Google searches can be more than a treasure for a pentester, if he uses them effectively. With Google searches, an attacker may be able to gather some very interesting information, including passwords, on the target. Google has developed a few search parameters in order to improve targeted search. However, they are abused by hackers to search for sensitive information via Google.
Some Basic Parameters
Site
The site parameter is used to search for all the web pages that are indexed by Google. Webmasters have the option of specifying what pages should or should not be indexed by Google, and this information is saved in the robots.txt file, which an attacker can easily view. Example:-
http://www.techlotips.com/robots.txt
As you can see from this screenshot the Webmaster has disallowed some directories from being indexed. Sometimes, you may find some interesting information in them such as admin pages and other sensitive directories that the webmaster would not like the search engines to crawl. Coming back to the site parameter, let’s take a look at its usage.
Usage
Site: http://www.techlotips.com
This query will return all the web pages indexed by Google.
Link:
Link: http://www.techlotips.com
This search query will return all the websites that have linked to techlotips.com. These websites may contain some interesting information regarding the target.
Intitle:
Intitle keyword is used to return some results with a specific title.
Usage
Site: http://www.techlotips.com Intitle:ftp users
This query will return all the pages from techlotips that contain the title “ftp users”
Note: This usage query is just for demonstration as it may not work in most cases.
Inurl:
Inurl is a very useful search query. It can be used to return URLs with specific keywords.
Site: http://www.techlotips.com inurl:ceo names
This query will return all URLs with the given keyword.
Filetype:
Site: http://www.msn.com filetype:pdf
You can also ask Google to return specific files such as PDF and .docx by using the filetype
query.
ujjwal010 