title
|
Search in the title of the page. Text between tags <br></td>
<td width="214">intitle:”index of” - finds all pages with a directory listing <br></td>
</tr><tr><td width="214">ext <br></td>
<td width="214">Search for pages with the specified extension <br></td>
<td width="214">ext:pdf - finds all pdf files <br></td>
</tr><tr><td width="214">filetype <br></td>
<td width="214">At present, it is completely analogous to class. the word "ext" <br></td>
<td width="214">filetype:pdf - similar <br></td>
</tr><tr><td width="214">related <br></td>
<td width="214">Search for sites with similar topics <br></td>
<td width="214">related:google.ru - will show its analogues <br></td>
</tr><tr><td width="214">link <br></td>
<td width="214">Search for sites that link to this <br></td>
<td width="214">link:somesite.ru - finds all sites that have a link to this <br></td>
</tr><tr><td width="214">define <br></td>
<td width="214">Show word definition <br></td>
<td width="214">define:0day - definition of the term <br></td>
</tr><tr><td width="214">cache <br></td>
<td width="214">Show cached page content (if available) <br></td>
<td width="214">cache:google.com - open page from cache <br></td>
</tr></tbody></table><p>Table 2 - <a href="https://bar812.ru/en/volnistaya-bukva-na-klaviature-kak-vvodit-specialnye-simvoly-otsutstvuyushchie.html">Special symbols</a> google queries <br></p><table><tbody><tr><td width="214"><b>Symbol</b><br></td>
<td width="214"><b>Meaning</b><br></td>
<td width="214"><b>Example</b><br></td>
</tr><tr><td width="214">“<br></td>
<td width="214">Exact Phrase <br></td>
<td width="214">intitle:"RouterOS router configuration page" - search for routers <br></td>
</tr><tr><td width="214">*<br></td>
<td width="214">Any text <br></td>
<td width="214">inurl:"bitrix*mcart" - search for sites on bitrix with a vulnerable mcart module <br></td>
</tr><tr><td width="214">.<br></td>
<td width="214">Any character <br></td>
<td width="214">Index.of - similar to the index of query <br></td>
</tr><tr><td width="214">-<br></td>
<td width="214">Delete word <br></td>
<td width="214">error -warning - show all pages with error but no warning <br></td>
</tr><tr><td width="214">..<br></td>
<td width="214">Range <br></td>
<td width="214">cve 2006..2016 - show vulnerabilities by year starting from 2006 <br></td>
</tr><tr><td width="214">|<br></td>
<td width="214">Logical "or" <br></td>
<td width="214">linux | windows - show pages where either the first or second word occurs <br></td>
</tr></tbody></table><br>It should be understood that any request to a search engine is a search only by words. <br>It is useless to look for meta-characters on the page (quotes, brackets, punctuation marks, etc.). Even searching for an exact phrase in quotation marks is a word search, followed by an exact match already in the results. <p>All Google Hack Database dorks are logically divided into 14 categories and are presented in Table 3. <br>Table 3 - Google Hack Database Categories <br></p><table><tbody><tr><td width="168"><b>Category</b><br></td>
<td width="190"><b>What makes it possible to find</b><br></td>
<td width="284"><b>Example</b><br></td>
</tr><tr><td width="168">footholds <br></td>
<td width="190">Web shells, public file managers <br></td>
<td width="284">Find all hacked sites containing the listed webshells: <br>(intitle:"phpshell" OR intitle:"c99shell" OR intitle:"r57shell" OR intitle:"PHP Shell" OR intitle:"phpRemoteView") `rwx` "uname" <br></td>
</tr><tr><td width="168">Files containing usernames <br></td>
<td width="190">registry files, <a href="https://bar812.ru/en/kak-sozdat-cd-rom-razdel-na-fleshke-pereproshivka-fleshki-v-dvd-privod-so.html">configuration files</a>, logs, files containing the history of entered commands <br></td>
<td width="284">Find all registry files containing account information: <br><i>filetype:reg reg +intext:"internet account manager"</i><br></td>
</tr><tr><td width="168">Sensitive Directories <br></td>
<td width="190">Directories with various information (personal documents, vpn configs, hidden repositories, etc.) <br></td>
<td width="284">Find all directory listings containing files related to vpn: <br><i>"Config" intitle:"Index of" intext:vpn</i><br>Sites containing git repositories: <br><i>(intext:"index of /.git") ("parent directory")</i><br></td>
</tr><tr><td width="168">Web Server Detection <br></td>
<td width="190">Version and other information about the web server <br></td>
<td width="284">Find the administrative consoles of the JBoss server: <br><i>inurl:"/web-console/" intitle:"Administration Console"</i><br></td>
</tr><tr><td width="168">Vulnerable Files <br></td>
<td width="190">Scripts containing known vulnerabilities <br></td>
<td width="284">Find sites that use a script that allows you to upload an arbitrary file from the server: <br><i>allinurl:forcedownload.php?file=</i><br></td>
</tr><tr><td width="168">Vulnerable Servers <br></td>
<td width="190">Installation scripts, web shells, open administrative consoles, etc. <br></td>
<td width="284">Find open PHPMyAdmin consoles run as root: <br><i>intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"</i><br></td>
</tr><tr><td width="168">error messages <br></td>
<td width="190">Various errors and warnings often revealing <a href="https://bar812.ru/en/virus-shifrovalshchik-obnovlenie-pro-obnovlenie-windows-ot-virusa-shifrovalshchika-wannacry-sdelat-reze.html">important information</a>- from CMS version to passwords <br></td>
<td width="284">Sites with errors in executing sql queries to the database: <br><i>"Warning: mysql_query()" "invalid query"</i><br></td>
</tr><tr><td width="168">Files containing juicy info <br></td>
<td width="190">Certificates, backups, emails, logs, sql scripts, etc. <br></td>
<td width="284">Find initialization sql scripts: <br><i>filetype:sql and " <a href="https://bar812.ru/en/sql-zaprosy-insert-sql-zapros-insert-into-napolnit-bazu-dannyh-informaciei.html">insert into</a>-site:github.com</i><br></td>
</tr><tr><td width="168">Files containing passwords <br></td>
<td width="190">Everything that can contain passwords - logs, sql scripts, etc. <br></td>
<td width="284">Logs mentioning passwords: <br><i>filetype:</i><i>log</i><i>intext:</i><i>password |</i><i>pass |</i><i>pw</i><br>sql scripts containing passwords: <br><i>ext:</i><i>sql</i><i>intext:</i><i>username</i><i>intext:</i><i>password</i><br></td>
</tr><tr><td width="168">Sensitive Online Shopping Info <br></td>
<td width="190">Information related to online shopping <br></td>
<td width="284">Find pincodes: <br><i>dcid=</i><i>bn=</i><i>pin</i><i>code=</i><br></td>
</tr><tr><td width="168">Network or vulnerability data <br></td>
<td width="190">Information that is not directly related to the web resource, but affects the network or other non-web services <br></td>
<td width="284">Find scripts <a href="https://bar812.ru/en/avtomaticheskaya-nastroika-pk-setevye-nastroiki-otklyuchenie-parkovki.html">auto tuning</a> proxies containing information about the internal network: <br><i>inurl:proxy | inurl:wpad ext:pac | ext:dat findproxyforurl</i><br></td>
</tr><tr><td width="168">Pages containing portals <br></td>
<td width="190">Pages containing login forms <br></td>
<td width="284">saplogon webpages: <br><i>intext:"2016 SAP AG. All rights reserved.” intitle:"login"</i><br></td>
</tr><tr><td width="168">Various Online Devices <br></td>
<td width="190">Printers, routers, monitoring systems, etc. <br></td>
<td width="284">Find the printer configuration panel: <br><i>title:"</i><i>hp</i><i>laserjet"</i><i>inurl:</i><i>SSI/</i><i>Auth/</i><i>set_</i><i>config_</i><i>deviceinfo.</i><i>htm</i><br></td>
</tr><tr><td width="168">Advisories and Vulnerabilities <br></td>
<td width="190">Sites on vulnerable versions of CMS <br></td>
<td width="284">Find vulnerable plugins through which you can upload an arbitrary file to the server: <br><i>inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled</i><br></td>
</tr></tbody></table><br>Dorks are more often focused on searching all sites on the Internet. But nothing prevents you from limiting the search area on any site or sites. <br>Each request to google can be focused on a specific site by adding the keyword "site:somesite.com" to the request. This keyword can be appended to any dork. <p><b>Vulnerability Search Automation</b><br>So the idea was born to write a simple utility that automates the search for vulnerabilities using a search engine (google) and based on the Google Hack Database.</p><p>The utility is a script written in nodejs using phantomjs. To be precise, the script is interpreted by phantomjs itself. <br>Phantomjs is a complete web browser without <a href="https://bar812.ru/en/v-prilozhenii-graficheskii-interfeis-sistemy-proizoshla-oshibka.html">GUI</a>, managed using js code and having a convenient API. <br>The utility received a quite understandable name - dorks. Launching it in <a href="https://bar812.ru/en/c-dostat-argumenty-main-iz-funkcii-argumenty-funkcii-main-ispolzovanie-argumentov-komandnoi-st.html">command line</a>(without options) we get a short help with a few examples of use: <br><br><img src='https://i2.wp.com/habrastorage.org/getpro/habr/post_images/edd/6fb/ccc/edd6fbccc5ec340abe750f3073c1b427.jpg' width="100%" loading=lazy loading=lazy><br>Figure 1 - List of basic dorks options</p><p>The general syntax of the utility is: dork "command" "list of options". <br>A detailed description of all options is presented in Table 4.</p><p>Table 4 - Syntax dorks <br></p><table border="1"><tbody><tr><td width="214"><b>Team</b><br></td>
<td width="214"><b>Option</b><br></td>
<td width="214"><b>Description</b><br></td>
</tr><tr><td rowspan="4" width="214">ghdb <br></td>
<td width="214">-l <br></td>
<td width="214">Display numbered list of dork categories Google Hack Database <br></td>
</tr><tr><td width="214">-c "category number or name" <br></td>
