Question

Google dorking, or using advanced Google search techniques to find sensitive information, has been likened to “online dumpster diving.” Use the Internet to research Google dorking. First, use the Internet to determine how the following advanced Google search engine operators are used: allintext, allintitle, allinurl, cache, filetype, inanchor, intest, intitle, link, site, +, |, and *. Then, use at least five of the operators to create potential Google dorking searches. Finally, try out your searches to see if they are effective. How easy is it for a threat actor to use Google dorking? How can users and organizations combat this? List your Google dorking searches, the results, and the defenses that should be used against it. Write a one-page paper on your activity.

screenshot of type findings. show screenshot of the 5 operators for the Dorking search, is it effective? and answer the rest.

Answer 1

• allintext: Only those results are shown that that contain all the terms specified in the query inside the text of the page. For example, allintext: Marilyn Monroe Affair will return only those pages in which all the words “Marilyn”, “Monroe”, and “Affair” appear in the text of the page. This gives more precise results.
  
• allintitle: Only those results are shown that that contain all the terms specified in the query inside the title of the page. For example, allintitle: Marilyn Monroe Affair will return only those pages in which all the words “Marilyn”, “Monroe”, and “Affair” appear in the title of the page. This also gives precise results.
  
• allinurl: Only those results are shown that that contain all the terms specified in the query inside the url of the page. For example, allinurl: Marilyn Monroe Affair will return only those pages in which all the words “Marilyn”, “Monroe”, and “Affair” appear in the url of the page. This also gives precise results.
  
• cache: This will display Google’s cached version of a web page, and not its current version. For example, cache: https://www.womansday.com/relationships/a60346/true-story-marilyn-monroe-john-f-kennedy-affair/ will show the cached version first.
  
• filetype: It will give results of pages whose names end in the specified filetype. For example, Marilyn Monroe Affair filetype:pdf will return only pdf files.
  

• inanchor: It will give results containing the query terms in the anchor text (or links) to the page. For example, Marilyn Monroe inanchor:Affair  will return pages with "Affair" in the text on links to the pages that themselves itself contains Marilyn Monroe
  

• intext: It returns pages containing the query terms in their text. For example, Marilyn Monroe intext:Affair  will return pages with "Affair" in the text. This applies only to single words while allintext can apply to more than one words. It is advisable to use allintext instead for a better search result using more terms.
  

• intitle: It returns pages containing the query terms in their titles. For example, Marilyn Monroe intitle:Affair  will return pages with "Affair" in their title. This applies only to single words while allintitle can apply to more than one words. It is advisable to use allintitle instead for a better search result using more terms.
  

• link: It shows pages that contain that URL. For example, link:www.marilynmonroeaffair.com will return pages containing this link.
  

• site: This restricts the google search just to the specifies site or domain. For example, Date site:www.marilynmonroeaffair.com will show Date related information from www.marilynmonroeaffair.com. The screenshot below does not show any results since there is no website as www.marilynmonroeaffair.com.
  

• + operator: It is used for exact match. It is similar to " " (double quotes). For example, Marilyn Monroe +Affair will give only those results that contain the word "Affair".
  

• | operator: It is used as OR, i.e. it searched for any number of the specified terms. For example: Marilyn|Monroe|Affair will return pages containing information related to all of the three terms.
  

• * operator: It is used as a blank or a proxy or a placeholder to represent one or more words. For example, “Marilyn * Affair“ will result in pages containing any phrase that starts with “Marilyn” followed by one or more words, and ends in “Affair.” The resulting phrase can be Marilyn Monroe Affair, Marilyn Monroe had an affair, Marilyn Monroe and Kennedy probably had an Affair, etc etc.
  

• Harmful consequences of Google Dorking:

  • Hackers can get access to private data. For example, allintext:username filetype:log will result in usernames in all log files. Even cache command can divulge private information.

  • Commands like filetype:xls inurl:"email.xls" can give hackers sensitive information.

  • It can be used to get access to live cameras. An easy search such as intitle:"webcam" can give hackers access to video chats.

  • index of searches lets one peep into other's personal files.

• Easy steps to avoid an attack from Google forking:

  • ​​​​​​​Captcha challenges can stop automated dorking.

  • Using IP-based protection can limit dorking to a certain extent.

  • Encrypting files will help to avoid misuse of information

  • Regularly run efficient vulnerability tests