A cikin sararin duniyar bincike akan layi, akwai ƙarin hanyoyin ci gaba don neman takamaiman bayanai waɗanda suka wuce shigar da kalmomin shiga cikin injin bincike kawai. Daya daga cikin wadannan sabbin fasahohin bincike ya shahara a fannin tsaron kwamfuta da binciken bayanai, Google Dorks.
Muna magana ne game da jerin umarni da dabaru waɗanda ke ba masu amfani damar nemo ɓoyayyun bayanai masu mahimmanci da inganci da inganci.
A cikin wannan labarin, za mu bincika hanyoyi daban-daban masu amfani za su iya faɗaɗa ƙwarewar binciken su akan layi; gano bayanai masu mahimmanci ba tare da dogaro kawai akan bincike na al'ada ba. Ka karanta har zuwa ƙarshe kuma ka zama ƙwararre wajen neman bayanai akan Intanet.
Yana da mahimmanci a lura cewa dorks dole ne a yi amfani da su cikin ɗa'a da doka. Yin amfani da dorks don samun dama, amfani, ko daidaita tsarin ba tare da izini ba haramun ne aiki da keta sirri da tsaro. Dorks kayan aiki ne mai ƙarfi, amma amfani da su dole ne ya dace da ƙa'idodin ɗabi'a da na doka..
Za mu fara da bayyana muku mene ne Dork a Kimiyyar Kwamfuta
Ba kome ba ne illa igiyoyin bincike na musamman da ake amfani da su don nemo takamaiman bayanai ta injunan bincike, kamar Google. Waɗannan igiyoyin bincike, waɗanda kuma aka sani da "Google dorks" ko kuma kawai "dorks", suna ba masu amfani damar yin ƙarin ci gaba da ingantaccen bincike don gano ɓoyayyun bayanai ko mahimman bayanai waɗanda ba za a iya samun sauƙin samun su ta hanyar bincike na al'ada ba.
Dorks sun ƙunshi takamaiman kalmomi da masu aiki waɗanda aka shigar a cikin injin bincike don tace sakamako don takamaiman bayani. Misali, ana iya ƙera dork don nemo bayanan kundayen adireshi, kalmomin sirri da aka zube, fayiloli masu mahimmanci, ko gidajen yanar gizo masu rauni don kai hari. Kwararrun tsaro, masu bincike, da masu satar fasaha suna amfani da Dorks don nemowa da tantance yuwuwar lahani a cikin tsarin da aikace-aikace.
Menene nau'ikan Google Dorks kuma yaya ake amfani da su?
Google Dorks kayan aiki ne mai ƙarfi. Waɗannan ƙa'idodin bincike na ci gaba suna ba masu amfani damar yin ƙarin takamaiman bincike da gano bayanan da ba za a iya samun su ta hanyar al'ada ba. A nan mafi mahimmanci:
Babban Dorks na Google
da Asalin Dorks na Google sune mafi sauƙi kuma mafi yawan umarnin bincike da ake amfani da su. Wadannan dorks suna mayar da hankali kan neman takamaiman kalmomi a shafukan yanar gizo kuma suna iya zama da amfani don nemo takamaiman bayani. Wasu misalai na asali na Google Dorks sune:
- Taken: Yana ba ku damar bincika kalmomi masu mahimmanci a cikin taken shafin yanar gizon. Misali, "intitle: hackers" za su nuna duk shafukan da ke dauke da kalmar "hackers" a cikin take.
- inurl: Wannan dork yana neman keywords a cikin URLs na shafukan yanar gizo. Misali, "inurl: admin" zai nuna duk shafuka masu dauke da kalmar "admin" a cikin URL dinsu.
- Nau'in fayil: Bincika takamaiman fayiloli dangane da nau'in su. Misali, "filetype: pdf" zai nuna duk fayilolin PDF masu alaƙa da ƙayyadaddun kalmar.
ci-gaba dorks
Manyan Dorks na Google sun wuce bincike na asali kuma suna ba da damar zurfafa bincike na yanar gizo. An tsara waɗannan dorks don nemo ƙarin mahimman bayanai ko takamaiman bayanai.. Wasu misalan manyan Dorks na Google sune:
- Shafin: Wannan dork yana ba ku damar bincika takamaiman bayani akan wani gidan yanar gizo na musamman. Misali, “site:example.com kalmar sirri” zai dawo da duk shafuka akan example.com wadanda ke dauke da kalmar “password”.
