Google Hacking: What is a Google Hack?

Google hacking, sometimes, referred to as Google dorking, is an information gathering technique used by an attacker leveraging advanced Google searching techniques. Google hacking search queries can be used to identify security vulnerabilities in web applications, gather information for arbitrary or individual targets, discover error messages disclosing sensitive information, discover files containing credentials and other sensitive data.

The advanced search string crafted by an attacker could be searching for the vulnerable version of a web application, or a specific file-type (.pwd, .sql...) in order to further restrict the search. The search can also be restricted to pages on a specific site, or it can search for specific information across all websites, giving a list of sites that contain the information.

For instance, the following search query will list SQL files (filetype:sql) available that have been indexed by Google on websites where directory listing is enabled (intitle:"index of").

intitle:"index of" filetype:sql

Google hacking

Similarly, the following search query will list publicly accessible phpMyAdmin installations.

"phpMyAdmin" "running on" inurl:"main.php"

Logical operators and symbols in Google Search

Attackers can take advantage of Google search logical operators such as AND, NOT and OR (case sensitive) as well as operators such as ~, – and *. The following table provides additional information on these operators.

Logical Operator Description Examples
AND or + Used to include keywords. All the keywords need to be found.
  • web AND application AND security
  • web +application +security
NOT or – Used to exclude keywords. All the keywords need to be found.
  • web application NOT security
  • web application security
OR or | Used to include keywords where either one keyword or another is matched. All the keywords need to be found.
  • web application OR security
  • web application |security
Tilde (~) Used to include synonyms and similar words.
  • web application ~security
Double quote (“) Used to include exact matches.
  • “web application security”
Period (.) Used to include single-character wildcards.
  • .eb application security
Asterisk (*) Used to include single-word wildcards.
  • web * security
Parenthesis (()) Used to group queries
  • (“web security” | websecurity)

Advanced search operators

The advanced Google operators assist the user in refining search results further. The syntax of advanced operators is as follows.

operator:search_string_text

The syntax consists of three parts, the operator, the colon (:) and the desired keyword to be searched. Spaces may be inserted by using double quotes (“).

Google search identifies the above pattern and restricts the search using the information provided. For instance, using the previously mentioned search query, intitle:"index of" filetype:sql, Google will search for the string index of in the title (this is the default title used by Apache HTTP Server for directory listings) of a website and will restrict the search to SQL files that have been indexed by Google.

The table below lists some advanced operators that can be used to find vulnerable websites. For more search operators see Google’s Advanced Search page.

Advanced Operator Description Examples
site: Limit the search query to a specific domain or web site.
  • site:example.com
filetype: Limit the search to text found in a specific file type
  • mysqldump filetype:sql
link: Search for pages that link to the requested URL
  • link:www.example.com
cache: Search and display a version of a web page as it was shown when Google crawled it.
  • cache:example.com
intitle: Search for a string text within the title of a page.
  • intitle:”index of”
inurl: Search for a string within a URL
  • inurl:passwords.txt

Preventing Google Hacking Attacks

Google Hacking is nothing more than a reconnaissance method for attackers to discover potential vulnerabilities and misconfigurations. Therefore, testing websites and web applications for vulnerabilities and misconfigurations and then proceeding to fix them, not only removes the enumeration risk, but also prevents exploitation.

Naturally, routine manual testing of vulnerabilities that can be picked up by a Google search is lame and very time consuming. On the other hand, this is the sort of task at which a comprehensive automated web vulnerability scanner excels at.

The following is an example of a Google Hacking query that would find exposed PHPinfo files.

"PHP Credits" "Configuration" "PHP Core" filetype:php inurl:info

Scanning a website with an exposed PHPinfo file would be identified as follows in Acunetix.

Preventing Google Hacking Attacks

Ideally such files are removed, however, if these pages are absolutely required, you should restrict access to these pages by for example, making use of HTTP Authentication.

Frequently asked questions

Google hacking means using Google to find files and pages that are not secure. If you have any insecure files or pages, a Google hacker can find them easily. All they need to do is enter a specific search query in Google.

Find our more about information that Google hacking may expose.

No, the term Google hacking does not refer to hacking the Google search engine or other Google products. However, Google welcomes white-hat hackers and awards bounties if you can hack their web applications to improve their security.

See how security researchers found vulnerabilities in Google using Acunetix.

Yes, Google hacking should actually be called search engine hacking because it works with all search engines. Of course, specific queries for other search engines might be different.

Access the Google hacking database, which contains search queries specific to Google.

The most effective way to protect yourself against Google hacks is to make sure that you don’t have any exposed files or pages. A vulnerability scanner can regularly check that for you. It will also check for tons of other, even more serious problems that may let attackers steal information or take over your website.

Find out what Acunetix Premium can do for you.