<td width="214">Download dorks of the specified category by number or name <br></td>
</tr><tr><td width="214">-q "phrase" <br></td>
<td width="214">Download dorks found on request <br></td>
</tr><tr><td width="214">-o "file" <br></td>
<td width="214">Save result to file (only with -c|-q options) <br></td>
</tr><tr><td rowspan="8" width="214">google <br></td>
<td width="214">-d "dork" <br></td>
<td width="214">Specify arbitrary dork (option can be used many times, combination with -D option is allowed) <br></td>
</tr><tr><td width="214">-D "file" <br></td>
<td width="214">Use dorks from a file <br></td>
</tr><tr><td width="214">-s "site" <br></td>
<td width="214">Set site (option can be used multiple times, combination with -S option is allowed) <br></td>
</tr><tr><td width="214">-S "file" <br></td>
<td width="214">Use sites from a file (dorks will be searched for each site independently) <br></td>
</tr><tr><td width="214">-f "filter" <br></td>
<td width="214">Set additional keywords (will be added to each dork) <br></td>
</tr><tr><td width="214">-t "number of ms" <br></td>
<td width="214">Interval between requests to google <br></td>
</tr><tr><td width="214">-T "number of ms" <br></td>
<td width="214">Timeout if captcha encountered <br></td>
</tr><tr><td width="214">-o "file" <br></td>
<td width="214">Save the result to a file (only those dorks for which something was found will be saved) <br></td>
</tr></tbody></table><br>Using the ghdb command, you can get all the dorks from exploit-db on an arbitrary request, or specify the entire category. If you specify category 0, then the entire database will be unloaded (about 4.5 thousand dorks). <p>List of categories available on <a href="https://bar812.ru/en/podrobnyi-obzor-i-testirovanie-apple-iphone-se-apple-iphone-se-2017-dizain.html">this moment</a> shown in Figure 2. <br><br><img src='https://i0.wp.com/habrastorage.org/getpro/habr/post_images/b8f/b11/ffe/b8fb11ffeaced5066fd2fd9e43be67fb.jpg' width="100%" loading=lazy loading=lazy></p><p>Figure 2 - List of available categories of GHDB dorks</p><p>The google command will substitute each dork in <a href="https://bar812.ru/en/yandeks-pipl-mgnovennyi-poisk-lyudei-po-vsem-socsetyam-srazu-shest.html">google search engine</a> and analyzed the result for matches. Dorks for which something was found will be saved to a file. <br>The utility supports <a href="https://bar812.ru/en/vhod-v-rekaveri-android-kak-pereiti-v-rezhim-recovery-na-raznyh-android-ustroistvah.html">different modes</a> search: <br>1 dork and 1 site; <br>1 dork and many sites; <br>1 site and many dorks; <br>many sites and many dorks; <br>The list of dorks and sites can be specified both through an argument and through a file.</p><p><b>Demonstration of work</b><br>Let's try to look for any vulnerabilities using the example of searching for error messages. The command: dorks ghdb –c 7 –o errors.dorks will load all known dorks of the “Error Messages” category as shown in Figure 3. <br><br><img src='https://i1.wp.com/habrastorage.org/getpro/habr/post_images/28c/386/641/28c386641d1528652f7f8e8b8089097a.jpg' width="100%" loading=lazy loading=lazy><br>Figure 3 - Loading all known dorks of the “Error Messages” category</p><p>Dorks loaded and saved to a file. Now it remains to "set" them on some site (see Figure 4). <br><br><img src='https://i0.wp.com/habrastorage.org/getpro/habr/post_images/8e0/a8a/3af/8e0a8a3af4f26544da1faa584813dbff.jpg' width="100%" loading=lazy loading=lazy><br>Figure 4 - Search for vulnerabilities of the site of interest in the google cache</p><p>After some time, several pages containing errors are found on the site under study (see Figure 5).</p><p><img src='https://i1.wp.com/habrastorage.org/getpro/habr/post_images/10b/e83/ba3/10be83ba38f172213ba06b3f9ad05a58.jpg' width="100%" loading=lazy loading=lazy><br>Figure 5 - Found error messages</p><p>The result, in the file result.txt we get <a href="https://bar812.ru/en/polnyi-spisok-ussd-zaprosov-dlya-abonentov-a1-velcom-poryadok-predostavleniya.html">full list</a> dorks leading to the error. <br>Figure 6 shows the result of searching for site errors. <br><br>Figure 6 - The result of the search for errors</p><p>In the cache for this dork, a full backtrace is displayed, revealing the absolute paths of the scripts, the content management system of the site, and the type of database (see Figure 7). <br><br><img src='https://i2.wp.com/habrastorage.org/getpro/habr/post_images/0a9/455/588/0a9455588496d6609f5e13d598cb5a48.jpg' width="100%" loading=lazy loading=lazy><br>Figure 7 - disclosure of information about the site structure</p><p>However, it should be borne in mind that not all dorks from GHDB give the true result. Also, google may not find an exact match and show a similar result.</p><p>In this case, it is wiser to use your personal list of dorks. For example, it is always worth looking for files with “unusual” extensions, examples of which are shown in Figure 8. <br><br><img src='https://i0.wp.com/habrastorage.org/getpro/habr/post_images/d7f/865/693/d7f865693f7fcf13137598eeed0ecb58.jpg' width="100%" loading=lazy loading=lazy><br>Figure 8 - List of file extensions that are not typical for a regular web resource</p><p>As a result, at the command dorks google -D extensions.txt -f bank, from the very first request, google starts returning sites with "unusual" file extensions (see Figure 9). <br><br><img src='https://i2.wp.com/habrastorage.org/getpro/habr/post_images/107/e1f/a2f/107e1fa2f41c4169bcc254cba2f2f4b6.jpg' width="100%" loading=lazy loading=lazy><br>Figure 9 - Search for "bad" file types on banking sites</p><p>Keep in mind that Google does not accept requests longer than 32 words.</p><p>With dorks google –d intext:”error|warning|notice|syntax” –f university <br>You can look for PHP interpreter errors on educational sites (see Figure 10). <br><br><img src='https://i0.wp.com/habrastorage.org/getpro/habr/post_images/717/74f/e36/71774fe3656bfc058c42d43262fdec4a.jpg' width="100%" loading=lazy loading=lazy><br>Figure 10 - Finding PHP Runtime Errors</p><p>Sometimes it is not convenient to use one or two categories of dorks. <br>For example, if you know that the site is running on the wordpress engine, then you need dorks specifically for wordpress. In this case, it is convenient to use the Google Hack Database search. dorks ghdb –q wordpress –o wordpress_dorks.txt will download all wordpress dorks, as shown in Figure 11: <br><br><img src='https://i2.wp.com/habrastorage.org/getpro/habr/post_images/dcb/ac9/a4e/dcbac9a4eb12f6ec775d9cccc2fdee87.jpg' width="100%" loading=lazy loading=lazy><br>Figure 11 - Search for dorks related to Wordpress</p><p>Let's go back to banks again and with the command dorks google -D wordpress_dords.txt -f bank we will try to find something interesting related to wordpress (see Figure 12). <br><br><img src='https://i2.wp.com/habrastorage.org/getpro/habr/post_images/042/0c2/c43/0420c2c435931704288b171f725ccc6a.jpg' width="100%" loading=lazy loading=lazy><br>Figure 12 - Searching for Wordpress vulnerabilities</p><p>It is worth noting that Google Hack Database search does not accept words shorter than 4 characters. For example, if the site's CMS is not known, but the language is known - PHP. In this case, you can filter what you need manually using the pipe and the dorks system search utility –c all | findstr /I php > php_dorks.txt (see figure 13): <br><br><img src='https://i0.wp.com/habrastorage.org/getpro/habr/post_images/4c1/2f8/6e1/4c12f86e111074293c14d6a939c6ebab.jpg' width="100%" loading=lazy loading=lazy><br>Figure 13 - Search through all dorks where there is a mention of PHP</p><p>Searching for vulnerabilities or some sensitive information in a search engine should be searched only if there is a significant index on this site. For example, if a site has 10-15 pages indexed, then it is silly to look for something in this way. Checking the index size is easy - just enter into the string <a href="https://bar812.ru/en/kak-iskat-v-yandekse-i-google-pravilno---otkryvaem-nekotorye-sekrety-vse.html">google search</a> site:somesite.com. An example of a site with an insufficient index is shown in Figure 14. <br><br><img src='https://i1.wp.com/habrastorage.org/getpro/habr/post_images/78e/1db/b4f/78e1dbb4fc78cd422cec311fc2ca9d33.jpg' width="100%" loading=lazy loading=lazy><br>Figure 14 - Checking the site index size</p><p>Now about the unpleasant... From time to time, google may request a captcha - there's nothing to be done - it will have to be entered. For example, when sorting through the “Error Messages” category (90 dorks), the captcha fell out only once.</p><p>It is worth adding that phantomjs also supports work through a proxy, both through http and through the socks interface. To enable proxy mode, uncomment the corresponding line in dorks.bat or dorks.sh.</p><p>The tool is available as source code</p>
<p><i>search engine <a href="https://bar812.ru/en/pri-pokupke-novogo-smartfona-kak-perenesti-prilozheniya-kak.html">Google system</a>(www.google.com) provides many search options. All of these features are an invaluable search tool for a first-time Internet user and at the same time an even more powerful weapon of invasion and destruction in the hands of people with evil intentions, including not only hackers, but also non-computer criminals and even terrorists. <br><b>(9475 views in 1 week)</b>
</i></p>
<p>Denis Batrankov <br>denisNOSPAMixi.ru</p>
<p><b>Attention:</b><i>This article is not a guide to action. This article is written for you, WEB server administrators, so that you will lose the false feeling that you are safe, and you will finally understand the insidiousness of this method of obtaining information and set about protecting your site.</i></p>
<h2>Introduction</h2>
<p>For example, I found 1670 pages in 0.14 seconds!</p>
<p><b>2.