- cover: Wannan dork yana nuna sigar da aka adana na shafin yanar gizon. Yana da amfani lokacin da kake son samun dama ga shafin da aka cire ko babu shi a halin yanzu.
- link: Wannan dork yana nuna shafukan da ke haɗi zuwa takamaiman URL. Yana iya zama da amfani don nemo shafukan yanar gizo masu alaƙa ko gano hanyoyin haɗin baya.
Dorks don tsaro na kwamfuta
Google Dorks kuma ana amfani da shi sosai a fagen tsaro na kwamfuta don neman lahani, fallasa, da mahimman bayanai. Wasu misalan Google Dorks da ake amfani da su wajen tsaron kwamfuta sune:
- Kalmar siri: Wannan dork yana neman shafukan yanar gizo waɗanda ke ɗauke da fallasa fayilolin kalmar sirri ko kundayen adireshi masu rauni.
- Shodan: Ana amfani da shi don nemo na'urori masu haɗin Intanet ta hanyar injin binciken Shodan. Misali, "shodan:camcam" zai nuna kyamarorin yanar gizo masu isa ga jama'a.
- "Index na": Yana bincika kundayen adireshi na fayiloli akan sabar yanar gizo, waɗanda zasu iya fallasa fayiloli masu mahimmanci ko masu zaman kansu.
Dorks don bincike na bayanai
Google Dorks kuma kayan aiki ne masu mahimmanci don binciken bayanai da tattara bayanai. Wasu misalan Google Dorks da aka yi amfani da su wajen binciken bayanai sune:
- "text:": Wannan dork yana ba ku damar bincika takamaiman kalma ko jumla a cikin abubuwan da ke cikin shafin yanar gizon. Misali, "intext:OpenAI" zai nuna duk shafuka masu dauke da kalmar "OpenAI" a cikin abun cikin su.
- "inchor:" Nemo takamaiman kalmomi a cikin hanyoyin haɗin yanar gizo. Yana iya zama da amfani don nemo gidajen yanar gizo masu alaƙa da takamaiman batu ko mahimmin kalma.
- masu alaƙa:: Nuna gidajen yanar gizo masu alaƙa da takamaiman URL ko yanki. Zai iya taimakawa gano gidajen yanar gizo masu kama da juna ko kuma suna da alaƙa da wani batu.
Dorks don bincika raunin rauni
Ana kuma amfani da Google Dorks don nemo lahani a cikin gidajen yanar gizo da aikace-aikace. An tsara waɗannan dorks don nemo gidajen yanar gizo waɗanda ƙila za su iya kamuwa da hare-hare ko ɓarnar bayanai. Wasu misalan Google Dorks da aka yi amfani da su wajen neman raunin su ne:
- SQL allura: Wannan dork yana neman gidajen yanar gizo waɗanda ƙila su kasance masu rauni ga harin allurar SQL.
- "XSS": Wannan yana bincika gidajen yanar gizo waɗanda ƙila su kasance masu rauni ga hare-haren ƙetare-tsaye (XSS).
- Loda fayil: Yana neman gidajen yanar gizon da ke ba da izinin loda fayil, wanda zai iya zama mai yuwuwar rauni idan ba a aiwatar da shi daidai ba.
YADDA SHA'AWA! GANO yadda ake aika saƙonnin da ba a san su ba ta amfani da Apps na wayar hannu
Wasu Tambayoyi da ake yawan yi da amsoshinsu game da Google Dorks
Kamar yadda muke son kada ku yi shakka game da waɗannan kayan aikin, a nan mun bar muku mafi kyawun amsoshin shakku:
Shin yana halatta a yi amfani da Google Dorks?
