I-Google Dorks: Ihlola izinhlobo zazo nokuthi zisetshenziswa kanjani [Cheatsheet]
Emhlabeni omkhulu wokusesha ku-inthanethi, kunezindlela ezithuthuke kakhulu zokusesha ulwazi oluthile oludlula ukufaka amagama angukhiye enjini yokusesha. Enye yalezi zindlela zokusesha eziyinkimbinkimbi isidume kakhulu emkhakheni wezokuphepha kwekhompyutha kanye nophenyo lolwazi, i-Google Dorks.
Sikhuluma ngochungechunge lwemiyalo namasu avumela abasebenzisi ukuthi bathole ulwazi olufihliwe nolubucayi ngokunembe nangempumelelo.
Kulesi sihloko, sizohlola izindlela ezahlukene abasebenzisi bangakhulisa amakhono abo okusesha ku-inthanethi; thola idatha ebalulekile ngaphandle kokuthembela ekusesheni okuvamile. Funda kuze kube sekupheleni futhi ube uchwepheshe wokuthola ulwazi ku-inthanethi.
Kubalulekile ukuqaphela ukuthi ama-dorks kufanele asetshenziswe ngokuziphatha nasemthethweni. Ukusebenzisa ama-dorks ukufinyelela, ukuxhaphaza, noma ukuyekethisa ngaphandle kokugunyazwa kuwumsebenzi ongekho emthethweni futhi kuwukwephula ubumfihlo nokuvikeleka. Ama-Dorks ayithuluzi elinamandla, kodwa ukusetshenziswa kwawo kufanele kuhambisane nezimiso zokuziphatha nezomthetho ezimisiwe..
Sizoqala ngokukucacisela ukuthi iyini iDork kuComputer Science
Akuyona into engaphezu kochungechunge lokusesha olukhethekile olusetshenziselwa ukuthola ulwazi oluthile ngezinjini zokusesha, njenge-Google. Lezi zintambo zokusesha, ezaziwa nangokuthi "i-Google dorks" noma "dorks", zivumela abasebenzisi ukuthi benze usesho oluthuthuke kakhulu nolunembe kakhudlwana. thola ulwazi olufihliwe noma olubucayi obungeke lufinyeleleke kalula ngokusesha okuvamile.
Ama-Dorks akhiwe ngamagama angukhiye athile kanye nama-opharetha afakwe enjini yokusesha ukuze ahlunge imiphumela yolwazi oluthile. Isibonelo, i-dork ingase yakhelwe ukucinga izinkomba eziveziwe, amagama ayimfihlo aputshuziwe, amafayela abucayi, noma amawebhusayithi asengozini yokuhlaselwa. Ama-Dorks asetshenziswa kakhulu ngochwepheshe bezokuphepha, abacwaningi, nezigebengu ze-ethics ukuze bathole futhi bahlole ubungozi obungaba khona kumasistimu nezinhlelo zokusebenza.
Yiziphi izinhlobo ze-Google Dorks futhi zisetshenziswa kanjani?
I-Google Dorks iyithuluzi elinamandla. Le miyalo yosesho ethuthukisiwe ivumela abasebenzisi ukuthi benze ukusesha okuqondile futhi bathole ulwazi obengeke lufinyeleleke ngendlela evamile. Nakhu okubaluleke kakhulu:
I-Basic Google Dorks
I-Los I-Basic Google Dorks yimiyalo yokusesha elula futhi evame ukusetshenziswa kakhulu. Lezi dorks zigxile ekusesheni amagama angukhiye athile emakhasini ewebhu futhi zingaba usizo ekutholeni ulwazi oluthile. Ezinye izibonelo ze-Google Dorks eziyisisekelo yilezi:
- isihloko: Ikuvumela ukuthi useshe amagama angukhiye esihlokweni sekhasi lewebhu. Isibonelo, i-"intitle:hackers" izoveza wonke amakhasi aqukethe igama elithi "hackers" esihlokweni sawo.
