Hacking is a beyond the pale activity that has harmed the usability of search engines in many impolitic ways. But cybersecurity researchers and ethical hacking experts have been providing the ill-willed hackers the taste of their own medicine with smart strategies; take Google Dorking, for example. Security researchers and hackers equally utilize this technique to uncover sensitive information using certain commands on Google, but for different reasons.
The technological advancements have been used maliciously since their inception, and Google dorks queries are no exception. The history of Dorking dates back to 2002 when Johnny Long began collecting Google search queries that reveal ‘vulnerable systems and/or sensitive information disclosures.’ He labeled these search queries as ‘googleDorks.’
This article discusses the evolution of Dorking, its legalities, potential threats, dork queries, and protective measures that one must be aware of to be safe online.
What Is Google Dorking?
Also known as Google Hacking, Google Dorking is a technique widely used to collect sensitive and secret information from computer systems, software, and hardware that are vulnerable and prone to security flaws with certain commands on Google.
This method becomes a go-to option for stealing someone’s private information including:
- Social Security Numbers (SSNs)
- National Identification Number
- Webcams
- Passwords
- Email addresses
- Usernames
- Shell scripts
- User accounts
- Credit/Debit card credentials and other financial details, etc. that are hard to access normally.
This technique is not limited to Google but can also be exercised on other search engines, including Bing, DuckDuckGo, and Yahoo. However, search results might vary for different search engines.
How Google Dorking Evolved?
A cybersecurity expert, Johnny Long, is famous for devising Google Dorking. He was a part of Computer Sciences Corporation’s vulnerability assessment team- Strike Force and discovered Google search queries that unveiled vulnerable servers. In addition, these queries also unleashed the servers that circulate personal and sensitive information in the public eye.
This resulted in creating the Google Hacking Database(GHDB) in 2004. The database contains hundreds of search queries used for hacking/dorking. Over time, cybercrime has massively increased using these search queries called Google Dorks. Not only the world’s most used search engine, Google, but other search engines, including Bing, Yahoo, and DuckDuckGo, are also utilized for this purpose.
Is Google Dorking Illegal?
Google Dorking is technically legal and massively used by security experts. However, it is potentially used by hackers to gain unauthorized access to personal information. A Brooklyn Law School student and a published legal scholar, Star Kashman, often elaborately highlights this issue. She has studied and shared the ethical and criminal usage of search engine hacking and how it violates the Computer Fraud and Abuse Act (CFAA).
In her paper published in the Washington Journal of Law, Technology & Arts dated 2 June 2023, she explains the legalities related to this technique.
- She mentioned that CFAA doesn’t regard Google Dorking as an illegal activity, stating that any information that is out in the public domain doesn’t require ‘unauthorized access.’ However, the FBI and many other legitimate organizations use ‘dorking’ and ‘hacking’ synonymously.
- She highlights that the existing definition of hacking as per CFAA and existing laws fails to highlight and address the problem of computer crime and don’t well limit the use of Google Dorking.
What Is Google Dorks Query?
Google Dorks Query are special terms or symbols called ‘operators’ which are used with keywords/strings to discover normally crawled yet undisclosed information.
The two most prominent cases in the history of dorking are: (i) the compromise of the CIA’s worldwide secret communications network leading to failure of 70% of its operations and the cyber attack on 46 financial institutions in the US during 2011-2013, and (ii) Bowman Avenue Dam in Rye Brook, New York. Both the cases and many others took place using the dork’s query.
How Google Dorking Works?
Google Dorks queries are used with specific keywords to form search operators (advanced search operators, in some cases) to be on the make, stealing financial, personal, or other information that is hard to obtain otherwise.
These search queries are employed to access web pages, file types, urls, etc. that are crawled by Google but usually not visible in search results with normal search queries. However, it has a potentially negative aspect wherein cybercriminals locate search operators with strings to find normally inaccessible information for illicit intents. On the other hand, security professionals and web technicians often put it to use to gain insights into their site’s security loopholes.
