Some hackers choose their victims for personal or political reasons, others take an approach that’s a bit less personal. Changing directions a bit, here’s a fun fact: Google processes over 40,000 search queries per second, but not all are created equal. So, what exactly does that mean and how are these two things related? What does hacking have to do with a Google search?
While it may seem like there’s only one way to perform a search query, in 2002 a security expert named Johnny Long began to explore a more advanced search technique called Google hacking. Google hacking—also known as Google dorking, in reference to those whose devices and vulnerabilities are unearthed through it—is a unique way of utilizing search operators to obtain results such as web server specifics, devices affected by vulnerabilities, login credentials, Personally Identifiable Information (PII), and even financial data.
So, instead of targeting a particular person, government, or corporation, an attacker can use these operators to find several targets, all suffering from the same vulnerability. Unfortunately, many servers are still operating on outdated standards, which puts them at risk. For example, entering the following string returns results of web servers still running one of the versions of SSL vulnerable to Heartbleed:
“OpenSSL” AND “1.0.1c Server at”.
Interestingly enough, Exploit DB has integrated Long’s Google Hacking Database (GHDB) into their own site. From here, thousands examples of these search operators can be found. Results can be used to develop a list of targets vulnerable to specific exploits, for information theft, intelligence or espionage, or even cyber terrorism. However, while it may seem that the GHDB exists solely for the purpose of malicious behavior, security researchers and pen testers often make use of it for exploit analysis and investigation. Google hacking is also not just limited to available content. Users can tap into Google’s cache and access exposed data without ever touching the vulnerable server, as well.
Attackers don’t need fancy tools like those found in Kali or even an engine devoted to locating vulnerabilities, such as Shodan. They don’t need sophisticated or expensive tools and they don’t need a lot of expertise. All the information they need is simply one Google search away.