Google Dorks: Kuongorora mhando dzadzo uye mashandisiro adzo [Cheatsheet]

CiteiaYakapedzisira Kuvandudzwa May 20, 2023

0 8.981 Maminitsi mashanu verenga

Munyika yakakura yekutsvaga online, kune dzimwe nzira dzepamusoro dzekutsvaga ruzivo rwakananga rwunopfuura kungoisa mazwi akakosha muinjini yekutsvaga. Imwe yeaya akanyanya kuomesesa ekutsvaga matekiniki ave akakurumbira mumunda wekuchengetedza kombiyuta uye ruzivo rwekuongorora, iyo Google Dorks.

Tiri kutaura nezve nhevedzano yemirairo uye matekiniki anobvumira vashandisi kuwana yakavanzika uye ruzivo rwakadzama zvakanyanya uye zvinobudirira.

Muchikamu chino, tichaongorora nzira dzakasiyana dzekuti vashandisi vanogona kuwedzera hunyanzvi hwavo hwekutsvaga online; tsvaga data rakakosha pasina kuvimba chete nekutsvaga kwakajairika. Verenga kusvika kumagumo uye uve nyanzvi yekuwana ruzivo paInternet.

Zvakakosha kuziva kuti madorks anofanirwa kushandiswa zvine hutsika uye zviri pamutemo. Kushandisa dorks kuwana, kushandisa, kana kukanganisa masisitimu pasina mvumo ibasa risiri pamutemo uye kutyorwa kwekuvanzika nekuchengetedzeka. Dorks chishandiso chine simba, asi kushandiswa kwavo kunofanirwa kuenderana neyakagadzikwa yetsika uye yemutemo nheyo..

Zviri mukati chivande

1 Tichatanga nekujekesa kwauri kuti Dork chii muComputer Science

2 Ndeapi marudzi eGoogle Dorks uye anoshandiswa sei?

2.1 Basic Google Dorks

2.2 advanced dorks

2.3 Dorks kuitira kuchengetedza kombiyuta

2.4 Dorks yekutsvaga ruzivo

2.5 Dorks kutsvaga kusasimba

3 Mimwe Mibvunzo Inowanzo bvunzwa uye mhinduro dzavo nezveGoogle Dorks

3.1 Zviri pamutemo here kushandisa Google Dorks?

3.2 Ndedzipi njodzi dzekushandisa Google Dorks?

3.3 Ndeapi maitiro ehutsika anoshandiswa eGoogle Dorks?

3.4 Ndingadzidza sei kushandisa Google Dorks zvinobudirira?

3.5 Pane here dzimwe nzira dzekushandisa pakutsvaga kwepamusoro?

3.6 Ndingadzivirira sei webhusaiti yangu kana app kuti isawanikwe neGoogle Dorks?

3.7 Ndeapi matanho ekuchengetedza andinofanira kutora kana ndikawana kuti webhusaiti yangu iri panjodzi kuburikidza neGoogle Dorks?

3.8 Anogona kushandiswa mune dzimwe injini dzekutsvaga kunze kweGoogle?

3.9 Ndingashandisa sei Google Dorks kutsvaga kusagadzikana mumawebhusaiti?

3.10 Kune nharaunda dzepamhepo kana maforamu panokurukurwa uye nekugovaniswa Google Dorks?

Tichatanga nekujekesa kwauri kuti Dork chii muComputer Science

Haisi chimwe chinhu kunze kwetambo yekutsvagisa yakasarudzika inoshandiswa kuwana ruzivo rwakananga kuburikidza neinjini dzekutsvaga, seGoogle. Aya tambo dzekutsvaga, dzinozivikanwawo se "Google dorks" kana kungoti "dorks", inobvumira vashandisi kuita zvakanyanya uye nemazvo kutsvaga tsvaga ruzivo rwakavanzwa kana rwakadzama rwaisazowanikwa nyore kuburikidza netsvakiridzo yakajairika.

