Google Hacking

Google hacking is a term that refers to the art of creating complex search engine queries in order to filter through large amounts of search results for information related to computer security. In its malicious format it can be used to detect websites that are vulnerable to numerous exploits vulnerabilities as well as locate private, sensitive information about others, such as credit card numbers, social security numbers, and passwords. This filtering is performed by using advanced Google operators. While Google was the original tool of the Google hackers, many of the tactics and operators can be used on other search engines, such as MSN Search and Yahoo.

The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.The GHDB is maintained by Johhny Long who is a “white hat” Hacker. He made google hacking public in his site: http://johnny.ihackstuff.com/ and he called it Google Hacking Database(GHDB) .There are more than 1500 queries in the GHDB. In Around 1995, it started as not so serious project about discovering network vulnerabilities through Google Search Engine. As Google crawlers crawl on almost every file it can access, many confidential information leak out sometimes. The list of what Long and his fellow Google hackers have been able to dig up is impressive: passwords, credit card numbers and unsecured Web interfaces to things like PBXs, routers and Web sites.

(more…)