Google Dorks: Sahaminta noocyadooda iyo sida loo isticmaalo [Cheatsheet]
Dunida ballaaran ee raadinta internetka, waxaa jira habab aad u horumarsan oo lagu raadiyo macluumaad gaar ah oo ka baxsan in si fudud loo galo ereyada muhiimka ah ee raadinta. Mid ka mid ah farsamooyinkan raadinta ee aadka u casrisan ayaa caan ku noqday dhinaca amniga kombiyuutarka iyo baaritaanka macluumaadka, Google Dorks.
Waxaan ka hadlaynaa amarro taxane ah iyo farsamooyin u oggolaanaya isticmaaleyaasha inay si sax ah oo waxtar leh u helaan macluumaadka qarsoon iyo kuwa xasaasiga ah.
Maqaalkan, waxaan ku baari doonaa siyaabaha kala duwan ee loo isticmaalo isticmaalayaashu waxay balaadhin karaan xirfadahooda raadinta internetka; Soo hel xog qiimo leh adoon ku tiirsanayn raadinta caadiga ah oo keliya. Akhri ilaa dhamaadka oo noqo khabiir ku saabsan helida macluumaadka internetka.
Waxaa muhiim ah in la ogaado in dorksyada loo isticmaalo si anshax iyo sharci ah. Isticmaalka dorks si loo galo, looga faa'iidaysto, ama u tanaasulo nidaamyada ogolaansho la'aan waa hawl aan sharci ahayn iyo xad gudub sirta iyo amniga. Dorks waa qalab awood leh, laakiin isticmaalkoodu waa inuu la jaanqaadaa mabaadi'da anshaxa iyo sharciga ah..
Waxaanu ku bilaabaynaa inaanu kuu cadayno waxa uu Dork ku yahay Sayniska Kombiyuutarka
Ma aha wax ka badan xadhig raadin gaar ah oo loo isticmaalo in lagu helo macluumaad gaar ah iyada oo loo marayo matoorada raadinta, sida Google. Xadhkaha raadinta, oo sidoo kale loo yaqaan "Google dorks" ama si fudud "dorks", waxay u oggolaadaan isticmaalayaasha inay sameeyaan baaritaanno horumarsan oo sax ah Soo hel macluumaadka qarsoon ama xasaasiga ah ee aan si fudud lagu heli karin raadinta caadiga ah.
Dorks waxay ka kooban yihiin ereyo muhiim ah iyo hawl-wadeeno kuwaas oo la geliyo mashiinka raadinta si loo shaandheeyo natiijooyinka macluumaadka gaarka ah. Tusaale ahaan, dork waxaa laga yaabaa in loo qaabeeyey in lagu raadiyo hagayaasha qarsoon, ereyada sirta ah ee soo daatay, faylasha xasaasiga ah, ama mareegaha u nugul in la weeraro. Dorks waxaa si weyn u isticmaala khubarada amniga, cilmi-baarayaasha, iyo hackers-ka anshaxa si ay u helaan oo ay u qiimeeyaan dayacanka ka iman kara nidaamyada iyo codsiyada.
Waa maxay noocyada Google Dorks iyo sidee loo isticmaalaa?
Google Dorks waa qalab awood leh. Amaradan raadinta horumarsan waxay u oggolaanayaan isticmaaleyaasha inay sameeyaan baaritaanno gaar ah oo ay ogaadaan macluumaadka aan sida caadiga ah loo heli karin si caadi ah. Halkan waxa ugu muhiimsan:
Google Dorks aasaasiga ah
ka Aasaaska Google Dorks waa amarrada raadinta ugu fudud uguna badan ee la isticmaalo. Dorks-yadani waxay diiradda saaraan raadinta ereyada muhiimka ah ee bogagga shabakadda waxayna faa'iido u yeelan karaan helitaanka macluumaad gaar ah. Tusaalooyinka qaar ee Google Dorks-ka aasaasiga ah waa:
- horyaalka: Waxay kuu ogolaataa inaad ka raadiso ereyada muhiimka ah ee cinwaanka bogga shabakadda. Tusaale ahaan, "intitle:hackers" waxay soo bandhigi doonaan dhammaan boggaga uu ku jiro ereyga "hackers" ee cinwaankooda.
- inurlDork-kan wuxuu raadiyaa ereyada muhiimka ah ee URL-yada bogagga shabakadda. Tusaale ahaan, "inurl:admin" waxay soo bandhigi doontaa dhammaan boggaga ka kooban ereyga "admin" URLkooda.