</b> Let's enter another line, for example:</p>
<b> <a target="_blank" href="http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=inurl:%22auth_user_file.txt%22">inurl:"auth_user_file.txt"</a>
</b>
<p>a little less, but this is already enough for free download and for guessing passwords (using the same John The Ripper). Below I will give some more examples.</p>
<p>So, you need to realize that the Google search engine has visited most of the Internet sites and cached the information contained on them. This cached information allows you to get information about the site and the content of the site without a direct connection to the site, just digging into the information that is stored internally by Google. Moreover, if the information on the site is no longer available, then the information in the cache may still be preserved. All it takes for this method is to know some key <a href="https://bar812.ru/en/gugl-advords-sbor-klyuchevyh-slov-planirovshchik-klyuchevyh-slov-google-adwords.html">Google words</a>. This technique is called Google Hacking.</p>
<p>For the first time, information about Google Hacking appeared on the Bugtruck mailing list 3 years ago. In 2001, this topic was raised by a French student. Here is a link to this letter http://www.cotse.com/mailing-lists/bugtraq/2001/Nov/0129.html . It gives the first examples of such requests:</p>
<p><b>1) Index of /admin <br>2) Index of /password <br>3) Index of /mail <br>4) Index of / +banques +filetype:xls (for france...) <br>5) Index of / +passwd <br>6) Index of/password.txt</b></p>
<p>This topic has made a lot of noise in the English-reading part of the Internet quite recently: after an article by Johnny Long published on May 7, 2004. For a more complete study of Google Hacking, I advise you to go to the site of this author http://johnny.ihackstuff.com. In this article, I just want to bring you up to date.</p>
<p>Who can use it: <br>- Journalists, spies and all those people who like to stick their nose in other people's business can use this to search for compromising evidence. <br>- Hackers looking for suitable targets for hacking.</p>
<h2>How Google works.</h2>
<p>To continue the conversation, let me remind you of some of the keywords used in Google queries.</p>
<p><b>Search using the + sign</b></p>
<p>Google excludes unimportant, in its opinion, words from the search. For example, interrogative words, prepositions and articles in <a href="https://bar812.ru/en/longman-activate-umk-angliiskogo-yazyka-dlya-tineidzherov-ot-longman-php--.html">English language</a>: for example are, of, where. In Russian, Google seems to consider all words important. If the word is excluded from the search, then Google writes about it. In order for Google to start searching for pages with these words, you need to add a + sign before them without a space before the word. For example:</p>
<p><b>ace + of base</b></p>
<p><b>Search by sign -</b></p>
<p>If Google finds a large number of pages from which it is necessary to exclude pages with certain topics, then you can force Google to search only for pages that do not contain certain words. To do this, you need to indicate these words by putting a sign in front of each - without a space before the word. For example:</p>
<p><b>fishing - vodka</b></p>
<p><b>Search with the ~ sign</b></p>
<p>You may want to look up not only the specified word, but also its synonyms. To do this, precede the word with the symbol ~.</p>
<p><b>Finding an exact phrase using double quotes</b></p>
<p>Google searches on each page for all occurrences of the words that you wrote in the query string, and it does not care about the relative position of the words, the main thing is that all the specified words are on the page at the same time (this is the default action). To find the exact phrase, you need to put it in quotation marks. For example:</p>
<p><b>"bookend"</b></p>
<p>To have at least one of the specified words, you must specify <a href="https://bar812.ru/en/chto-oznachaet-v-yazyke-c-a-b-operatory-otnosheniya-i-logicheskie-operatory.html">logical operation</a> explicitly: OR. For example:</p>
<p><b>book safety OR protection</b></p>
<p>In addition, you can use the * sign in the search string to denote any word and. to represent any character.</p>
<p><b>Finding words with additional operators</b></p>
<p>Exist <a href="https://bar812.ru/en/kompanii-inurl-privat-bild-php-name-operatory-poiskovoi-sistemy-google-brutforsing.html">search operators</a>, which are specified in the search string in the format:</p>
<p><b>operator:search_term</b></p>
<p>The spaces next to the colon are not needed. If you insert a space after a colon, you will see an error message, and before it, Google will use them as <a href="https://bar812.ru/en/kak-sdelat-zagruzochnym-vneshnii-usb-hdd-zhestkii-disk-standartnymi.html">regular string</a> For search. <br>There are groups of additional search operators: languages - indicate in which language you want to see the result, date - limit the results for the past three, six or 12 months, occurrences - indicate where in the document you need to look for the string: everywhere, in the title, in the URL, domains - search the specified site or vice versa exclude it from the search, safe search - block sites containing the specified type of information and remove them from the search results pages. <br>However, some operators do not need an additional parameter, for example, the query " <b>cache:www.google.com</b>" can be called as a full search string, and some keywords, on the contrary, require a search word, for example " <b>site:www.google.com help</b>". In the light of our topic, let's look at the following operators:</p>
<table border="1" cellpadding="0" cellspacing="0"><tr><td valign="top"><p><b>Operator</b></p>
</td>
<td valign="top"><p><b>Description</b></p>
</td>
<td valign="top"><p><b>Requires <a href="https://bar812.ru/en/ne-yarkii-ekran-na-noutbuke-chto-delat-izmenyaem-yarkost-ekrana-noutbuka-s-pomoshchyu.html">additional parameter</a>?
</b></p>
</td>
</tr><tr><td valign="top">
</td>
<td valign="top"><p>search only for the site specified in search_term</p>
</td>
<td valign="top">
</td>
</tr><tr><td valign="top">
</td>
<td valign="top"><p>search only in documents with type search_term</p>
</td>
<td valign="top">
</td>
</tr><tr><td valign="top">
</td>
<td valign="top">
</td>
<td valign="top">
</td>
</tr><tr><td valign="top">
</td>
<td valign="top">
</td>
<td valign="top">
</td>
</tr><tr><td valign="top">
</td>
<td valign="top"><p>find pages containing search_term in title</p>
</td>
<td valign="top">
</td>
</tr><tr><td valign="top">
</td>
<td valign="top"><p>find pages containing all the words search_term in the title</p>
</td>
<td valign="top">
</td>
</tr><tr><td valign="top">
</td>
<td valign="top"><p>find pages containing the word search_term in their address</p>
</td>
<td valign="top">
</td>
</tr><tr><td valign="top">
</td>
<td valign="top"><p>find pages containing all the words search_term in their address</p>
</td>
<td valign="top">
</td>
</tr></table><p>Operator <b>site:</b> limits the search to only the specified site, and you can specify not only <a href="https://bar812.ru/en/chto-nuzhno-dlya-sozdaniya-registratora-domenov-kak-zaregistrirovat-domennoe.html">Domain name</a> but also the IP address. For example, enter:</p>
<p>Operator <b>filetype:</b> restricts searches to files of a certain type. For example:</p>
<p>As of the date of the article, Google can search within 13 different file formats:</p>
<ul><li>Adobe Portable Document Format (pdf)</li>
<li>Adobe PostScript (ps)</li>
<li>Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)</li>
<li>Lotus Word Pro (lwp)</li>
<li>MacWrite(mw)</li>
<li><a href="https://bar812.ru/en/ubiraetsya-nol-v-eksele-udalenie-nulevyh-znachenii-v-microsoft-excel.html">Microsoft Excel</a>(xls)</li>
<li>Microsoft PowerPoint (ppt)</li>
<li><a href="https://bar812.ru/en/skachat-programmu-na-kompyuter-microsoft-word-skachat-besplatno.html">Microsoft Word</a>(doc)</li>
<li>Microsoft Works (wks, wps, wdb)</li>
<li>Microsoft Write (wri)</li>
<li>Rich Text Format (rtf)</li>
<li><a href="https://bar812.ru/en/plagin-shockwave-flash-skachat-dlya-yandex-obnovlenie-flash-player-chem-otlichayutsya-dva.html">Shockwave Flash</a>(swf)</li>
<li>Text (ans, txt)</li>
</ul><p>Operator <b>link:</b> shows all pages that point to the specified page. <br>It must always be interesting to see how many places on the Internet know about you. We try:</p>
<p>Operator <b>cache:</b> shows the Google cached version of the site as it looked when <a href="https://bar812.ru/en/skolko-stoit-akkaunt-razrabotchika-google-play-kak-dobavlyat-igry-v-google-play.html">google latest</a> visited this page once. We take any frequently changing site and look:</p>
<p>Operator <b>title:</b> searches for the specified word in the page title. Operator <b>allintitle:</b> is an extension - it looks for all the specified few words in the page title. Compare:</p>
<p><b>intitle:flight to mars <br>intitle:flight intitle:on intitle:mars <br>allintitle:flight to mars</b></p>
<p>Operator <b>inurl:</b> causes Google to show all pages containing the specified string in the URL. allinurl: searches for all words in a URL. For example:</p>
<p><b>allinurl:acid_stat_alerts.php</b></p>
<p>This command is especially useful for those who don't have SNORT - at least they can see how it works on a real system.</p>
<h2>Google Hacking Methods</h2>
<p>So, we found out that using a combination of the above operators and keywords, anyone can start collecting <a href="https://bar812.ru/en/ne-vidit-fleshku-transcend-32-gb-onlain-pereproshivka-fleshki.html">necessary information</a> and looking for vulnerabilities. These techniques are often referred to as Google Hacking.</p>
<h3>site `s map</h3>
<p>You can use the site: statement to see all the links that Google has found on the site. Usually, pages that are dynamically created by scripts are not indexed using parameters, so some sites use ISAPI filters so that links are not in the form <b>/article.asp?num=10&dst=5</b>, but with slashes <b>/article/abc/num/10/dst/5</b>. This is done to ensure that the site is generally indexed by search engines.</p>