- inurl: Le doki ibheka amagama angukhiye kuma-URL wamakhasi ewebhu. Isibonelo, "inurl:admin" izobonisa wonke amakhasi aqukethe igama elithi "admin" kuma-URL awo.
- Uhlobo lwefayela: Sesha amafayela athile ngokusekelwe ohlotsheni lwawo. Isibonelo, "i-filetype:pdf" izobonisa wonke amafayela e-PDF ahlobene negama elingukhiye elishiwo.
dorks eziphambili
I-Google Dorks Ethuthukisiwe idlula ukusesha okuyisisekelo futhi ivumela ukuhlola okujulile kwewebhu. Lawa ma-dork aklanyelwe ukuthola ulwazi olubucayi noma oluqondile.. Ezinye izibonelo ze-Google Dorks ethuthukisiwe yilezi:
- Site: Le doki ikuvumela ukuthi useshe ulwazi oluthile kuwebhusayithi ethile. Isibonelo, "i-site:example.com iphasiwedi" izobuyisela wonke amakhasi ku-example.com aqukethe igama elithi "iphasiwedi".
- ikhava: Le doki ibonisa inguqulo egcinwe kunqolobane yekhasi lewebhu. Kuwusizo uma ufuna ukufinyelela ikhasi elisusiwe noma elingatholakali okwamanje.
- isixhumanisi: Le dork ibonisa amakhasi axhuma ku-URL ethile. Kungaba usizo ekutholeni amawebhusayithi ahlobene noma ukuthola ama-backlink.
I-Dorks yokuphepha kwekhompyutha
I-Google Dorks iphinde isetshenziswe kabanzi emkhakheni wezokuphepha kwekhompyutha ukucinga ubungozi, ukuchayeka, nedatha ebucayi. Ezinye izibonelo ze-Google Dorks ezisetshenziswa ekuvikelekeni kwekhompyutha yilezi:
- Iphasiwedi: Le doki ibheka amakhasi ewebhu anamafayela ephasiwedi aveziwe noma izinkomba ezisengozini.
- I-Shodan: Isetshenziselwa ukusesha amadivayisi axhumeke ku-inthanethi ngenjini yokusesha yakwaShodan. Isibonelo, "i-shodan:ikhamera yewebhu" izobonisa amakhamera ewebhu afinyeleleka esidlangalaleni.
- "Inkomba ye": Isesha izinkomba zenkomba yefayela kumaseva ewebhu, angadalula amafayela azwelayo noma ayimfihlo.
Dorks ocwaningweni lolwazi
I-Google Dorks futhi ingamathuluzi abalulekile ocwaningo lolwazi nokuqoqwa kwedatha. Ezinye izibonelo ze-Google Dorks ezisetshenziswa ocwaningweni lolwazi yilezi:
- "umbhalo:": Le doki ikuvumela ukuthi useshe igama elithile noma ibinzana ngaphakathi kokuqukethwe kwekhasi lewebhu. Isibonelo, "umbhalo:OpenAI" uzobonisa wonke amakhasi aqukethe igama elithi "OpenAI" kokuqukethwe kwawo.
- "Inanchor:" Bheka amagama angukhiye athile kuzixhumanisi zekhasi lewebhu. Kungaba usizo ekutholeni amawebhusayithi ahlobene nesihloko esithile noma igama elingukhiye.
- okuhlobene:: Bonisa amawebhusayithi ahlobene ne-URL ethile noma isizinda. Kungasiza ukuthola amawebhusayithi afanayo noma ahlobene nesihloko esithile.