Dzidza nezveGoogle Dorks uye mashandisirwo avanoitwa

Dorks inoumbwa neakananga mazwi uye vashandisi vanopinzwa muinjini yekutsvaga kusefa mhedzisiro yeruzivo rwakananga. Semuenzaniso, dork inogona kugadzirwa kutsvaga madhairekitori akafumurwa, mapassword akaburitswa, mafaera anonzwisa tsitsi, kana mawebhusaiti ari panjodzi yekurwiswa. Dorks anoshandiswa zvakanyanya nevanochengetedza nyanzvi, vaongorori, uye ehutsika hackers kuti vawane uye vaongorore kusagona kuitika mumasisitimu nemashandisirwo.

Ndeapi marudzi eGoogle Dorks uye anoshandiswa sei?

Google Dorks chishandiso chine simba. Iyi mirairo yekutsvaga yepamusoro inobvumira vashandisi kuita zvakanyanya kutsvaga uye kuwana ruzivo rwaisazowanzo kuwanikwa nenzira yakajairika. Heino iyo inonyanya kukosha:

Basic Google Dorks

ari Basic Google Dorks ndiyo yakapfava uye inonyanya kushandiswa yekutsvaga mirairo. Aya madork anotarisa pakutsvaga mazwi akakosha pamapeji ewebhu uye anogona kubatsira pakutsvaga ruzivo rwakananga. Mimwe mienzaniso yeGoogle Dorks yakakosha ndeiyi:

title: Inobvumidza iwe kutsvaga mazwi akakosha mumusoro wewebhu peji. Semuenzaniso, "intitle:hackers" icharatidza mapeji ese ane izwi rekuti "hackers" mumusoro wavo.
inurl: Dork iyi inotsvaga mazwi akakosha muma URL emapeji ewebhu. Semuyenzaniso, "inurl:admin" icharatidza mapeji ese ane izwi rekuti "admin" muURL yavo.
Filetype: Tsvaga mafaera chaiwo zvichienderana nerudzi rwavo. Semuenzaniso, "filetype:pdf" icharatidza mafaera ese ePDF ane hukama neshoko rakataurwa.

advanced dorks

Yepamberi Google Dorks inodarika kutsvaga kwekutanga uye inobvumira kuongorora kwakadzama kwewebhu. Aya madork akagadzirirwa kuwana ruzivo rwakanyanya kana ruzivo.. Mimwe mienzaniso yeGoogle Dorks yepamusoro ndeiyi:

Site: Dork iyi inobvumidza iwe kutsvaga ruzivo rwakananga pane imwe webhusaiti. Semuenzaniso, "saiti:example.com password" inodzosa ese mapeji paexample.com ane izwi rekuti "password".
pabutiro: Dork iyi inoratidza iyo cached vhezheni yewebhu peji. Inobatsira kana iwe uchida kuwana peji yakabviswa kana isiripo parizvino.
batanidzo: Dork iyi inoratidza mapeji anobatanidza kune chaiyo URL. Inogona kubatsira pakutsvaga mawebhusaiti ane hukama kana kutsvaga backlinks.

Dorks kuitira kuchengetedza kombiyuta

Google Dorks zvakare inoshandiswa zvakanyanya mumunda wekuchengetedza komputa kutsvaga kusasimba, kuratidzwa, uye data inonzwisisika. Mimwe mienzaniso yeGoogle Dorks inoshandiswa mukuchengetedza komputa ndeiyi:

Pasiwedhi: Dork iyi inotsvaga mapeji ewebhu ane akafumurwa password mafaera kana madhairekitori ari munjodzi.
Shodani: Inoshandiswa kutsvaga michina yakabatana neInternet kuburikidza neShodan yekutsvaga injini. Semuenzaniso, "shodan:webcam" icharatidza veruzhinji makamera ewebhu.
"Index ye": Inotsvaga faira index madhairekitori pamasevha ewebhu, ayo anogona kufumura mafaera akavanzika kana akavanzika.