- Nooca faylkaRaadi faylal gaar ah oo ku salaysan nooca ay yihiin. Tusaale ahaan, "filetype: pdf" waxay soo bandhigi doontaa dhammaan faylasha PDF ee la xidhiidha ereyga muhiimka ah ee la cayimay.
dorks horumarsan
Sarreysa Google Dorks waxay dhaaftaa raadinta aasaasiga ah waxayna oggolaadaan sahaminta qoto dheer ee shabakadda. Dorks-yadan waxaa loogu talagalay in lagu helo macluumaad badan oo xasaasi ah ama gaar ah.. Tusaalooyinka qaar ee Google Dorks horumarsan waa:
- SiteDork-kan wuxuu kuu ogolaanayaa inaad macluumaad gaar ah ka raadiso shabakad gaar ah. Tusaale ahaan, "site:example.com password" waxa ay soo celin doontaa dhammaan boggaga tusaale.com ee ka kooban ereyga "password".
- coverDork-kan waxa uu tusinayaa nooca la kaydiyay ee bogga shabakadda. Waa faa'iido leh markaad rabto inaad gasho bog laga saaray ama hadda aan la heli karin.
- LinkDork-kan waxa uu tusinayaa boggaga ku xidha URL gaar ah. Waxay faa'iido u yeelan kartaa helitaanka mareegaha xiriirka la leh ama helitaanka dib-u-xirmooyinka.
Dorks ammaanka kombiyuutarka
Google Dorks ayaa sidoo kale si weyn loogu isticmaalaa goobta amniga kumbuyuutarka si loo raadiyo dayacanka, muujinta, iyo xogta xasaasiga ah. Tusaalooyinka qaar ee Google Dorks ee loo isticmaalo amniga kumbuyuutarka waa:
- PasswordDork-kan wuxuu raadiyaa bogag shabakadeed oo ay ku jiraan faylal sir ah oo qarsoon ama hagayaal nugul.
- Shodan: Waxaa loo isticmaalaa in lagu raadiyo aaladaha ku xiran internetka iyada oo loo marayo mashiinka raadinta ee Shodan. Tusaale ahaan, "shodan:webcam" waxay tusi doontaa kamaradaha shabakada si guud loo heli karo.
- "Tusmada": Wuxuu baadhayaa tusaha tusaha faylalka ee server-yada shabakadda, kaas oo soo bandhigi kara faylasha xasaasiga ah ama gaarka ah.
Dorks cilmi baarista macluumaadka
Google Dorks sidoo kale waa qalab qiimo leh oo loogu talagalay cilmi-baarista macluumaadka iyo ururinta xogta. Tusaalooyinka qaar ee Google Dorks ee loo isticmaalo cilmi baarista macluumaadka waa:
- "text:"Dork-kan wuxuu kuu oggolaanayaa inaad ka raadiso kelmad gaar ah ama odhaah gaar ah oo ku jirta nuxurka bogga shabakadda. Tusaale ahaan, "intext:OpenAI" waxay soo bandhigi doontaa dhammaan boggaga ka kooban ereyga "OpenAI" ee ku jira nuxurkooda.
- "innchor:" Ka raadi ereyada muhiimka ah ee gaarka ah isku xirka boggaga internetka. Waxay faa'iido u yeelan kartaa helitaanka mareegaha la xidhiidha mawduuc gaar ah ama ereyga muhiimka ah.
- la xidhiidha:: Muuji shabakadaha la xidhiidha URL gaar ah ama domain. Waxay kaa caawin kartaa helitaanka mareegaha la midka ah ama la xidhiidha mawduuc gaar ah.
Dorks si loo baadho dayacanka
Google Dorks ayaa sidoo kale loo isticmaalaa in lagu raadiyo dayacanka mareegaha iyo abka. Dorks-yadan waxaa loogu talagalay in lagu helo mareegaha laga yaabo inay u nuglaadaan weerarrada ama daadinta macluumaadka. Tusaalooyinka qaar ee Google Dorks ee loo isticmaalo raadinta baylahda waa:
- Cirbadda SQLDork-kan wuxuu raadiyaa mareegaha laga yaabo inay u nuglaadaan weerarrada cirbadeynta SQL.
- "XSS"Tani waxay baadhaysaa mareegaha laga yaabo inay u nuglaadaan weerarrada qoraalka-site-ka ah (XSS).
- Soo dejinta faylka: Waxay raadisaa mareegaha oggolow gelinta faylasha, taas oo noqon karta baylahda iman karta haddii aan si sax ah loo hirgelin.
SIDEE XIISO LEH! BANDHIG sida loo diro fariimaha qarsoodiga ah iyadoo la isticmaalayo mobile Apps
Qaar ka mid ah Su'aalaha Inta badan La Isweydiiyo iyo jawaabahooda ku saabsan Google Dorks
Maadaama aan doonayno inaadan wax shaki ah ka qabin qalabkan, halkan waxaan kuugu daynaynaa jawaabaha ugu fiican ee shakigaaga:
Ma sharci baa in la isticmaalo Google Dorks?