Google Dorks Query List With Examples
Security researchers use this technique to acquire knowledge of loopholes and report them for improvement, among many other legitimate purposes. For instance, the Google Mobile Vulnerability Reward Program and Apna Vulnerability Disclosure Policy are two examples where cybersecurity researchers use Dorking commands.
Search Operators
The table below shows the Google Dorks list that security researchers and hackers use to discover site vulnerabilities for contrasting purposes. These search terms are intertwined with a strategic approach to discover information that is inaccessible through normal search means.
We already know that hackers use Google Dorking commands to fetch personal and private details with illicit intent, making it crucial to learn protective measures against it (more on that in later section).
S. NO. | DORKS/OPERATORS | PURPOSE | EXAMPLE/SYNTAX |
1 | filetype: | Retrieve the specific file type you need | filetype:keyword pdf The search results will fetch the pdf (or other format) format of the file. |
2 | site: | Allows search for domains in a specific website | site:example.com The search results will show the pages related to the site you entered (in this case- ‘example.com’ ). |
3 | inurl: | Helps search for web pages containing the specified keywords in the domain URL | inurl:keyword Putting the particular site url in place of ‘url’ in the aforementioned place will fetch the web domains containing specific keywords in the URL. |
4 | intext: | Shows web pages containing the specified keywords in the content | intext:keyword This command will return the online published content in search results with the specified search terms. |
5 | allintitle: | Retrieve results with specific keywords in the web page title | allintitle:keyword This will show all search results with the specified keywords. |
6 | allinurl: | Returns search results containing the specific keywords in url | alinurl:keyword This will show all search results with the specified keywords. |
7 | cache: | Shows the last saved copy of a particular website (if it exists) | cache:example.com Or cache:keyword.example.com This will fetch the last saved web page of a particular website. It is useful to retrieve a website’s previous page before its update/downtime. |
8 | define: | Provides the definition of the searched term | define:word It’ll show the meaning/definition of the word searched |
9 | link: | Shows web pages linked to a specific URL | link:example.com It is used to find web pages linked with a domain and to estimate its impact. |
10 | site: | Keeps the search restricted to the particular, site, domain or subdomain | site:example.com To search for a specific domain within a website (or website itself). |
11 | related: | It helps to find pages related to a specific website or search term | related:example.com The purpose of this command is to find all relevant pages to a particular website (in this case- ‘example.com’). |
12 | | | Also referred to as ‘before | after,’ this operator retrieves search results containing the specified terms | keyword1 | keyword2 This will return web pages related to both the keywords. |
13 | + | This dork is used to find search results which connect the specified search terms in the content | keyword1 + keyword2 All the web pages containing information about both the keywords will appear in search results. |
14 | – | This query returns the search results including the specified terms | keyword1-keyword2-keyword3 It’ll fetch all the web results including information about the described search query. |
15 | phonebook: | Used to search for caller IDs | phonebook:number It’ll return the search results including information of organization or individual to whom the phone number belongs, if indexed. In case the number is not indexed, no search result will be shown. |
16 | map: | This command is excessively used to get the map of a particular location | map:location This search query will show the map for the location entered. |
Threats Of Google Dorking
Dorking has been a big hand behind multiple cybercrimes conducted from time to time. Although this technique has been used by security researchers and ethical hacking experts, it has been constantly exploited by cyber criminals to steal people’s private details. The elephant in the room is that even people belonging to non-technical areas can also easily learn about dorks and how to use them. This is to say, anyone can access our online information irrespective of the field or area they work in.
To know what hackers use Google Dorking for, continue reading:
1) Access Camera:
Surveillance cameras such as CCTV cameras and webcams are a tpical target for cybercriminals. They use the dorks to penetrate the security and can get access to live video feeds without the knowledge of the person on the other end.