Dorks yekutsvaga ruzivo

Google Dorks zvakare maturusi akakosha ekutsvagisa ruzivo uye kuunganidza data. Mimwe mienzaniso yeGoogle Dorks inoshandiswa mukutsvagisa ruzivo ndeiyi:

"mashoko:": Dork iyi inokutendera kuti utsvage izwi rakati kana chirevo mukati mezvinyorwa zvewebhu peji. Semuenzaniso, "intext:OpenAI" icharatidza mapeji ese ane izwi rekuti "OpenAI" mune zvawo.

"inanchor:" Tarisa mazwi akakosha muwebhu peji zvinongedzo. Inogona kubatsira pakutsvaga mawebhusaiti ane hukama neiyo chaiyo musoro kana kiyi izwi.
zvinoenderana:: Ratidza mawebhusaiti ane hukama neiyo URL kana domain. Inogona kubatsira kuwana mawebhusaiti akafanana kana ane hukama neimwe nyaya.

Dorks kutsvaga kusasimba

Google Dorks inoshandiswawo kutsvaga kusazvibata mumawebhusaiti nemaapps. Aya madork akagadzirirwa kutsvaga mawebhusaiti anogona kukurumidza kurwiswa kana kubuda kweruzivo. Mimwe mienzaniso yeGoogle Dorks inoshandiswa mukutsvaga kusashanda ndeiyi:

SQL Jekiseni: Dork iyi inotsvaga mawebhusaiti anogona kuve panjodzi yekurwiswa neSQL jekiseni.
"XSS": Izvi zvinoongorora mawebhusaiti anogona kuve panjodzi yekuyambuka-saiti scripting (XSS) kurwiswa.
File Upload: Inotsvaga mawebhusaiti anobvumidza kukwidzwa kwemafaira, izvo zvinogona kuve njodzi kana isina kuisirwa nemazvo.

kutumira mameseji asingazivikanwe uchishandisa mobile application chinyorwa chivharo

ZVINOFADZA! DZIDZA kutumira mameseji asingazivikanwe uchishandisa mobile Apps

Mimwe Mibvunzo Inowanzo bvunzwa uye mhinduro dzavo nezveGoogle Dorks

Sezvo isu tichida kuti usave nekusahadzika nezve zvishandiso izvi, pano tinokusiira mhinduro dzakanakisa dzekusahadzika kwako:

Zviri pamutemo here kushandisa Google Dorks?

Kushandiswa kweGoogle Dorks pachayo kuri pamutemo. Zvisinei, zvakakosha kuti uzvishandise zvine hutsika uye nehanya. Kushandisa dorks kuita zvinhu zvisiri pamutemo, sekupinda zvisina mvumo kune masisitimu, kutyora zvakavanzika kana kuita hutsotsi, hazvisi pamutemo uye hazvibvumidzwe.

Ndedzipi njodzi dzekushandisa Google Dorks?

Kushandisa zvisina kunaka kana kusatarisira kweGoogle Dorks kunogona kuve nemhedzisiro yakaipa, sekutyora zvakavanzika zvevamwe, kuwana ruzivo rwakadzama pasina mvumo, kana kuita zvinhu zvisiri pamutemo. Izvo zvakakosha kuti unzwisise iyo yetsika uye yemutemo miganho kana uchishandisa aya maturusi.

Ndeapi maitiro ehutsika anoshandiswa eGoogle Dorks?

Hunhu hunoshandiswa neGoogle Dorks hunosanganisira kuona nekugadzirisa kusakanganiswa mumasisitimu nemaapplication, kuongorora kuchengetedzwa kwewebhusaiti, uye kutsvaga ruzivo rwakafumurwa kuzivisa varidzi uye kubatsira kuchengetedza kuvanzika uye chengetedzo.

Ndingadzidza sei kushandisa Google Dorks zvinobudirira?

