentionally.

Summary

This shows why people need to be careful about what information is published on the internet. Attackers use this information to gain access to sensitive information and exploit websites or applications.

👶