<p>Let's try:</p>
<p><b>site:www.whitehouse.gov whitehouse</b></p>
<p>Google thinks that every page on a site contains the word whitehouse. This is what we use to get all the pages. <br>There is also a simplified version:</p>
<p><b>site:whitehouse.gov</b></p>
<p>And the best part is that the comrades from whitehouse.gov didn't even know that we looked at the structure of their site and even looked into the cached pages that Google downloaded for itself. This can be used to study the structure of sites and view content without being noticed for the time being.</p>
<h3>Listing files in directories</h3>
<p>WEB servers can show server directory listings instead of <a href="https://bar812.ru/en/html-kod-raskryvayushchegosya-spiska-sozdanie-formy-v-html-obychnyi-html-css.html">regular HTML</a> pages. This is usually done to force users to select and download specific files. However, in many cases administrators have no intention of showing the contents of a directory. This occurs due to incorrect server configuration or lack of <a href="https://bar812.ru/en/kak-nastroit-glavnuyu-stranicu-yandeksa-po-umolchaniyu-kak-izmenit.html">home page</a> in the directory. As a result, the hacker has a chance to find something interesting in the directory and use it for his own purposes. To find all such pages, it is enough to notice that they all contain the words: index of in their title. But since the index of words contain not only such pages, we need to refine the query and take into account the keywords on the page itself, so queries like:</p>
<p><b>intitle:index.of parent directory <br>intitle:index.of name size</b></p>
<p>Since most directory listings are intentional, you may have a hard time finding misplaced listings the first time. But at least you can already use the listings to define <a href="https://bar812.ru/en/http-in-galaxy-com-web-8-versiya-galaxy-galaktika-znakomstv-v-vashem-smartfone-chto.html">WEB versions</a> server as described below.</p>
<h3>Getting the WEB server version.</h3>
<p>Knowing the WEB server version is always helpful before starting any hacker attack. Again thanks to Google it is possible to get this information without connecting to a server. If you carefully look at the directory listing, you can see that the name of the WEB server and its version are displayed there.</p>
<p><b>Apache1.3.29 - ProXad Server at trf296.free.fr Port 80</b></p>
<p>An experienced administrator can change this information, but, as a rule, it is true. Thus, to get this information, it is enough to send a request:</p>
<p><b>intitle:index.of server.at</b></p>
<p>To get information for a specific server, we refine the request:</p>
<p><b>intitle:index.of server.at site:ibm.com</b></p>
<p>Or vice versa, we are looking for servers running on a specific version of the server:</p>
<p><b>intitle:index.of Apache/2.0.40 Server at</b></p>
<p>This technique can be used by a hacker to find a victim. If, for example, he has an exploit for a certain version of the WEB server, then he can find it and try the existing exploit.</p>
<p>You can also get the server version by looking at the pages that are installed by default when installing a fresh version of the WEB server. For example, to see the Apache 1.2.6 test page, just type</p>
<p><b>intitle:Test.Page.for.Apache it.worked!</b></p>
<p>Moreover, some <a href="https://bar812.ru/en/kak-uznat-operacionnuyu-sistemu-kompyutera-s-pomoshchyu.html">Operating Systems</a> during installation, they immediately install and launch the WEB server. However, some users are not even aware of this. Naturally, if you see that someone has not deleted the default page, then it is logical to assume that the computer has not been subjected to any configuration at all and is probably vulnerable to attacks.</p>
<p>Try to find IIS 5.0 pages</p>
<p><b>allintitle:Welcome to Windows 2000 Internet Services</b></p>
<p>In the case of IIS, you can determine not only the version of the server, but also <a href="https://bar812.ru/en/kak-obnovit-win7-do-maksimalnoi-povyshenie-versii-windows-s.html">Windows version</a> and service pack.</p>
<p>Another way to determine the version of the WEB server is to look for manuals (help pages) and examples that can be installed on the site by default. Hackers have found quite a few ways to use these components to gain privileged access to the site. That is why you need to remove these components on the production site. Not to mention the fact that by the presence of these components you can get information about the type of server and its version. For example, let's find the apache manual:</p>
<p><b>inurl:manual apache directives modules</b></p>
<h3>Using Google as a CGI scanner.</h3>
<p>CGI scanner or WEB scanner is a utility for searching for vulnerable scripts and programs on the victim's server. These utilities need to know what to look for, for this they have a whole list of vulnerable files, for example:</p>
<p><b>/cgi-bin/cgiemail/uargg.txt <br>/random_banner/index.cgi <br>/random_banner/index.cgi <br>/cgi-bin/mailview.cgi <br>/cgi-bin/maillist.cgi <br>/cgi-bin/userreg.cgi <br><br>/iissamples/ISSamples/SQLQHit.asp <br>/SiteServer/admin/findvserver.asp <br>/scripts/cphost.dll <br>/cgi-bin/finger.cgi</b></p>
<p>We can find each of these files using Google, additionally using the words index of or inurl with the file name in the search bar: we can find sites with vulnerable scripts, for example:</p>
<p><b>allinurl:/random_banner/index.cgi</b></p>
<p>With additional knowledge, a hacker could exploit a script vulnerability and use the vulnerability to force the script to serve any file stored on the server. For example a password file.</p>
<h2>How to protect yourself from being hacked through Google.</h2>
<h4>1. Do not upload important data to the WEB server.</h4>
<p>Even if you posted the data temporarily, you can forget about it or someone will have time to find and take this data before you erase it. Don't do it. There are many other ways to transfer data that protect it from theft.</p>
<h4>2. Check your site.</h4>
<p>Use the described methods to research your site. Check your site periodically for new methods that appear on the site http://johnny.ihackstuff.com. Remember that if you want to automate your actions, you need to get special permission from Google. If you carefully read <a target="_blank" href="http://www.google.com/terms_of_service.html">http://www.google.com/terms_of_service.html</a>, then you will see the phrase: You may not send automated queries of any sort to Google's system without express permission in advance from Google.</p>
<h4>3. You may not need Google to index your site or part of it.</h4>
<p>Google allows you to remove a link to your site or part of it from its database, as well as remove pages from the cache. In addition, you can prohibit the search for images on your site, prohibit the display of short fragments of pages in search results All the possibilities for deleting a site are described on the page <a target="_blank" href="http://www.google.com/remove.html">http://www.google.com/remove.html</a>. To do this, you must confirm that you are really the owner of this site or insert tags on the page or</p>
<h4>4. Use robots.txt</h4>
<p>It is known that search engines look into the robots.txt file at the root of the site and do not index those parts that are marked with the word <b>Disallow</b>. You can use this to prevent part of the site from being indexed. For example, to avoid indexing the entire site, create a robots.txt file containing two lines:</p>
<p><b>User-agent: * <br>disallow: /</b></p>
<h2>What else happens</h2>
<p>So that life does not seem like honey to you, I will say in the end that there are sites that follow those people who, using the above methods, look for holes in scripts and <a href="https://bar812.ru/en/inurl-single-php-id-chaemyi-instrukciya-po-ispolzovaniyu-jsql-injection-mnogofunkcionalnogo.html">WEB servers</a>. An example of such a page is</p>
<h2>Application.</h2>
<p>A little sweet. Try one of the following for yourself:</p>
<p>1. #mysql dump filetype:sql - search for database dumps <a href="https://bar812.ru/en/vordpress-voiti-v-adminku-vhod-v-adminku-wordpress-sbrosit.html">mySQL data</a><br>2. Host Vulnerability Summary Report - will show you what vulnerabilities other people have found <br>3. phpMyAdmin running on inurl:main.php - this will force close the control via phpmyadmin panel <br>4. Not for distribution confidential <br>5. Request Details Control Tree Server Variables <br>6. Running in child mode <br>7. This report was generated by WebLog <br>8. intitle:index.of cgiirc.config <br>9. filetype:conf inurl:firewall -intitle:cvs - maybe someone needs firewall configuration files? :) <br>10. intitle:index.of finances.xls - hmm.... <br>11. intitle:Index of dbconvert.exe chats - icq chat logs <br>12. intext:Tobias Oetiker traffic analysis <br>13. intitle:Usage Statistics for Generated by Webalizer <br>14. intitle:statistics of advanced web statistics <br>15. intitle:index.of ws_ftp.ini - ws ftp config <br>16. inurl:ipsec.secrets holds shared secrets - secret key - good find <br>17. inurl:main.php Welcome to phpMyAdmin <br>18. inurl:server-info Apache Server Information <br>19. site:edu admin grades <br>20. ORA-00921: unexpected end of SQL command - get paths <br>21. intitle:index.of trillian.ini <br>22. intitle:Index of pwd.db <br>23. intitle:index.of people.lst <br>24. intitle:index.of master.passwd <br>25.inurl:passlist.txt <br>26. intitle:Index of .mysql_history <br>27. intitle:index of intext:globals.inc <br>28. intitle:index.of administrators.pwd <br>29. intitle:Index.of etc shadow <br>30. intitle:index.of secring.pgp <br>31. inurl:config.php dbuname dbpass <br>32. inurl:perform filetype:ini</p><li>"Hacking mit Google"</li>
<span>