Dorks ukucinga ubungozi
I-Google Dorks isetshenziselwa ukucinga ubungozi kumawebhusayithi nezinhlelo zokusebenza. Lawa ma-dork aklanyelwe ukuthola amawebhusayithi okungenzeka ahlaselwe noma ukuvuza kolwazi. Ezinye izibonelo ze-Google Dorks ezisetshenziswa ekusesheni ubungozi yilezi:
- Umjovo we-SQL: Le dork ibheka amawebhusayithi okungenzeka abe sengozini yokuhlaselwa umjovo we-SQL.
- "XSS": Lokhu kuskena amawebhusayithi okungenzeka abe sengozini yokuhlaselwa kwe-cross-site scripting (XSS).
- Ukulayisha Kwefayela: Ibheka amawebhusayithi avumela ukulayishwa kwamafayela, okungaba sengozini enkulu uma ingasetshenziswanga ngendlela efanele.
YEKA Ithakazelisa! THOLA uyithumela kanjani imiyalezo engaziwa usebenzisa Izinhlelo zokusebenza zeselula
Eminye Imibuzo Evame Ukubuzwa kanye nezimpendulo zayo mayelana ne-Google Dorks
Njengoba sifuna ukuthi ungabi nokungabaza mayelana nalawa mathuluzi, lapha sikushiyela izimpendulo ezingcono kakhulu zokungabaza kwakho:
Ingabe kusemthethweni ukusebenzisa i-Google Dorks?
Ukusetshenziswa kwe-Google Dorks ngokwayo kusemthethweni. Nokho, kubalulekile ukuzisebenzisa ngokuziphatha nangokuzibophezela. Ukusebenzisa ama-dorks ukwenza imisebenzi engekho emthethweni, njengokufinyelela kumasistimu ngaphandle kokugunyazwa, ukwephula ubumfihlo noma ukwenza ukukhwabanisa, akukho emthethweni futhi akuvunyelwe.
Yiziphi izingozi zokusebenzisa i-Google Dorks?
Ukusebenzisa i-Google Dorks ngendlela engafanele noma engafanele kungaba nemiphumela engemihle, njengokwephula ubumfihlo babanye, ukufinyelela ulwazi olubucayi ngaphandle kwemvume, noma ukuhlanganyela emisebenzini engekho emthethweni. Kubalulekile ukuqonda imikhawulo yesimilo nezomthetho uma usebenzisa lawa mathuluzi.
Yiziphi izindlela zokuziphatha ze-Google Dorks?
Ukusetshenziswa okunokuziphatha kwe-Google Dorks kufaka phakathi ukukhomba nokulungisa ubungozi kumasistimu nezinhlelo zokusebenza, ukuhlola ukuphepha kwewebhusayithi, kanye nokuthola ulwazi oludaluliwe ukwazisa abanikazi nokusiza ukuvikela ubumfihlo nokuphepha.
Ngingafunda kanjani ukusebenzisa i-Google Dorks ngempumelelo?
Ungafunda ukusebenzisa i-Google Dorks ngempumelelo ngocwaningo, ukufunda imibhalo, ukubamba iqhaza emiphakathini yokuphepha kwamakhompiyutha nezinkundla, nokuzilolonga. Kunezinsiza eziku-inthanethi, okokufundisa, nezifundo ezingakusiza uthuthukise amakhono akho okusebenzisa i-Google Dorks.
