Tuning in Google

How we can refine our searches

 

Many people do not know how to squeeze Google to refine their searches and get the most out of it.

Google has advanced operators that we can use to make our searches more accurate. These operators are also used to obtain a lot of web data with security flaws, obtaining in the end its own name Google Hacking, currently better known as Google Dorks, which if we translate it would be like Google stupid or idiots, you will understand throughout the post why it is called so.

We will start with the most typical which are the signs, where we find:

"" If we want to search for an exact phrase, we will put it in quotation marks, showing us all those websites that contain the phrase exactly as it is in quotation marks.

"Find an apartment in Madrid"

- The hyphen is used to exclude in your searches, for example, we are looking for apartments in Madrid but we hate idealistas and milanuncios.

Find apartment in Madrid -idealista -milaunincios

The operators can be combined with each other, in this case with what we have done so far would be

"Find apartment in Madrid" -idealist -milaunincios

* It is a wildcard, we are performing a search where we are missing a word we do not know.

cinemas * Madrid

 @Used to find users in social networks, e.g.

@user

# Results of social networks with the hashtag of your choice

#canalfiesta

+ Used to search for profiles on Google+

+name

$ To find products with an exact price, in this case we will write the symbol in front of the price which is the most accurate, if we follow the Spanish rules the results will be much fewer.

camera $300

Igual que el dolar pero con euros, en este caso lo ponemos detrás o delante el resultado suele ser similar

camera 300€

.. The two little dots are really good, imagine that you want to buy a laptop, not too bad, not too good or because you have a budget for such a purchase, we would write (you can combine it with the previous symbols of $ and €)

laptop 400..600

We will now move on to other operators that are also available and more widely used and interesting, due to their power.

OR :To search for multiple terms in a single search

laptops OR tablets OR mobiles

site: para buscar en un sitio o dominio en concreto

site:pccomponentes.com xiaomi 200..300

As you can see we have made another combination to search on pccomponents for the xiaomi between 200 and 300 euros.

related: To search for sites related to a selected url

related:periodistas-es.com

cache: To see the version of cache that google has on a site

cache:periodistas-es.com

filetype: To search for web sites that contain the type of document we are looking for, for example txt

filetype:txt

intitle: To search for web pages that contain in their title in any order the indicated words, it is undoubtedly one of the best, as you will see.

intitle: motorcycles tricycles bicycles

inturl: To search for terms in any order in your url

inturl: motorcycles tricycles bicycles

inttext: To search for terms in any order in the text

inttext: motorcycles tricycles bicycles

To these last three operators described above, we can add in front of them all being allintitle,allinturl,allintext to indicate that the order must match.

Very important in all these operators where you have to write behind the : do not leave any space or Google will take it as a word to search.

There are many more, we leave it to you to investigate.

Google also has its advanced search in the foot of your web, that forgotten part that is under the search bar hehe, clicking on settings/advanced search.

Where we will be able to use many of these operators without knowing them by means of form.

In addition we also have the option to search by images, which surprisingly many people do not know being in the top right and also has advanced search in configuration.

When you click on images you will see the search bar change to show a camera on the right.

Well, apart from using terms to search for images, which you can do in normal mode and then select images, you can click on the camera and upload a photo, to search for all possible matches. For example, you have seen a table in a place that you love and you don't know where to buy it, take a picture and go up or you are looking at a statue and you are curious about it, take a picture and go up too hehe.

And now what?

As we mentioned at the beginning, why from these operators a "Google Hacking" technique has been born, you may ask.

Combining many of these operators or knowing how many systems work, making use of them, we can obtain very sensitive information, such as users and passwords, access to databases, access to cms, documents, books, ... puff endless things, without much effort.

In this post we are only going to put some examples, because although it is for informative level and of learning there is much capullín that in addition can be put in messes without wanting.

For example many webs by mistake or by ignorance allow to list directories and files, where it can be very dangerous if in addition the permissions are not established correctly, acceding to sites where it is not due. And that have these webs in the title, Index of, therefore if we make use simply of the operator intitle: with its quotation marks, let's remember that it coincides exactly with what there is between quotation marks.

intitle:"Index of"

We will see the number of web sites, millions, where file and directory listing is allowed.

If we also start playing with the operators we can be finer.

intitle:"Index of" filetype:txt

Or why not?

intitle:"Index of/" "password.txt"

A few more examples and we let them have fun testing and studying.

intitle:"index of" "mysql.properties"

site:*/LoginPanel.aspx

intitle:"index of" cvsroot

site:*/wp-admin/install.php intitle:WordPress Installation

Many systems such as WAF (Web Application Firewall) protect us from Google Dorks, so it is always advisable to have our servers in environments with as many security systems as we can afford.

As you can see with a couple of operators, knowing how many systems work you can find a lot of information that surely should not be there either by mistake that can happen to all of us or by ignorance, hence, they called Google Dorks, now you understand its meaning.

Enjoy... see you soon

TL.


WP Rocket - WordPress Caching Plugin
Ledger Nano X - The secure hardware wallet

WP Rocket - WordPress Caching Plugin
Ledger Nano X - The secure hardware wallet
No hay comentarios

Comenta la entrada