<p>Training center "Informzaschita" http://www.itsecurity.ru - a leading specialized center in the field of education <a href="https://bar812.ru/en/zakon-ob-informacii-i-informacionnoi-bezopasnosti-osnovnye-zakony.html">information security</a>(License of the Moscow Committee of Education No. 015470, State Accreditation No. 004251). The only authorized <a href="https://bar812.ru/en/uchebno-metodicheskii-centr-yazykovoi-podgotovki-avtf-kc-process.html">Training Center</a> companies <a href="https://bar812.ru/en/besplatnyi-antivirus-comodo-internet-security-besplatnyi-antivirus-comodo.html">internet security</a> Systems and Clearswift in Russia and CIS countries. Microsoft authorized training center (Security specialization). Training programs are coordinated with the State Technical Commission of Russia, FSB (FAPSI). Certificates of training and state documents on advanced training.</p><p>SoftKey is a unique service for buyers, developers, dealers and affiliate partners. In addition, this is one of the best online software stores in Russia, Ukraine, Kazakhstan, which offers customers a wide range, many payment methods, prompt (often instant) order processing, tracking the order fulfillment process in the personal section, various discounts from the store and manufacturers ON.</p>
</span>
<p>And today I will tell you about another search engine that is used by pentesters / hackers - Google, more precisely about the hidden features of Google.</p><h2></h2><blockquote><p>What is google dorks?</p>
</blockquote><p>Google Dork or Google Dork Queries (GDQ) is a set of queries for identifying the worst security holes. Everything that is not properly hidden from search robots.</p><p>For brevity, such requests are called Google dorks or simply dorks, like those admins whose resources were hacked using GDQ.</p><h2>Google Operators</h2><p>To begin with, I would like to give a short list <a href="https://bar812.ru/en/skachivaem-i-ustanavlivaem-adb-draivery-i-fastboot-chto-takoe-adb-draivera.html">useful commands</a> Google. Among all the advanced Google search commands, we are mainly interested in these four:</p><ul><li>site - search for a specific site;</li><li>inurl - indicate that the search words should be part of the page / site address;</li><li>intitle - search operator in the title of the page itself;</li><li>ext or filetype - search for files of a specific type by extension.</li>
</ul><p>Also, when creating a Dork, you need to know several important operators that are set by special characters.</p><ul><li>| - the OR operator, also known as a vertical slash (logical or), indicates that you want to display results containing at least one of the words listed in the query.</li><li>"" - The quote operator indicates an exact match search.</li><li>- - the minus operator is used to exclude from the output of results with the words specified after the minus.</li><li>* - the asterisk operator, or the asterisk is used as a mask and means "anything".</li>
</ul><h2><span>Where to find Google Dorks</span></h2><p>The most interesting dorks are fresh, and the freshest are those that the pentester found himself. True, if you get too carried away with experiments, you will be banned from Google ... until you enter the captcha.</p><p>If there is not enough imagination, you can try to find fresh dorks on the net. The best site for finding dorks is Exploit-DB.</p><p>The Exploit-DB online service is a non-profit project of Offensive Security. If anyone is not in the know, this company is engaged in training in the field of information security, and also provides pentest (penetration testing) services.</p><p>The Exploit-DB database has <a href="https://bar812.ru/en/kak-ispravit-belyi-ekran-na-modx-posle-pereezda-ustanovka-modx.html">great amount</a> dorks and vulnerabilities. To search for dorks, go to exploit-db.com and go to the "Google Hacking Database" tab.</p><p>The database is updated daily. At the top you can find the latest additions. On the left side, the date the dork was added, the title and the category.</p> <br><img src='https://i2.wp.com/spy-soft.net/wp-content/uploads/najti-dorki-2.png' width="100%" loading=lazy loading=lazy>Exploit-DB website <p>At the bottom you will find dorks sorted by category.</p> <br><img src='https://i0.wp.com/spy-soft.net/wp-content/uploads/najti-dorki-3.png' width="100%" loading=lazy loading=lazy>Exploit-DB website <br><img src='https://i1.wp.com/spy-soft.net/wp-content/uploads/najti-dorki-4.png' width="100%" loading=lazy loading=lazy>Exploit-DB website <p>Another good site is google-dorking.com. There you can often find interesting, new dorks that don't always end up on Exploit-DB.</p><h2><span>Examples of using Google Dorks</span></h2><p>Here are examples of dorks. When experimenting with dorks, don't forget the disclaimer!</p><p><i>
</i> This material is for informational purposes only. It is addressed to specialists in the field of information security and those who are going to become them. The information contained in the article is provided for informational purposes only. Neither the editors of the site www.site nor the author of the publication bear any responsibility for any damage caused by the material in this article.</p><h3><span>Dorks for finding site problems</span></h3><p>Sometimes it is useful to study the structure of a site by getting a list of files on it. If the site is made on the WordPress engine, then the repair.php file stores the names of other PHP scripts.</p><p>The inurl tag tells Google to search for the first word in the link body. If we wrote allinurl, then the search would take place throughout the body of the link, and the search results would be more littered. Therefore, it is enough to make a request like this:</p><p>inurl:/maint/repair.php?repair=1</p><p>As a result, you will get a list of sites on WP, whose structure can be viewed via repair.php.</p> <br><img src='https://i1.wp.com/spy-soft.net/wp-content/uploads/gugl-dorki-1.png' width="100%" loading=lazy loading=lazy>We study the structure of the site on WP <p>A lot of problems for administrators are delivered by WordPress with undetected errors in the configuration. From the open log you can find out at least the names of scripts and downloaded files.</p><p>inurl:"wp-content/uploads/file-manager/log.txt"</p><p>In our experiment, the simplest request allowed us to find a direct link to the backup in the log and download it.</p> <br><img src='https://i0.wp.com/spy-soft.net/wp-content/uploads/gugl-dorki-2.png' width="100%" loading=lazy loading=lazy>Finding valuable information in WP logs <p>A lot of valuable information can be gleaned from the logs. It is enough to know how they look and how they differ from the mass of other files. For example, an open source interface for a database called pgAdmin creates a pgadmin.log service file. It often contains usernames, database column names, <a href="https://bar812.ru/en/programmu-dlya-nastroiki-repitera-tp-link-ustanovka-i-nastroika.html">internal addresses</a> and the like.</p><p>The log is found with an elementary query:</p><p>ext:log inurl:"/pgadmin"</p><p>There is an opinion that <a href="https://bar812.ru/en/razrabotka-sistemy-avtomaticheskogo-poiska-obektov-na-izobrazhenii-eclipse--.html">open source</a>- this is <a href="https://bar812.ru/en/avast-passwords-kod-aktivacii-prostoi-i-bezopasnyi-menedzher-parolei-ot-avast-eksport.html">secure code</a>. However, in itself, the openness of source codes means only the opportunity to explore them, and the goals of such research are far from always good.</p><p>For example, among frameworks for developing web applications, Symfony Standard Edition is popular. When deployed, it automatically creates a parameters.yml file in the /app/config/ directory, where it saves the name of the database, as well as the username and password.</p><p>You can find this file with the following query:</p><p>inurl:app/config/intext:parameters.yml intitle:index.of</p> <br><img src='https://i2.wp.com/spy-soft.net/wp-content/uploads/google-dorks.png' width="100%" loading=lazy loading=lazy>f Another file with passwords <p>Of course, then the password could be changed, but most often it remains the same as it was set at the deployment stage.</p><p>The open source UniFi API browser tool is increasingly being used in the corporate environment. It is used to manage segments <a href="https://bar812.ru/en/ne-udaetsya-podklyuchitsya-k-besprovodnoi-seti-kompyuteru-ne.html">wireless networks</a> created on the principle of "seamless Wi-Fi". That is, in an enterprise network deployment scheme in which many access points are controlled from a single controller.</p><p>The utility is designed to display data requested through Ubiquiti's UniFi Controller API. With its help, it is easy to view statistics, information about connected clients, and other information about the operation of the server through the UniFi API.</p><p>The developer honestly warns: “Please do keep in mind this tool exposes A LOT OF the information available in your controller, so you should somehow restrict access to it! There are no security controls built into the tool…”. But many do not seem to take these warnings seriously.</p><p>Knowing about this feature and asking another specific request, you will see a lot of service data, including application keys and passphrases.</p><p>inurl:"/api/index.php" intitle:UniFi</p><p>General search rule: first, we determine the most specific words that characterize the chosen goal. If it's a log file, what makes it different from other logs? If this is a file with passwords, then where and in what form can they be stored? Marker words are always found in some specific place - for example, in the title of a web page or its address. By limiting the search area and specifying exact markers, you will get a raw <a href="https://bar812.ru/en/chto-vliyaet-na-poiskovuyu-vydachu-v-yandekse-povedencheskie.html">search results</a>. Then clean it from debris, specifying the request.</p><h3><span>Dorks for finding open NAS</span></h3><p>Home and office network storages are popular these days. The NAS function is supported by many <a href="https://bar812.ru/en/vneshnii-zhestkie-diski-s-thunderbolt-obzor-vneshnego-nakopitelya-samsung-portable-ssd-x5.html">external drives</a> and routers. Most of their owners don't bother with security and don't even change default passwords like admin/admin. You can find popular NAS by the typical headings of their web pages. For example, a request:</p><p>intitle:"Welcome to QNAP Turbo NAS"</p><p>will return a list of NAS IPs produced by QNAP. It remains only to find among them weakly protected.