Google Hacking: When the search engine presents gaps and logs!

M.Sc. Chris Wojzechowski

Google Hacking: When the search engine presents gaps and logs!

With Google Hacking, as with search engines in general, it is all about gathering information. Sometimes there is also talk of Google Dorking. This technique is used by attackers to use the sophisticated search technology of Google.

Sophisticated search queries present security holes, error messages, sensitive information and data leaks directly in the search engine interface.

Attackers extend search queries for targeted victims and applications

As is often the case, you get thousands of results. To further narrow down the search, attackers also use information to reduce the number of people affected. This often includes the version number of the system they are looking for.

But the search engine can also search for specific file types. With a simple search query, for example, all sql file types can be listed


If you know the advanced search operators, you can also display other files. If you are looking for SMS logs, you need the following query:

intitle: "Index of" "sms.log"

Logical operators and symbols become power in Google.

As for the operators typical in computer science, you can also use Google and other search engines. Here AND, NOT and OR as well as operators like …. The following table contains additional information on these operators or possible combinations

Logischer OperatorBeschreibungBeispiel
AND oder +Wird benutzt um Wörter zu inkludieren. Alle Wörter, vor denen der Operator steht, müssen enthalten seinweb AND application AND security
Not oder -Wird benutzt um Wörter auzuschließen.web application NOT security
OR oder |Wird benutzt um entweder das eine ODER das andere zu finden.web application OR security
Tilde (~)Wird verwendet um Synonyme oder ähnliche Wörter zu findenWep Application ~security
Anführungszeichen (")Das in den Anführungszeichen stehende muss genau so gefunden werden"wep application security"
Punkt (.)Wird als Wildcard für einzelne Zeichen benutzt.eb application security
Sternchen (*)Wird als Wildcard für Wörter benutztweb * security

Advanced search operators for Google Hacking

If you know the classical operators, you should take a look at the extended ones. These give the user another possibility to refine or filter the results. First, Google Search triggers the logical operators and then carries out the extended ones or further limits the result. With the search query

intitle:"index of" filetype:sql

the search engine will first look for

"index of"

in the title. The result is then narrowed down – only according to the file type sql. You can look up other operators and their purpose in the following table:

Erweiterter SuchoperatorBeschreibungBeispiel
site:Beschränkt die Suche auf die angegeben
filetype:Schränkt die Suche auf den gesuchten Dateityp einmysqldump filetype:sql
link:Grenze nach Seiten ein, die auf folgende URL
cache:Suche und stelle eine Version der Website dar, die Google gecrawlt und gespeichert
intitle:Suche nach Text der im Titel der Website auftauchtintitle:"index of"
inurl:Suche nach Inhalt, der in der URL stehtinurl:passwords.txt

Can Google Hacking be prevented?

Basically Google Hacking is nothing else than (targeted) information gathering. By testing web applications and websites these misconfigurations are detected. The main aim of a pentest is to prevent the exploitation of the vulnerability by discovering the vulnerability beforehand. In the best case, the listing in search engines is also prevented or the correct configuration is provided. By the way, in our Live Hacking we show many user-friendly Google Hackings.

Photo of author

M.Sc. Chris Wojzechowski

My name is Chris Wojzechowski and I studied my Master in Internet Security in Gelsenkirchen a few years ago. I am one of two managing directors of AWARE7 GmbH and a trained IT Risk Manager, IT-Grundschutz practitioner (TÜV) and possess the test procedure competence for § 8a BSIG. Our bread and butter business is performing penetration testing. We are also committed to promoting a broad understanding of IT security in Europe, which is why we offer the majority of our products free of charge.