Case: In 2013, Miss Teen USA- Cassidy Wolf fell prey to a college student who had been monitoring her webcam through hacking. He blackmailed her to do as he said against her private pictures, which he threatened to leak otherwise. The 19-year-old admitted that he had 30-40 slave computers (that he was monitoring) and was eventually arrested, CNN confirmed. Several similar cases wherein people have been watched without having a clue about it were reported.
2) Identity Theft:
Doing crimes in someone else’ name is called identity theft. Hackers steal the identity of people to commit fraud. They steal information like PAN number, National Identification Number (NIN), passwords, etc., and use it for fraud calls, texts, transactions, account activities, etc.
Case: In December 2023, The Deputy Commissioner of Bengaluru Urban District, Dayananda K.A, filed a complaint with the Central Division Cyber Crime Police (India) stating that an unidentified person was using his photograph, name, and designation and asking for money from his colleagues through WhatsApp, The Hindu reported.
More such fraudulent activities have been executed for landing a job, obtaining false tax returns, govt. benefits and money depicting accidental/emergency cases. As per ProQuest Publishing, global identity theft cases spiked by 116,000 during the year 2019-2020.
3) Unauthorized Transactions:
Another common purpose hackers use Google Dorks query for is unauthorized transactions. It has become very easy for cybercriminals to get access to bank accounts and financial card details by retrieving their passwords, pins, emails, and even sometimes the encrypted codes. Activities like phishing scams, online rewards scams, malicious links, app downloads, etc., are used to trick people into sharing their sensitive data and hacking their devices.
Case: The Federal Trade Commission (FTC) reported that people lost $8.8 billion in such frauds in 2022. In addition, the use of deep voice and voice cloning/fake voice is massively used to get money transfers. For instance, a $35 Million fraud happened with the branch manager of a Hong Kong-based company.
4) Stalking & Doxing
Google dorks have also been consistently used to get residential information of people by online stalkers and hackers. But this doesn’t end here; such criminal-minded people even post people’s sensitive details over the web. This is called doxing.
Case: In 2016, a man in New York was sentenced to 24 months of imprisonment for doxing, swatting, and cyberstalking. As per the publication of the United States Attorney’s Office, dated 11 July 2016, govt. found evidence of the man posting “PII of at least 50 celebrities and state and federal officials on different websites that all shared the domain name “Exposed,” which were accessible to anyone, anywhere. The natural, inevitable, and intended consequence of this publication of names, social security numbers, dates of birth, addresses, credit reports, and the like was the use of that information by countless others to illicitly obtain credit cards and other finance-related accounts using the identities of the doxing victims, causing many victims to suffer continuing credit issues. The publication of the victim’s personal identifying information also revealed to any other would-be harassers or assailants how and where to contact the victims.”
5) Device & File Hacking:
A hacker can access any of your smart devices using Google dorks. Hackers create fake Wi-Fi networks that retrieve your data once you connect with them. This problem is quite common in places offering public Wi-Fi facilities and also opens gates to gain access to private files on the network.
Furthermore, smart devices, including smart TVs, cell phones, laptops, printers, and even smart refrigerators and ACs, etc., get hacked when cybercriminals retrieve your device information. Many cases have been reported where hackers have captured private pictures of people via hacking their smart devices.
Case: In December 2023, the win of Prince Harry against a UK’s leading tabloid group, Mirror Group Newspapers, who hired private investigators to peer into his personal information and hack his mobile was a much-discussed iconic event.
Online fraudsters are keenly looking for chances to acquire our personal and private information. Nevertheless, certain measures can help you protect yourself from online hacking. The next section talks about such measures in detail, so continue reading further…
Protective Measures Against Google Dorking
While avoiding online hacking can be a biting-a-bullet kind of task, the below-mentioned measures can help you fight against it:
(a) Do Not Put Everything Online
Nowadays, we tend to save everything online, like our credit/debit card credentials or passwords. Although this is a very useful feature, it risks your information. That’s why you must try to limit keeping everything online, and in case you do, change your passwords from time to time and ensure all safety precautions.