Amfani da Google Dorks kansa doka ne. Duk da haka, yana da mahimmanci a yi amfani da su cikin ɗabi'a da kuma alhaki. Yin amfani da dorks don ayyukan da ba na doka ba, kamar samun damar tsarin da ba a ba da izini ba, keta sirri, ko yin zamba, haramun ne kuma ba a yarda da shi ba.
Menene haɗarin amfani da Google Dorks?
Yin amfani da Google Dorks mara kyau ko rashin kulawa na iya haifar da mummunan sakamako, kamar keta sirrin wasu, samun damar bayanai masu mahimmanci ba tare da izini ba, ko shiga cikin haramtattun ayyuka. Yana da mahimmanci a fahimci iyakokin ɗa'a da doka lokacin amfani da waɗannan kayan aikin.
Menene amfanin da'a na Google Dorks?
Amfanin da'a na Google Dorks sun haɗa da ganowa da gyara lahani a cikin tsari da aikace-aikace, kimanta tsaron gidan yanar gizon, da nemo bayanan da aka fallasa don sanar da masu shi da taimakawa kare sirri da tsaro.
Ta yaya zan iya koyon amfani da Google Dorks yadda ya kamata?
Kuna iya koyan amfani da Google Dorks yadda ya kamata ta hanyar bincike, karanta takardu, shiga cikin al'ummomin tsaro na kwamfuta da taron tattaunawa, da aiki. Akwai albarkatun kan layi, koyawa, da darussan da za su iya taimaka muku haɓaka ƙwarewar ku ta amfani da Google Dorks.
| Nau'in Dork na Google | Misalin Google Dork |
|---|---|
| bincike na asali | intitle:"keyword" |
| inurl:"keyword" | |
| filetype: "nau'in fayil" | |
| site:"domain.com" | |
| cache: "URL" | |
| mahada:"URL" | |
| Tsaron komputa | intext: "Kuskuren SQL" |
| intext: "Password ya leka" | |
| intext: “security settings” | |
| inurl:"admin.php" | |
| intitle:"control panel" | |
| site:"domain.com" ext:sql | |
| Bayanin sirri | intext: "bayanan sirri" |
| intitle: "Password file" | |
| filetype: docx "sirri" | |
| inurl:"file.pdf" intext:"lambar tsaro" | |
| inurl:"ajiyayyen" ext:sql | |
| intitle: "directory index" | |
| binciken gidan yanar gizo | site:domain.com "login" |
| site:domain.com "index of" | |
| site:domain.com intitle: "fayil ɗin kalmar sirri" | |
| site:domain.com ext: php intext: "Kuskuren SQL" | |
| site:domain.com inurl:"admin" | |
| site:domain.com filetype:pdf | |
| wasu | allinurl: "keyword" |
| allintext: "keyword" | |
| alaka:domain.com | |
| bayani:domain.com | |
| ayyana:”term” | |
| littafin waya: "sunan lamba" |
Shin akwai madadin wannan kayan aikin don neman ci gaba?
Ee, akwai wasu kayan aiki da dabaru don yin bincike na ci gaba, kamar Bing dorks, Yandex dorks ko Shodan (don neman na'urori masu haɗin Intanet). Kowannensu yana da takamaiman halaye da hanyoyinsa.
Ta yaya zan iya kare gidan yanar gizona ko app daga Google Dorks ya same ni?
Don kare gidan yanar gizonku ko aikace-aikacenku daga samun Google Dorks, yana da mahimmanci a aiwatar da kyawawan ayyukan tsaro, kamar tabbatar da kiyaye kundayen adireshi da fayiloli, sabunta software, amfani da saitunan tsaro masu kyau, da yin gwaje-gwajen shiga zuwa gano yiwuwar rauni.
Wadanne matakan tsaro zan ɗauka idan na gano cewa gidan yanar gizona yana da rauni ta hanyar Google Dorks?
Idan kun gano cewa gidan yanar gizon ku yana da rauni ta hanyar Google Dorks, yana da mahimmanci ku ɗauki matakin gaggawa don gyara raunin. Wannan na iya haɗawa da facin tsarin, gyara kurakuran daidaitawa, hana shiga mara izini, da haɓaka gabaɗayan tsaron rukunin yanar gizon.
Za a iya amfani da su a wasu injunan bincike ban da Google?