Iwe unogona kudzidza kushandisa Google Dorks zvinobudirira kuburikidza nekutsvagisa, kuverenga zvinyorwa, kutora chikamu munharaunda yekuchengetedza makomputa uye maforamu, uye kudzidzira. Kune zviwanikwa zvepamhepo, zvidzidzo, uye makosi anogona kukubatsira kuvandudza hunyanzvi hwako mukushandisa Google Dorks.

Google Dork Type	Muenzaniso weGoogle Dork
basic search	musoro: "keyword"
	inurl:"keyword"
	filetype: "rudzi rwefaira"
	saiti: "domain.com"
	cache: "URL"
	link: "URL"
Komputa kuchengetedzwa	chinyorwa:"SQL kukanganisa"
	chirevo: "password yakaburitswa"
	intext: "security settings"
	inurl: "admin.php"
	musoro: "control panel"
	saiti: "domain.com" ext:sql
Zvakavanzika	chinyorwa:"ruzivo rwezvakavanzika"
	intitle: "password file"
	filetype: docx "chakavanzika"
	inurl: "file.pdf" intext:"nhamba yekuchengetedzwa kwevanhu"
	inurl: "backup" ext:sql
	musoro: "directory index"
kuongorora webhusaiti	saiti:domain.com "login"
	saiti:domain.com "index ye"
	saiti:domain.com intitle: "password faira"
	saiti:domain.com ext:php intext: "SQL kukanganisa"
	saiti:domain.com inurl: "admin"
	site:domain.com filetype:pdf
vamwe	allinurl: "keyword"
	allintext: "keyword"
	zvinoenderana:domain.com
	info:domain.com
	tsanangura: "izwi"
	bhuku rerunhare: "zita rekutaura"

citeia.com

Pane here dzimwe nzira dzekushandisa pakutsvaga kwepamusoro?

Hongu, kune mamwe maturusi uye matekiniki ekuita tsvakurudzo dzepamusoro, dzakadai seBing dorks, Yandex dorks kana Shodan (yekutsvaga michina yakabatana neInternet). Imwe neimwe ine maitiro ayo chaiwo uye maitiro.

Ndingadzivirira sei webhusaiti yangu kana app kuti isawanikwe neGoogle Dorks?

Kuti udzivirire webhusaiti yako kana app kuti isawanikwe neGoogle Dorks, zvakakosha kuti uite maitiro akanaka ekuchengetedza, sekuita shuwa kuti madhairekitori ane hunyanzvi uye mafaera akachengetedzwa, kuchengetedza software ichiri kutsvagwa, kushandisa zvigadziriso zvakanaka, uye kuita bvunzo dzekupinda mukati. cherechedza zvinogoneka.

Ndeapi matanho ekuchengetedza andinofanira kutora kana ndikawana kuti webhusaiti yangu iri panjodzi kuburikidza neGoogle Dorks?

Kana iwe ukaona kuti webhusaiti yako iri panjodzi kuburikidza neGoogle Dorks, zvakakosha kuti utore matanho nekukurumidza kugadzirisa kusasimba. Izvi zvinogona kusanganisira kupeta sisitimu, kugadzirisa zvikanganiso zvekugadzirisa, kurambidza kupinda kusingatenderwe, uye kuvandudza kuchengetedzwa kwese kwesaiti.

Anogona kushandiswa mune dzimwe injini dzekutsvaga kunze kweGoogle?

Nepo Google Dorks iri mirairo yakagadzirirwa kushandiswa paGoogle yekutsvaga injini, mamwe evashandisi uye matekiniki anogona kuiswa kune mamwe ekutsvaga injini zvakare. Nekudaro, zvakakosha kuti ticherechedze kusiyana kwe syntax nemhedzisiro pakati peinjini dzekutsvaga.

Ndingashandisa sei Google Dorks kutsvaga kusagadzikana mumawebhusaiti?