(b) Check If Your Information Is Indexed Or Not
A hacker can access any indexed online information using Dorking techniques. To check whether a web page is indexed or not, use this command- site: paste web page link and press Enter. If you see the web page in the first place, you should use robots.txt file, no-index and no-follow tags (refer to next two points) to deindex it. Furthermore, this will help you detect any flaw in the computer or online systems/networks and take necessary actions in the required time.
(c) Use No-follow and No-index Tags
No-follow tags are used with links you don’t want search engines to follow. And no-index tags are used with pages you don’t want search engines to index. These two tags are a great way to effectively stop web pages from getting indexed and out in the public domain.
(d) Use A Robots.txt File
Using a Robots.txt file can be very helpful in safeguarding important files, directories, and online publications. Search engines use this file as a guide to know which pages to index.
(e) Use Two-Factor/Multi-Factor Authentication
Keeping your device’s security systems safe using two-factor or multi-factor authentication, pin-protections, etc., can help safeguard your online data.
(f) Be Selective For File & Directory Permissions
While managing your online documents, files, directories, sheets, etc., be selective in assigning the permissions. Only allot the required access to the people who need it.
(g) Use Antivirus & Firewall Protection
Antivirus software and firewall protections can prove successful in tackling such issues. For instance, Microsoft and Windows offer in-built firewall protections. Similarly, installing antivirus can help protect mobile devices.
(h) Identify & Uninstall Suspicious Apps
Hackers secretly install some apps into people’s devices that help them retrieve their data. You must check if any app is installed on your device that you aren’t aware of. Also, check what permissions you’ve allowed to the installed apps to limit unwanted access.
(i) Don’t Click On Suspicious Links
Cybercriminals usually try phishing techniques by sending malicious links through emails and social media apps. Such links are heavily in rotation during festivals depicting free rewards links. So be aware of such links and don’t click on them.
(j) Avoid Jailbreaking
Removing software restrictions on your device that come by default from the manufacturer is called jailbreaking and can prove dangerous. It can leave your device entirely at hackers’ disposal and hence is not recommended.
(k) Use Long & Different Passwords
Framing long passwords can help you save your online accounts from being a beacon for hackers. In addition, use different passwords for different accounts and apps.
(l) Activate Alerts
By applying for SMS and email alerts, you can detect a forthcoming fraud scenario and safeguard your accounts. Otherwise, someone can access your data anytime without your knowledge. Banks have this facility to keep the customers posted about transactions and might suggest freezing your account immediately in case of suspicious activity.
(m) Never Enter Your Information On Decrypted Sites
Decrypted sites or sites without encryption can always fall prey to hackers’ ill-intents. That’s why you never enter your sensitive information (or any information) on such sites. You can spot a tune icon on encrypted sites on Google or a padlock icon in the case of other search engines. Another cue to spot a safe site is using “https” at the start of its URL.
(n) Keep Your Apps, Browsers & OS Updated
Not updating device/system software, apps, and browsers can land you trouble. Keep a check on regular updates to not lose in the war against cybercriminals.
(o) Take BackUp & Format Your Device
Keeping data backup can also work if your device is hacked. If no other means work for you or you are locked out of your account, you might need to format your device. A backup can save you from losing your data in such a scenario. But, remember not to take a backup for any suspicious app.
You can also use the advice of cybercrime institutions or report cybercrime on your country’s official designated authority portal. They might suggest you freeze your account, inform your known ones, change your contact number, ID, etc.
Wrapping Up
that show conventionally inaccessible results. This methodology is heavily employed in cybersecurity and isn’t technically illegal. However, it has caused havoc for people because of its illicit use by hackers. Looking at the unethical use of dorks, there is a need to frame laws regulating the use of dorking techniques and to pass legislation elucidating restrictions on access to personal and private information with ambiguous legal status.
At last, it depends on us how we use this technique because using dorks for illicit purposes is sure to attract legal penalties.