| Uhlobo lwe-Google Dork | Isibonelo se-Google Dork |
|---|---|
| usesho oluyisisekelo | isihloko: "igama elingukhiye" |
| inurl:"igama elingukhiye" | |
| i-filetype: "uhlobo lwefayela" | |
| indawo: "domain.com" | |
| inqolobane: "URL" | |
| isixhumanisi: "URL" | |
| Ukuphepha kwekhompyutha | umbhalo:"Iphutha le-SQL" |
| umbhalo: "iphasiwedi iputshukile" | |
| umbhalo: "izilungiselelo zokuphepha" | |
| inurl: "admin.php" | |
| isihloko: "iphaneli yokulawula" | |
| indawo: "domain.com" ext:sql | |
| Ulwazi oluyimfihlo | umbhalo:"ulwazi oluyimfihlo" |
| isihloko: "ifayela lephasiwedi" | |
| filetype:docx "okuyimfihlo" | |
| inurl:"file.pdf" umbhalo:"inombolo yokuphepha yomphakathi" | |
| inurl:"isipele" ext:sql | |
| isihloko: "inkomba yohla lwemibhalo" | |
| ukuhlola iwebhusayithi | indawo:domain.com "login" |
| indawo:domain.com "inkomba ye" | |
| site:domain.com intitle:"ifayela lephasiwedi" | |
| site:domain.com ext:php intext:"Iphutha le-SQL" | |
| indawo:domain.com inurl:"admin" | |
| site:domain.com filetype:pdf | |
| abanye | allinurl:"igama elingukhiye" |
| allintext:"igama elingukhiye" | |
| okuhlobene:domain.com | |
| ulwazi:domain.com | |
| chaza: "igama" | |
| incwadi yocingo: "igama lokuxhumana" |
Ingabe zikhona ezinye izindlela zaleli thuluzi zokusesha okuthuthukisiwe?
Yebo, akhona amanye amathuluzi nezindlela zokwenza usesho oluthuthukisiwe, njenge-Bing dorks, i-Yandex dorks noma i-Shodan (yokusesha amadivayisi axhunywe ku-inthanethi). Ngayinye inezici zayo ezithile nezindlela zayo.
Ngingayivikela kanjani iwebhusayithi yami noma uhlelo lokusebenza ukuthi lungatholwa yi-Google Dorks?
Ukuze uvikele iwebhusayithi yakho noma uhlelo lwakho lokusebenza ukuthi lungatholwa yi-Google Dorks, kubalulekile ukusebenzisa izinqubo zokuphepha ezinhle, njengokuqinisekisa ukuthi izinkomba namafayela abucayi avikelekile, ukugcina isofthiwe isesikhathini, ukusebenzisa izilungiselelo zokuphepha ezinhle, kanye nokwenza izivivinyo zokungena bona ubuthakathaka obungenzeka.
Yiziphi izinyathelo zokuphepha okufanele ngizithathe uma ngithola ukuthi iwebhusayithi yami isengozini nge-Google Dorks?
Uma uthola ukuthi iwebhusayithi yakho isengozini nge-Google Dorks, kubalulekile ukuthatha isinyathelo esisheshayo ukulungisa ubungozi. Lokhu kungase kuhlanganise ukuchibiyela isistimu, ukulungisa amaphutha okumisa, ukukhawulela ukufinyelela okungagunyaziwe, nokuthuthukisa ukuvikeleka kukonke kwesayithi.
Ingabe zingasetshenziswa kwezinye izinjini zokusesha ngaphandle kwe-Google?
Nakuba i-Google Dorks kuyimiyalo eklanyelwe ukusetshenziswa enjinini yokusesha ye-Google, amanye ama-opharetha namasu angasetshenziswa nakwezinye izinjini zokusesha. Nokho, kubalulekile ukuqaphela umehluko ku-syntax nemiphumela phakathi kwezinjini zokusesha.
Ngingayisebenzisa kanjani i-Google Dorks ukucinga ubungozi kumawebhusayithi?
Ungasebenzisa i-Google Dorks ukucinga ubungozi kumawebhusayithi ngokuhlonza amaphethini athile kuma-URL, ukusesha izinkomba eziveziwe, ukusesha amafayela abucayi, noma ubheke imilayezo yephutha engaveza ulwazi olubucayi. Kubalulekile ukwenza kanjalo ngokuziphatha nokuhlonipha ubumfihlo babanye.
Ingabe ikhona imiphakathi eku-inthanethi noma izinkundla lapho i-Google Dorks kuxoxwa khona futhi kwabelwane ngayo?