</p><p>The QNAP cloud service (like many others) has the function of providing <a href="https://bar812.ru/en/kak-proverit-obshchii-dostup-k-setevoi-papke-windows-ne-mozhet-poluchit.html">public access</a> to files via a private link. The problem is that it's not that closed.</p><p>inurl:share.cgi?ssid=</p> <br><img src='https://i1.wp.com/spy-soft.net/wp-content/uploads/dorki.png' width="100%" loading=lazy loading=lazy>Finding shared files <p>This simple query shows files shared through the QNAP cloud. They can be viewed directly from the browser or downloaded for more detailed information.</p><h3><span>Dorks for searching IP cameras, media servers and web admin</span></h3><p>In addition to NAS, you can find a lot of other things with advanced Google searches. <a href="https://bar812.ru/en/propusknaya-sposobnost-kommutatora-klassy-kommutatorov-ethernet-sravnenie.html">network devices</a> managed via web interface.</p><p>The most common use for this is CGI scripting, so the main.cgi file is a promising target. However, he can meet anywhere, so it is better to clarify the request.</p><p>For example, adding to it a type call? next_file. As a result, we get a dork of the form:</p><p>inurl:"img/main.cgi?next_file"</p><p>In addition to cameras, media servers are similarly located, open to everyone. This is especially true for Twonky servers manufactured by Lynx Technology. They have a very recognizable name and default port 9000.</p><p>For cleaner search results, it is better to include the port number in the URL and exclude it from the text part of web pages. The request takes the form</p><p>intitle:"twonky server" inurl:"9000" -intext:"9000"</p> <br><img src='https://i2.wp.com/spy-soft.net/wp-content/uploads/dorki-google.png' width="100%" loading=lazy loading=lazy>Video library by year <p>Typically, a Twonky server is a huge media library that shares content via UPnP. Authorization on them is often disabled "for convenience."</p><h3><span>Dorks for finding vulnerabilities</span></h3><p>Big data is all the rage right now: it is believed that if you add Big Data to anything, it will magically work better. In reality, there are very few real experts on this topic, and with a default configuration, big data leads to big vulnerabilities.</p><p>Hadoop is one of the easiest ways to compromise tera- and even petabytes of data. This open source platform contains well-known headers, port numbers and service pages that make it easy to find the nodes it manages.</p><p>intitle:"Namenode information" AND inurl:":50070/dfshealth.html"</p> <br><img src='https://i1.wp.com/spy-soft.net/wp-content/uploads/chto-takoe-google-dorks-2.png' width="100%" loading=lazy loading=lazy>Big Data? Big vulnerabilities! <p>With this concatenation query, we get a search result with a list of vulnerable systems based on Hadoop. You can walk through the HDFS file system directly from the browser and download any file.</p><p>Google Dorki is a powerful tool for any pentester, which not only an information security specialist should know about, but also <a href="https://bar812.ru/en/sravnenie-naushnikov-xiaomi-hybrid-pro-hd-xiaomi-hybrid-pro-hd---tr-hdraivernye-naushniki.html">ordinary user</a> networks.</p>
<h1>How to search using google.com</h1>
<p>Everyone probably knows how to use this <a href="https://bar812.ru/en/poiskovye-sistemy-rossii-i-lidiruyushchie-poiskoviki-interneta-kakaya.html">search engine</a>, like Google =) But not everyone knows that if you correctly compose a search query using special structures, you can achieve the results of what you are looking for much more efficiently and faster =) In this article I will try to show what and how you need to do in order to search correctly</p><p>Google supports several advanced search operators that have special meaning when searching on google.com. Typically, these operators change the search, or even tell Google to do the whole thing. <a href="https://bar812.ru/en/konstrukcii-antenn-dlya-razlichnyh-diapazonov-radiovoln.html">different types</a> search. For example, the construction <b>link:</b> is a special operator, and the query <u>link:www.google.com</u> will not give you a normal search, but will instead find all web pages that have links to google.com. <br>alternative request types</p><p><b>cache:</b> If you include other words in the query, Google will highlight those included words within the cached document. <br>For example, <u>cache:www.web site</u> will show the cached content with the word "web" highlighted.</p><p><b>link:</b> the above search query will show web pages that contain links to the specified query. <br>For example: <u>link:www.website</u> will display all pages that have a link to http://www.site</p><p><b>related:</b> Displays web pages that are "related" to the specified web page. <br>For example, <u>related: www.google.com</u> will list web pages that are similar <a href="https://bar812.ru/en/yandeks-domashnyaya-stranica-sdelat-startovoi-avtomaticheski-kak.html">home page</a> Google.</p><p><b>info:</b> Request Information: will provide some information that Google has about the requested web page. <br>For example, <u>info:website</u> will show information about our forum =) (Armada - Forum of adult webmasters).</p><p><b>Other information requests</b> </p><p><b>define:</b> The define: query will provide a definition of the words you type after this, compiled from various online sources. The definition will be for the entire phrase entered (that is, it will include all words in the exact query).</p><p><b>stocks:</b> If you start a query with stocks: Google will treat the rest of the query terms as stock tickers, and link to a page showing the prepared information for those characters. <br>For example, <u>stocks: intel yahoo</u> will show information about Intel and Yahoo. (Note that you must type the characters <a href="https://bar812.ru/en/programma-po-vossoedineniyu-narodov-donbassa-lnr-gumanitarnaya.html">latest news</a>, not company name)</p><p><b>Request Modifiers</b></p><p><b>site:</b> If you include site: in your query, Google will limit the results to the websites it finds in that domain. <br>You can also search for individual zones, such as ru, org, com, etc ( <u>site:com</u> <u>site:ru</u>) </p><p><b>allintitle:</b> If you run a query with allintitle:, Google will limit the results with all the query words in the title. <br>For example, <u>allintitle: google search</u> will return all Google search pages like images, Blog, etc</p><p><b>title:</b> If you include intitle: in your query, Google will restrict results to documents containing that word in the title. <br>For example, <u>title:Business</u></p><p><b>allinurl:</b> If you run a query with allinurl: Google will limit the results with all the query words in the URL. <br>For example, <u>allinurl: google search</u> will return documents with google and search in the title. Also, as an option, you can separate words with a slash (/) then the words on both sides of the slash will be searched within the same page: Example <u>allinurl: foo/bar</u></p><p><b>inurl:</b> If you include inurl: in your query, Google will limit the results to documents containing that word in the URL. <br>For example, <u>Animation inurl:website</u></p><p><b>intext:</b> searches only in the text of the page for the specified word, ignoring the title and texts of links, and other things not related to. There is also a derivative of this modifier - <b>allintext:</b> those. further, all words in the query will be searched only in the text, which is also important, ignoring frequently used words in links <br>For example, <u>intext:forum</u> </p><p><b>daterange:</b> searches in time frames (daterange:2452389-2452389), dates for time are specified in Julian format.</p><p><b>Well, and all sorts <a href="https://bar812.ru/en/svoimi-rukami-arduino---elektronnyi-konstruktor-delaem-shild.html">interesting examples</a> requests</b> </p><p><u>Examples of compiling queries for Google. For spammers</u> </p><p>inurl:control.guest?a=sign</p><p>Site:books.dreambook.com “Homepage URL” “Sign my” inurl:sign</p><p>Site:www.freegb.net Homepage</p><p>Inurl:sign.asp "Character Count"</p><p>"Message:" inurl:sign.cfm "Sender:"</p><p>inurl:register.php “User Registration” “Website”</p><p>Inurl:edu/guestbook “Sign the Guestbook”</p><p>Inurl:post "Post Comment" "URL"</p><p>Inurl:/archives/ “Comments:” “Remember info?”</p><p>“Script and Guestbook Created by:” “URL:” “Comments:”</p><p>inurl:?action=add “phpBook” “URL”</p><p>Intitle:"Submit New Story"</p><p><u>Magazines</u> </p><p>inurl:www.livejournal.com/users/mode=reply</p><p>inurl greatestjournal.com/mode=reply</p><p>Inurl:fastbb.ru/re.pl?</p><p>inurl:fastbb.ru /re.pl? "Guest book"</p><p><u>Blogs</u> </p><p>Inurl:blogger.com/comment.g?”postID”"anonymous"</p><p>Inurl:typepad.com/ “Post a comment” “Remember personal info?”</p><p>Inurl:greatestjournal.com/community/ “Post comment” “addresses of anonymous posters”</p><p>“Post comment” “addresses of anonymous posters” -</p><p>Intitle:"Post comment"</p><p>Inurl:pirillo.com “Post comment”</p><p><u>Forums</u> </p><p>Inurl:gate.html?”name=Forums” “mode=reply”</p><p>inurl:”forum/posting.php?mode=reply”</p><p>inurl:”mes.php?”</p><p>inurl:”members.html”</p><p>inurl:forum/memberlist.php?”</p>