Isticmaalka Google Dorks lafteedu waa sharci. Si kastaba ha ahaatee, waa muhiim in loo isticmaalo si anshax iyo mas'uuliyad leh. Isticmaalka dorks ee hawlaha sharci darrada ah, sida gelitaanka nidaamka aan la ogalayn, ku xad-gudbidda sirta ama samaynta khiyaamo, waa sharci-darro lamana oggola.
Waa maxay khataraha isticmaalka Google Dorks?
Isticmaalka aan saxda ahayn ama masuuliyad darada ah ee Google Dorks waxay yeelan kartaa cawaaqib xun, sida ku xadgudubka sirta dadka kale, helitaanka macluumaadka xasaasiga ah fasax la'aan, ama ku lug yeelashada hawlo sharci darro ah. Waa muhiim in la fahmo xadka anshaxa iyo sharciga marka la isticmaalayo qalabkan.
Waa maxay isticmaalka anshaxa Google Dorks?
Isticmaalka anshaxeed ee Google Dorks waxaa ka mid ah aqoonsiga iyo hagaajinta dayacanka nidaamyada iyo codsiyada, qiimeynta amniga mareegaha, iyo helida macluumaadka qarsoon si loo ogeysiiyo milkiilayaasha iyo caawinta ilaalinta sirta iyo amniga.
Sideen ku baran karaa isticmaalka Google Dorks si wax ku ool ah?
Waxaad ku baran kartaa inaad si wax ku ool ah u isticmaasho Google Dorks adigoo isticmaalaya cilmi baaris, akhrinta dukumentiyada, ka qayb qaadashada amniga kombayuutarka iyo golayaasha, iyo ku celcelinta. Waxaa jira agab online ah, casharro, iyo koorsooyin kaa caawin kara horumarinta xirfadahaaga isticmaalka Google Dorks.
| Nooca Dork Google | Tusaalaha Google Dork |
|---|---|
| raadinta aasaasiga ah | cinwaan:"keyword" |
| inurl: "keyword" | |
| filetype: "nooca faylka" | |
| goobta: "domain.com" | |
| kayd:"URL" | |
| isku xirka:"URL" | |
| Amniga aan rasmiga ahayn | intext: "Cilaad SQL" |
| intext: "password-ka ayaa soo daatay" | |
| intext: "security settings" | |
| inurl:"admin.php" | |
| intitle:"kontoroolka" | |
| goobta:"domain.com" ext:sql | |
| Xog sir ah | intext: "xog sir ah" |
| intitle: "faylka sirta ah" | |
| filetype:docx "si qarsoodi ah" | |
| inurl:"file.pdf" intext:"lambarka amniga bulshada" | |
| inurl:"backup" ext:sql | |
| Cinwaanka: "tusaha tusaha" | |
| sahaminta mareegaha | site:domain.com "login" |
| site:domain.com "index of" | |
| site:domain.com intitle:"password file" | |
| site:domain.com ext: php intext: "Cilaad SQL" | |
| site:domain.com inurl:"admin" | |
| site:domain.com filetype:pdf | |
| kuwa kale | allinurl:"keyword" |
| allintext: "keyword" | |
| xiriir:domain.com | |
| info:domain.com | |
| qeex:"term" | |
| Buuga taleefoonka:"magaca xiriirka" |
Ma jiraan waxyaabo kale oo lagu badali karo qalabkan raadinta horumarsan?
Haa, waxaa jira qalab iyo farsamooyin kale oo lagu sameeyo baaritaanno horumarsan, sida Bing dorks, Yandex dorks ama Shodan (ka raadinta aaladaha internetka ku xiran). Mid kastaa wuxuu leeyahay astaamo gaar ah iyo habraacyo.
Sideen uga ilaalin karaa mareegahayga ama app-ka in uu helo Google Dorks?
Si aad uga ilaaliso degelkaaga ama app-kaaga Google Dorks, waa muhiim in la hirgeliyo dhaqamada amniga ee wanaagsan, sida hubinta in hagayaasha xasaasiga ah iyo faylalka la ilaaliyo, in la casriyeeyo software-ka, ku dabaqida goobaha amniga wanaagsan, iyo samaynta tijaabooyinka gelitaanka aqoonsadaan baylahda suurtagalka ah.
Waa maxay tillaabooyinka amniga ee aan qaado haddii aan ogaado in mareegahaygu uu u nugul yahay Google Dorks?
Haddii aad ogaato in mareegahaagu uu u nugul yahay Google Dorks, waxaa muhiim ah in la qaado tillaabo degdeg ah oo lagu hagaajinayo dayacanka. Tan waxaa ku jiri kara dhejinta nidaamka, hagaajinta khaladaadka qaabeynta, xaddidida gelitaanka aan la oggolayn, iyo hagaajinta amniga guud ee goobta.
