Note: Some prerequisite CS knowledge is needed to follow through the technical parts of the article.Ī friend messaged me that an XSS vulnerability was found in his website and that he wants me to take a further look.
![google hacking in title index of whatsapp databases google hacking in title index of whatsapp databases](https://eastdom.weebly.com/uploads/1/2/6/6/126658403/433957390_orig.png)
This will be a detailed story about how I hacked into a server which hosted 40 (this is an exact number) websites and my findings. Long story short, my experience was always limited to simulated environments, and since I consider myself a white-hat hacker (aka one of the good guys) I never stuck my nose into other peoples’ businesses - quite literally. Over the last year I’ve played in various wargames, capture the flag and penetration testing simulations, continuously improving my hacking skills and learning new things about ‘how to make computers deviate from their expected behavior’. htpasswd is a file that is used to store credential to HTTP Apache servers.Įxploit DB Google Hacking Database is the most popular Google Hacking Database in the internet.Last summer I started learning about information security and hacking. If you are familier with intitle:“index of” search string, you will know what will be the result like.
![google hacking in title index of whatsapp databases google hacking in title index of whatsapp databases](https://i1.wp.com/gbhackers.com/wp-content/uploads/2018/02/Hacking-course.jpg)
sql files that contain the text #mysql dump anywhere in the result. Same way, dorks are also search strings that contains advance search operators.
![google hacking in title index of whatsapp databases google hacking in title index of whatsapp databases](https://potentireland.weebly.com/uploads/1/2/3/9/123927654/865798779.png)
People use these commands to customize their results and search in Google like a pro! transport -vans -cars will search for the word transport and ignore the results which contains vans or cars anywhere in the result text.polymorphism -site: will search for the word polymorphism in the Google and ignore the results from.
#Google hacking in title index of whatsapp databases tv
This is a very popular search string that is used to search movies, games, tv series, etc.
![google hacking in title index of whatsapp databases google hacking in title index of whatsapp databases](http://k4z4k.weebly.com/uploads/5/1/6/0/51605141/s343452565805789842_p1_i1_w252.png)
In the following table you can see a list of google advance search operators. With another dork, you can get some other sensitive data like database credentials. Then using another dork you can try to get sensitive data like user credentials from those servers. These are some strings that can be send with google advance search operators in order pull out sensitive information.Īs an example, one dork can be used to identify the vulnerable server. Most importantly with this Google hacking database, you can find the vulnerabilities of your website and fix the issues before someone else tries to hack you. Payment card data) from google search engine. They have arranged google dorks in a way that it can be used to pull out information such as email addresses and lists, login credentials, sensitive files, website vulnerabilities, and even financial information (e.g. This is a database created by the community or some individual using google dorks. Use only on servers you own at your own risk !! Disclaimer: Don’t missuse the information here.