<p>Surely you have heard more than once about such a wonderful search engine as Google. I suppose you have had to use it more than once when you wanted to learn something. But did you find what you wanted? If you search Google as often as I do, I think you'll find this article useful because it's designed to make your search faster and more efficient. So, let's start with a little history... <br><br>Google is a corruption of the English word "googol", coined by Milton Sirotta, nephew of the American mathematician Edward Kaiser, to denote a number consisting of one and one hundred zeros. Now the name Google is the leader of Internet search engines, developed by Google Inc.</p><p>Google holds more than 70% of the global market, which means that seven out of ten people on the web turn to its page in search of information on the Internet. Now registers about 50 million messages daily. <a href="https://bar812.ru/en/servis-dlya-gruppirovki-klyuchevyh-zaprosov-klasterizaciya.html">search queries</a> and indexes over 8 billion web pages. Google can find information in 101 languages. Google at the end of August 2004 consisted of 132 thousand machines located in different parts of the world.</p><p>Google uses an intelligent text analysis technique that allows you to search for important and at the same time relevant pages for your query. To do this, Google analyzes not only the page that matches the query, but also the pages that link to it, to determine the value of this page for the purposes of your query. In addition, Google prefers pages where the keywords you enter are close to each other.</p><p>The Google interface contains a rather complex query language that allows you to limit the search scope to individual domains, languages, file types, etc. Using some of the operators of this language allows you to make the process of finding the necessary information more flexible and accurate. Let's consider some of them.</p><p>Logical "AND" (AND): <br>By default, when writing query words separated by a space, Google looks for documents that contain all of the query words. This corresponds to the AND operator. Those. a space is equivalent to the AND operator.</p><p>For example: <br>Cats dogs parrots zebras <br>Cats AND dogs AND parrots AND zebras <br>(both queries are the same)</p><p>Logical "OR" (OR): <br>Written using the OR operator. Note that the OR operator must be written <a href="https://bar812.ru/en/propisnoi-shrift-css-delaem-zaglavnye-bukvy-css-stilyami-s.html">capital letters</a>. Relatively recently, it became possible to write a logical "OR" in the form <a href="https://bar812.ru/en/linii-gorizontalnye-i-vertikalnye-html-html---cherta---krasivaya-gorizontalnaya.html">vertical bar</a>(|), similar to how it is done in Yandex. Used to search with multiple options for the required information.</p><p>For example: <br>Dachshunds longhaired OR smoothhaired <br>Dachshunds, longhaired | smooth-haired <br>(both queries are the same)</p><p>Remember that Google queries are not case sensitive! Those. queries Greenland and Greenland will be exactly the same.</p><p>Plus operator (+): <br>There are situations when you need to force the inclusion of a word in the text that may have spelling variants. To do this, use the "+" operator before the required word. Let's say if we have a query for Home Alone I, the result of the query will be unnecessary information about "Home Alone II", "Home Alone III" and very little about "Home Alone I". If we have a query like Home Alone +I, the result will be information only about the movie "Home Alone I".</p><p>For example: <br>Newspaper + Dawn <br>Bernoulli equation + math</p><p>Exclude words from the query. Logical "NOT" (-): <br>As you know, information garbage is often encountered when compiling a request. To remove it, the standard exception operators are used - the logical "NOT". In Google, such an operator is represented by a minus sign. Using this operator, you can exclude from the search results those pages that contain certain words in the text. Used like the "+" operator before the word to be excluded.</p><p>For example: <br>Crane well-bird <br>Dead Souls - a novel</p><p>Search for an exact phrase (""): <br>Searching for the exact phrase in practice is required either to search for the text of a particular work, or to search for certain products or companies in which the name or part of the description is a consistently repeating phrase. To cope with such a task with the help of Google, you need to enclose the query in quotation marks (double quotation marks are meant, which are used, for example, to highlight direct speech).</p><p>For example: <br>The work "Quiet Don" <br>“It was cold outside, although this did not prevent Boris from carrying out what was planned”</p><p>By the way, Google allows you to enter no more than 32 words in the query string!</p><p>Word truncation (*): <br>Sometimes it is required to search for information about a word combination of words in which one or more words are unknown. For these purposes, instead of unknown words, the "*" operator is used. Those. "*" - any word or group of words.</p><p>For example: <br>Master and * <br>Leonardo * Vinci</p><p>cache statement: <br>The search engine stores the version of the text that is indexed by the search spider in a special store in a format called a cache. A cached version of a page can be retrieved if the original page is not available (for example, the server on which it is stored is down). The cached page is shown as it is stored in the database <a href="https://bar812.ru/en/kak-otkryt-zablokirovan-kak-oboiti-it-zaprety-na-rabote-kesh-poiskovyh.html">search engine</a> and is accompanied by an inscription at the top of the page stating that this is a page from the cache. It also contains information about when the cached version was created. On the page from the cache, the keywords of the query are highlighted, and each word is highlighted in its own color for the convenience of the user. You can create a query that will immediately return a cached version of the page with a specific address: cache: page_address, where instead of “page_address” is the address of the page stored in the cache. If you want to find some information in the cached page, you need to write a request for this information after the page address, separated by a space.</p><p>For example: <br>cache:www.bsd.com <br>cache:www.knights.ru tournaments</p><p>It must be remembered that there should not be a space between ":" and the page address!</p><p>filetype parator: <br>As you know, Google indexes not only <a href="https://bar812.ru/en/grafika-na-web-stranice-v-html-dobavlyaem-izobrazheniya-na-web-stranicu-a-eshche.html">html pages</a>. If, for example, you need to find some information in a different <a href="https://bar812.ru/en/k-kakomu-tipu-otnositsya-fail-proba-html-test-failovaya-sistema.html">html type</a> file, you can use the filetype operator, which allows you to search for information in a specific file type (html, pdf, doc, rtf...).</p><p>For example: <br>specification html filetype:pdf <br>Compositions filetype:rtf</p><p>info operator: <br>The info operator allows you to see the information that Google knows about this page.</p><p>For example: <br>info: www.wiches.ru <br>info:www.food.healthy.com</p><p>site operator: <br>This operator limits the search to a specific domain or site. That is, if you make a request: marketing intelligence site: www.acfor-tc.ru, then the results will be obtained from pages containing the words "marketing" and "intelligence" on the site "acfor-tc.ru", and not in others parts of the Internet.</p><p>For example: <br>Music site: www.music.su <br>Books site:en</p><p>link operator: <br>This operator allows you to see all pages that link to the page on which the request was made. For example, a query link:www.google.com will return pages that have links to google.com.</p><p>For example: <br>link:www.ozone.com <br>Friends link:www.happylife.ru</p><p>allintitle operator: <br>If the query starts with the allintitle operator, which translates as "everything in the title", then Google will return texts in which all the words of the query are contained in the titles (inside the TITLE tag in HTML).</p><p>For example: <br>allintitle: Free software <br>allintitle: Download music albums</p><p>title operator: <br>Shows pages where only the word immediately after the intitle statement is contained in the title, and all other query words can be anywhere in the text. Putting the intitle operator before each query word is equivalent to using the allintitle operator.</p><p>For example: <br>Programs intitle: Download <br>intitle: Free intitle: download software</p><p>allinurl operator: <br>If the query begins with the allinurl operator, then the search is limited to those documents in which all query words are contained only in the page address, that is, in the url.</p><p>For example: <br>allinurl:eng games <br>allinurl:books fantasy</p><p>inurl operator: <br>The word that is located directly adjacent to the inurl operator will be found only in the address of the Internet page, and the remaining words will be found anywhere in such a page.</p><p>For example: <br>inurl:books download <br>inurl:games crack</p><p>related operator: <br>This operator describes pages that "look like" a particular page. For example, the query related:www.google.com will return pages with similar topics to Google.</p><p>For example: <br>related:www.ozone.com <br>related:www.nnm.ru</p><p>define statement: <br>This operator acts as a kind of <a href="https://bar812.ru/en/znachenie-slova-oblaka-iz-cvetov-znachenie-slova-oblako-v.html">explanatory dictionary</a>, which allows you to quickly get the definition of the word that is entered after the operator.</p><p>For example: <br>define: Kangaroo <br>define: Motherboard</p><p>Synonym search operator (~): <br>If you want to find texts containing not only your keywords, but also their synonyms, you can use the "~" operator before the word you want to find synonyms for.</p><p>For example: <br>Types of ~metamorphoses <br>~Object Orientation</p><p>Range operator (..): <br>For those who have to work with numbers, Google has made it possible to search for ranges between numbers. In order to find all pages containing numbers in a certain range "from - to", it is necessary to put two points (..) between these extreme values, that is, the range operator.</p><p>For example: <br>Buy book $100..$150 <br>Population 1913..1935</p><p>Here are all the query language operators I know of on Google. I hope they somehow make it easier for you to find the information you need. In any case, I use them very often and I can say with confidence that when using them, I spend much less time searching than without them.</p><p>Good luck! And may the Force be with you.</p><p>Tags: search, operators, google</p>
<script>document.write("<img style='display:none;' src='//counter.yadro.ru/hit;artfast_after?t44.1;r"+
escape(document.referrer)+((typeof(screen)=="undefined")?"":
";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth?