Yebo, kukhona imiphakathi eku-inthanethi nezinkundla lapho ochwepheshe bezokuphepha kolwazi nabashisekeli babelana ngolwazi, amasu, futhi baxoxe ngokusetshenziswa kwe-Google Dorks. Lezi zikhala zingaba usizo ekufundeni, ukwabelana ngolwazi kanye nokuhambisana nezitayela zakamuva zokusetshenziswa kwama-dorks.
Ezinye izinkundla kanye nemiphakathi eku-inthanethi lapho ulwazi mayelana nokusetshenziswa kwe-Google Dorks nokuphepha kwekhompyutha kuxoxwa futhi kwabelwane ngakho yilezi:
- I-Exploit Database Community: Umphakathi waku-inthanethi ozinikele ekuvikelekeni kwekhompyutha kanye nokwabelana ngolwazi olumayelana nokuba sengozini nokuxhashazwa. (https://www.exploit-db.com/)
- I-Reddit – r/NetSec: I-subreddit enikezelwe ekuvikelekeni kwekhompyutha, lapho ochwepheshe nabashisekayo babelana ngezindaba eziphathelene nokuphepha, izingxoxo, namasu. (https://www.reddit.com/r/netsec/)
- Umphakathi we-HackerOne: Umphakathi wabaduni bezimiso zokuziphatha kanye nezingcweti zezokuphepha ku-inthanethi, lapho ubungozi, izindlela zokuphepha kuxoxwa ngazo, futhi kwabelwana ngakho. (https://www.hackerone.com/community)
- I-Ethical Hacker Network: Umphakathi waku-inthanethi wezingcweti zokuphepha kolwazi nezigebengu zezimiso zokuziphatha, lapho izinsiza zabelwana ngazo, amasu okuxoxa ngawo, futhi kwenziwa ukusebenzisana. (https://www.ethicalhacker.net/)
- I-SecurityTrails Community Forum: Inkundla yezokuphepha eku-inthanethi lapho ochwepheshe bezokuphepha nabashisekeli bexoxa ngezihloko ezihlobene nokuvikeleka kwekhompyutha, okuhlanganisa nokusetshenziswa kwe-Google Dorks. (https://community.securitytrails.com/)
| Uhlobo lwe-Google Dork | Isibonelo se-Google Dork |
|---|---|
| usesho oluyisisekelo | isihloko: "igama elingukhiye" |
| inurl:"igama elingukhiye" | |
| i-filetype: "uhlobo lwefayela" | |
| indawo: "domain.com" | |
| inqolobane: "URL" | |
| isixhumanisi: "URL" | |
| Ukuphepha kwekhompyutha | umbhalo:"Iphutha le-SQL" |
| umbhalo: "iphasiwedi iputshukile" | |
| umbhalo: "izilungiselelo zokuphepha" | |
| inurl: "admin.php" | |
| isihloko: "iphaneli yokulawula" | |
| indawo: "domain.com" ext:sql | |
| Ulwazi oluyimfihlo | umbhalo:"ulwazi oluyimfihlo" |
| isihloko: "ifayela lephasiwedi" | |
| filetype:docx "okuyimfihlo" | |
| inurl:"file.pdf" umbhalo:"inombolo yokuphepha yomphakathi" | |
| inurl:"isipele" ext:sql | |
| isihloko: "inkomba yohla lwemibhalo" | |
| ukuhlola iwebhusayithi | indawo:domain.com "login" |
| indawo:domain.com "inkomba ye" | |
| site:domain.com intitle:"ifayela lephasiwedi" | |
| site:domain.com ext:php intext:"Iphutha le-SQL" | |
| indawo:domain.com inurl:"admin" | |
| site:domain.com filetype:pdf | |
| abanye | allinurl:"igama elingukhiye" |
| allintext:"igama elingukhiye" | |
| okuhlobene:domain.com | |
| ulwazi:domain.com | |
| chaza: "igama" | |
| incwadi yocingo: "igama lokuxhumana" |