Unogona kushandisa Google Dorks kutsvaga kusazvibata mumawebhusaiti nekuona chaiwo mapatani mumaURL, kutsvaga madhairekitori akafumurwa, kutsvaga mafaera anonzwisa tsitsi, kana kutsvaga mameseji ekukanganisa anogona kuratidza ruzivo rwakadzama. Zvakakosha kuita izvi nenzira yetsika uye kuremekedza kuvanzika kwevamwe.

Kune nharaunda dzepamhepo kana maforamu panokurukurwa uye nekugovaniswa Google Dorks?

Ehe, kune nharaunda dzepamhepo uye maforamu uko nyanzvi dzekuchengetedza ruzivo uye vanofarira vanogovana ruzivo, matekiniki, uye kukurukura nezvekushandiswa kweGoogle Dorks. Idzi nzvimbo dzinogona kubatsira pakudzidza, kugovana ruzivo uye kufambirana neazvino maitiro ekushandisa madhoki.

Mamwe maforamu uye nharaunda dzepamhepo uko ruzivo nezve mashandisirwo eGoogle Dorks nekuchengetedzwa kwekombuta zvinokurukurwa nekugovaniswa ndeizvi:

Shandisa Database Nharaunda: Nharaunda yepamhepo yakatsaurirwa kuchengetedzeka kwekombuta uye kugovana ruzivo nezvekusagadzikana uye zviitiko. (https://www.exploit-db.com/)
Reddit - r/NetSec: A subreddit yakatsaurirwa kuchengetedza komputa, uko nyanzvi nevanofarira vanogovana nhau dzine chekuita nekuchengetedza, nhaurirano, uye hunyanzvi. (https://www.reddit.com/r/netsec/)
HackerOne Nharaunda: Nharaunda yevabiki vetsika uye nyanzvi dzekuchengetedza online, uko kusasimba, nzira dzekuchengetedza dzinokurukurwa, uye zvakawanikwa zvinogoverwa. (https://www.hackerone.com/community)
Iyo Ethical Hacker Network: Nharaunda yepamhepo yevashandi vekuchengetedza ruzivo uye matsotsi etsika, uko zviwanikwa zvinogovaniswa, hunyanzvi hunokurukurwa, uye kubatana kunoitwa. (https://www.ethicalhacker.net/)
SecurityTrails Nharaunda Forum: Yepamhepo chengetedzo foramu uko nyanzvi dzekuchengetedza uye vanofarira vanokurukura nezvekuchengetedza komputa zvine chekuita nenyaya, kusanganisira kushandiswa kweGoogle Dorks. (https://community.securitytrails.com/)

Google Dork Type	Muenzaniso weGoogle Dork
basic search	musoro: "keyword"
	inurl:"keyword"
	filetype: "rudzi rwefaira"
	saiti: "domain.com"
	cache: "URL"
	link: "URL"
Komputa kuchengetedzwa	chinyorwa:"SQL kukanganisa"
	chirevo: "password yakaburitswa"
	intext: "security settings"
	inurl: "admin.php"
	musoro: "control panel"
	saiti: "domain.com" ext:sql
Zvakavanzika	chinyorwa:"ruzivo rwezvakavanzika"
	intitle: "password file"
	filetype: docx "chakavanzika"
	inurl: "file.pdf" intext:"nhamba yekuchengetedzwa kwevanhu"
	inurl: "backup" ext:sql
	musoro: "directory index"
kuongorora webhusaiti	saiti:domain.com "login"
	saiti:domain.com "index ye"
	saiti:domain.com intitle: "password faira"
	saiti:domain.com ext:php intext: "SQL kukanganisa"
	saiti:domain.com inurl: "admin"
	site:domain.com filetype:pdf
vamwe	allinurl: "keyword"
	allintext: "keyword"
	zvinoenderana:domain.com
	info:domain.com
	tsanangura: "izwi"
	bhuku rerunhare: "zita rekutaura"