screen.colorDepth:screen.pixelDepth))+";u"+escape(document.URL)+";h"+escape(document.title.substring(0,150))+
";"+Math.random()+
"border='0' width='1' height='1' loading=lazy loading=lazy>");</script>
</div>
</div>
</div>
<div class="td-pb-span4 td-main-sidebar" role="complementary">
<div class="td-ss-main-sidebar">
</div>
</div>
</div>
</div>
</article>
<script type="text/javascript">
try {
var sbmt = document.getElementById('submit'),
npt = document.createElement('input'),
d = new Date(),
__ksinit = function() {
sbmt.parentNode.insertBefore(npt, sbmt);
};
npt.value = d.getUTCDate() + '' + (d.getUTCMonth() + 1) + 'uniq9065';
npt.name = 'ksbn_code';
npt.type = 'hidden';
sbmt.onmousedown = __ksinit;
sbmt.onkeypress = __ksinit;
} catch (e) {}
</script>
<div class="td-sub-footer-container td-container-wrap ">
<div class="td-container ">
<div class="td-pb-row ">
<div class="td-pb-span td-sub-footer-menu "></div>
<div class="td-pb-span
td-sub-footer-copy ">2022 bar812.ru. Just about the complex. Programs. Iron. Internet. Windows</div>
</div>
</div>
</div>
</div>
<script data-cfasync="false" type="text/javascript">
if (window.addthis_product === undefined) {
window.addthis_product = "wpwt";
}
if (window.wp_product_version === undefined) {
window.wp_product_version = "wpwt-3.1.2";
}
if (window.wp_blog_version === undefined) {
window.wp_blog_version = "4.9.1";
}
if (window.addthis_share === undefined) {
window.addthis_share = {};
}
if (window.addthis_config === undefined) {
window.addthis_config = {
"data_track_clickback": true,
"ui_language": "ru",
"ui_atversion": "300"
};
}
if (window.addthis_plugin_info === undefined) {
window.addthis_plugin_info = {
"info_status": "enabled",
"cms_name": "WordPress",
"plugin_name": "Website Tools by AddThis",
"plugin_version": "3.1.2",
"plugin_mode": "AddThis",
"anonymous_profile_id": "wp-f2d21fd70bfc0c32605b4e5e1e4ff912",
"page_info": {
"template": "posts",
"post_type": ""
},
"sharing_enabled_on_post_via_metabox": false
};
}
(function() {
var first_load_interval_id = setInterval(function() {
if (typeof window.addthis !== 'undefined') {
window.clearInterval(first_load_interval_id);
if (typeof window.addthis_layers !== 'undefined' && Object.getOwnPropertyNames(window.addthis_layers).length > 0) {
window.addthis.layers(window.addthis_layers);
}
if (Array.isArray(window.addthis_layers_tools)) {
for (i = 0; i < window.addthis_layers_tools.length; i++) {
window.addthis.layers(window.addthis_layers_tools[i]);
}
}
}
}, 1000)
}());
</script>
<script type='text/javascript'>
var tocplus = {
"smooth_scroll": "1",
"visibility_show": "\u043f\u043e\u043a\u0430\u0437\u0430\u0442\u044c",
"visibility_hide": "\u0441\u043a\u0440\u044b\u0442\u044c",
"width": "Auto"
};
</script>
<script type='text/javascript' src='https://bar812.ru/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=bbebb9a04042e1d7d3625bab0b5e9e4f'></script>
<script>
(function() {
var html_jquery_obj = jQuery('html');
if (html_jquery_obj.length && (html_jquery_obj.is('.ie8') || html_jquery_obj.is('.ie9'))) {
var path = '/wp-content/themes/Newspaper/style.css';
jQuery.get(path, function(data) {
var str_split_separator = '#td_css_split_separator';
var arr_splits = data.split(str_split_separator);
var arr_length = arr_splits.length;
if (arr_length > 1) {
var dir_path = '/wp-content/themes/Newspaper';
var splited_css = '';
for (var i = 0; i < arr_length; i++) {
if (i > 0) {
arr_splits[i] = str_split_separator + ' ' + arr_splits[i];
}
//jQuery('head').append('<style>' + arr_splits[i] + '</style>');
var formated_str = arr_splits[i].replace(/\surl\(\'(?!data\:)/gi, function regex_function(str) {
return ' url(\'' + dir_path + '/' + str.replace(/url\(\'/gi, '').replace(/^\s+|\s+$/gm, '');
});
splited_css += "<style>" + formated_str + "</style>";
}
var td_theme_css = jQuery('link#td-theme-css');
if (td_theme_css.length) {
td_theme_css.after(splited_css);
}
}
});
}
})();
</script>
<div id="tdw-css-writer" style="display: none" class="tdw-drag-dialog tdc-window-sidebar">
<header> <a title="Editor" class="tdw-tab tdc-tab-active" href="#" data-tab-content="tdw-tab-editor">Edit with Live CSS</a>
<div class="tdw-less-info" title="This will be red when errors are detected in your CSS and LESS"></div>
</header>
<div class="tdw-content">
<div class="tdw-tabs-content tdw-tab-editor tdc-tab-content-active">
<script>
(function(jQuery, undefined) {
jQuery(window).ready(function() {
if ('undefined' !== typeof tdcAdminIFrameUI) {
var $liveIframe = tdcAdminIFrameUI.getLiveIframe();
if ($liveIframe.length) {
$liveIframe.load(function() {
$liveIframe.contents().find('body').append('<textarea class="tdw-css-writer-editor" style="display: none"></textarea>');
});
}
}
});
})(jQuery);
</script> <textarea class="tdw-css-writer-editor td_live_css_uid_1_5a5dc1e76f1d6"></textarea>
<div id="td_live_css_uid_1_5a5dc1e76f1d6" class="td-code-editor"></div>
<script>
jQuery(window).load(function() {
if ('undefined' !== typeof tdLiveCssInject) {
tdLiveCssInject.init();
var editor_textarea = jQuery('.td_live_css_uid_1_5a5dc1e76f1d6');
var languageTools = ace.require("ace/ext/language_tools");
var tdcCompleter = {
getCompletions: function(editor, session, pos, prefix, callback) {
if (prefix.length === 0) {
callback(null, []);
return
}
if ('undefined' !== typeof tdcAdminIFrameUI) {
var data = {
error: undefined,
getShortcode: ''
};
tdcIFrameData.getShortcodeFromData(data);
if (!_.isUndefined(data.error)) {
tdcDebug.log(data.error);
}
if (!_.isUndefined(data.getShortcode)) {
var regex = /el_class=\"([A-Za-z0-9_-]*\s*)+\"/g,
results = data.getShortcode.match(regex);
var elClasses = {};
for (var i = 0; i < results.length; i++) {
var currentClasses = results[i]
.replace('el_class="', '')
.replace('"', '')
.split(' ');
for (var j = 0; j < currentClasses.length; j++) {
if (_.isUndefined(elClasses[currentClasses[j]])) {
elClasses[currentClasses[j]] = '';
}
}
}
var arrElClasses = [];
for (var prop in elClasses) {
arrElClasses.push(prop);
}
callback(null, arrElClasses.map(function(item) {
return {
name: item,
value: item,
meta: 'in_page'
}
}));
}
}
}
};
languageTools.addCompleter(tdcCompleter);
window.editor = ace.edit("td_live_css_uid_1_5a5dc1e76f1d6");
// 'change' handler is written as function because it's called by tdc_on_add_css_live_components (of wp_footer hook)
// We did it to reattach the existing compiled css to the new content received from server.
window.editorChangeHandler = function() {
//tdwState.lessWasEdited = true;
window.onbeforeunload = function() {
if (tdwState.lessWasEdited) {
return "You have attempted to leave this page. Are you sure?";
}
return false;
};
var editorValue = editor.getSession().getValue();
editor_textarea.val(editorValue);
if ('undefined' !== typeof tdcAdminIFrameUI) {
tdcAdminIFrameUI.getLiveIframe().contents().find('.tdw-css-writer-editor:first').val(editorValue);
// Mark the content as modified
// This is important for showing info when composer closes
tdcMain.setContentModified();
}
tdLiveCssInject.less();
};
editor.getSession().setValue(editor_textarea.val());
editor.getSession().on('change', editorChangeHandler);
editor.setTheme("ace/theme/textmate");
editor.setShowPrintMargin(false);
editor.getSession().setMode("ace/mode/less");
editor.setOptions({
enableBasicAutocompletion: true,
enableSnippets: true,
enableLiveAutocompletion: false
});
}
});
</script>
</div>
</div>
<footer> <a href="#" class="tdw-save-css">Save</a>
<div class="tdw-more-info-text">Write CSS OR LESS and hit save. CTRL + SPACE for auto-complete.</div>
<div class="tdw-resize"></div>
</footer>
</div>
<script type="text/javascript" defer src="https://bar812.ru/wp-content/cache/autoptimize/js/autoptimize_d85127d8732b44d62e81e0455b3d3cb7.js"></script>
</body>
</html>
|