Yayin da Google Dorks umarni ne da aka tsara don amfani da su akan injin bincike na Google, ana iya amfani da wasu daga cikin masu aiki da dabaru zuwa wasu injunan bincike suma. Koyaya, yana da mahimmanci a lura da bambance-bambance a cikin syntax da sakamako tsakanin injunan bincike.
Ta yaya zan iya amfani da Google Dorks don nemo lahani a cikin gidajen yanar gizo?
Kuna iya amfani da Google Dorks don nemo lahani a cikin gidajen yanar gizo ta hanyar gano takamaiman alamu a cikin URLs, bincika bayanan kundayen adireshi, neman fayiloli masu mahimmanci, ko neman saƙon kuskure waɗanda zasu iya bayyana mahimman bayanai. Yana da mahimmanci a yi hakan cikin ɗabi'a da mutunta sirrin wasu.
Shin akwai al'ummomin kan layi ko tarukan da ake tattaunawa da raba Google Dorks?
Ee, akwai al'ummomin kan layi da wuraren tarurruka inda kwararrun tsaro na bayanai da masu sha'awar ke raba bayanai, dabaru, da tattauna amfani da Google Dorks. Waɗannan wuraren za su iya zama da amfani don koyo, raba ilimi da kuma ci gaba da sabbin abubuwan da ke faruwa a cikin amfani da dorks.
Wasu taruka da al'ummomin kan layi inda aka tattauna da kuma raba ilimi game da amfani da Google Dorks da tsaro na kwamfuta sune:
- Exploit Database Community: Ƙungiya ta kan layi da aka sadaukar don tsaro na kwamfuta da musayar bayanai game da lahani da cin nasara. (https://www.exploit-db.com/)
- Reddit – r/NetSec: Subreddit da aka keɓe don tsaron kwamfuta, inda ƙwararru da masu sha'awar raba labarai, tattaunawa, da dabaru masu alaƙa da tsaro. (https://www.reddit.com/r/netsec/)
- HackerOne Community: Ƙungiya na masu satar da'a da ƙwararrun tsaro akan layi, inda aka tattauna rashin lahani, dabarun tsaro, da kuma raba sakamakon binciken. (https://www.hackerone.com/community)
- The Ethical Hacker Network: Ƙungiya ta kan layi don ƙwararrun tsaro na bayanai da masu satar da'a, inda aka raba albarkatun, ana tattauna dabaru, da haɗin gwiwa. (https://www.ethicalhacker.net/)
- Dandalin Al'umma na TsaroTrails: Dandalin tsaro na kan layi inda ƙwararrun tsaro da masu sha'awar tsaro ke tattauna batutuwan da suka shafi tsaro na kwamfuta, gami da amfani da Google Dorks. (https://community.securitytrails.com/)
| Nau'in Dork na Google | Misalin Google Dork |
|---|---|
| bincike na asali | intitle:"keyword" |
| inurl:"keyword" | |
| filetype: "nau'in fayil" | |
| site:"domain.com" | |
| cache: "URL" | |
| mahada:"URL" | |
| Tsaron komputa | intext: "Kuskuren SQL" |
| intext: "Password ya leka" | |
| intext: “security settings” | |
| inurl:"admin.php" | |
| intitle:"control panel" | |
| site:"domain.com" ext:sql | |
| Bayanin sirri | intext: "bayanan sirri" |
| intitle: "Password file" | |
| filetype: docx "sirri" | |
| inurl:"file.pdf" intext:"lambar tsaro" | |
| inurl:"ajiyayyen" ext:sql | |
| intitle: "directory index" | |
| binciken gidan yanar gizo | site:domain.com "login" |
| site:domain.com "index of" | |
| site:domain.com intitle: "fayil ɗin kalmar sirri" | |
| site:domain.com ext: php intext: "Kuskuren SQL" | |
| site:domain.com inurl:"admin" | |
| site:domain.com filetype:pdf | |
| wasu | allinurl: "keyword" |
| allintext: "keyword" | |
| alaka:domain.com | |
| bayani:domain.com | |
| ayyana:”term” | |
| littafin waya: "sunan lamba" |