Ma lagu isticmaali karaa matoorada kale ee raadinta Google ka sokow?
Iyadoo Google Dorks ay yihiin amarro loogu talagalay in lagu isticmaalo mashiinka raadinta Google, qaar ka mid ah hawlwadeenada iyo farsamooyinka ayaa lagu dabaqi karaa matoorada kale ee raadinta sidoo kale. Si kastaba ha ahaatee, waxaa muhiim ah in la ogaado farqiga u dhexeeya syntax iyo natiijooyinka u dhexeeya makiinadaha raadinta.
Sideen u isticmaali karaa Google Dorks si aan uga raadiyo dayacanka mareegaha?
Waxaad isticmaali kartaa Google Dorks si aad uga raadiso dayacanka mareegaha adiga oo garanaya qaababka gaarka ah ee URL-yada, raadinta hagaha qarsoon, raadinta faylasha xasaasiga ah, ama raadinta farriimaha khaladka ah ee muujin kara macluumaadka xasaasiga ah. Waa muhiim in sidaas loo sameeyo si anshax leh oo la ixtiraamo sirta dadka kale.
Ma jiraan bulshooyin online ah ama goleyaal Google Dorks lagaga hadlo lana wadaago?
Haa, waxaa jira bulshooyin online ah iyo goleyaal ay khubarada amniga macluumaadka iyo xiiseyayaashu wadaagaan macluumaadka, farsamooyinka, oo ay kaga hadlaan isticmaalka Google Dorks. Meelahan waxay faa'iido u yeelan karaan barashada, wadaagista aqoonta iyo la socoshada isbeddellada ugu dambeeyay ee isticmaalka dorks.
Qaar ka mid ah golayaasha iyo bulshooyinka onlineka ah ee aqoonta ku saabsan isticmaalka Google Dorks iyo ilaalinta kombayutarka lagaga hadlo lana wadaago waa kuwan:
- Ka faa'iidayso Database Community: Bulsho online ah oo u heellan ilaalinta kombayutarka iyo wadaagga macluumaadka ku saabsan dayacanka iyo ka faa'iidaysiga. (https://www.exploit-db.com/)
- Reddit – r/NetSec: Subreddit u heellan ilaalinta kombayutarka, halkaas oo xirfadlayaasha iyo xiiseeyayaasha ay wadaagaan wararka, doodaha, iyo farsamooyinka la xiriira amniga. (https://www.reddit.com/r/netsec/)
- HackerOne Community: Bulsho ka kooban hackers anshaxa iyo xirfadlayaasha amniga onlayn, halkaas oo dayacanka, farsamooyinka amniga lagaga hadlo, iyo natiijooyinka la wadaago. (https://www.hackerone.com/community)
- Shabakadda Hackers-ka Anshaxa: Bulsho online ah oo loogu talagalay xirfadlayaasha amniga macluumaadka iyo tuugta anshaxa, halkaas oo agabka la wadaago, farsamooyinka laga hadlo, lagana wada shaqeeyo. (https://www.ethicalhacker.net/)
- SecurityTrails Community Forum: Madal amniga onlaynka ah halkaas oo xirfadlayaasha amniga iyo dadka xiiseeya ay kaga hadlaan mowduucyada la xiriira amniga kumbuyuutarka, oo ay ku jiraan adeegsiga Google Dorks. (https://community.securitytrails.com/)
| Nooca Dork Google | Tusaalaha Google Dork |
|---|---|
| raadinta aasaasiga ah | cinwaan:"keyword" |
| inurl: "keyword" | |
| filetype: "nooca faylka" | |
| goobta: "domain.com" | |
| kayd:"URL" | |
| isku xirka:"URL" | |
| Amniga aan rasmiga ahayn | intext: "Cilaad SQL" |
| intext: "password-ka ayaa soo daatay" | |
| intext: "security settings" | |
| inurl:"admin.php" | |
| intitle:"kontoroolka" | |
| goobta:"domain.com" ext:sql | |
| Xog sir ah | intext: "xog sir ah" |
| intitle: "faylka sirta ah" | |
| filetype:docx "si qarsoodi ah" | |
| inurl:"file.pdf" intext:"lambarka amniga bulshada" | |
| inurl:"backup" ext:sql | |
| Cinwaanka: "tusaha tusaha" | |
| sahaminta mareegaha | site:domain.com "login" |
| site:domain.com "index of" | |
| site:domain.com intitle:"password file" | |
| site:domain.com ext: php intext: "Cilaad SQL" | |
| site:domain.com inurl:"admin" | |
| site:domain.com filetype:pdf | |
| kuwa kale | allinurl:"keyword" |
| allintext: "keyword" | |
| xiriir:domain.com | |
| info:domain.com | |
| qeex:"term" | |
| Buuga taleefoonka:"magaca xiriirka" |