{"id":2785,"date":"2024-09-06T11:49:00","date_gmt":"2024-09-06T03:49:00","guid":{"rendered":"https:\/\/systw.net\/note\/?p=2785"},"modified":"2025-12-20T10:08:40","modified_gmt":"2025-12-20T02:08:40","slug":"google-hacking","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/2785","title":{"rendered":"Google Hacking"},"content":{"rendered":"\n<p>Google \u99ed\u5ba2\u6280\u8853\u662f\u6307\u5229\u7528 Google \u641c\u5c0b\u5f15\u64ce\u7684\u9ad8\u7d1a\u641c\u5c0b\u529f\u80fd\u548c\u7279\u6b8a\u8a9e\u6cd5\u4f86\u5c0b\u627e\u7db2\u8def\u4e0a\u654f\u611f\u8cc7\u8a0a\u6216\u5b89\u5168\u6f0f\u6d1e\u7684\u6280\u8853\u3002\u9019\u500b\u6982\u5ff5\u6700\u521d\u7531\u5b89\u5168\u7814\u7a76\u54e1 Johnny Long \u63d0\u51fa\u3002Google Hacking \u5229\u7528\u641c\u5c0b\u5f15\u64ce\u5df2\u7d93\u7d22\u5f15\u7684\u5167\u5bb9\u53ef\u4ee5\u767c\u73fe\u4ee5\u4e0b\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u914d\u7f6e\u932f\u8aa4\u7684\u7db2\u7ad9<\/li>\n\n\n\n<li>\u610f\u5916\u66b4\u9732\u7684\u654f\u611f\u6a94\u6848<\/li>\n\n\n\n<li>\u9810\u8a2d\u5bc6\u78bc\u7684\u7cfb\u7d71<\/li>\n\n\n\n<li>\u8cc7\u6599\u5eab\u932f\u8aa4\u8a0a\u606f<\/li>\n\n\n\n<li>\u79c1\u4eba\u8cc7\u8a0a\u6d29\u9732<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u57fa\u672c\u8a9e\u6cd5<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">\u908f\u8f2f\u904b\u7b97<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>AND<\/code> (\u9810\u8a2d)  ex: <code>apple banana<\/code>   \u540c\u6642\u5305\u542b <em>apple<\/em> \u548c <em>banana<\/em><\/li>\n\n\n\n<li><code>OR<\/code> or <code>|<\/code>   ex: <code>apple OR banana<\/code>  \u5305\u542b <em>apple<\/em> \u6216 <em>banana<\/em><\/li>\n\n\n\n<li><code> <strong>-<\/strong> <\/code>(\u6392\u9664)  ex: <code>apple -banana<\/code>  \u6709 <em>apple<\/em> \u4f46\u6c92\u6709 <em>banana<\/em> <\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u9650\u5b9a\u641c\u5c0b\u7bc4\u570d<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>site<\/code> ex: <code>site:example.com login<\/code>  \u53ea\u5728 example.com \u641c\u5c0blogin\u76f8\u95dc\u5167\u5bb9<\/li>\n\n\n\n<li><code>intitle<\/code> ex: <code>intitle:\"login page\"<\/code>  \u9801\u9762\u6a19\u984c\u542b\u300clogin page\u300d<\/li>\n\n\n\n<li><code>inurl<\/code> ex: <code>inurl:admin<\/code>  URL \u4e2d\u5305\u542b\u300cadmin\u300d<\/li>\n\n\n\n<li><code>filetype<\/code> ex: <code><strong>ext:<\/strong> filetype:pdf<\/code> \u6216 ext:sql \u2192 \u641c\u5c0b\u7279\u5b9a\u6a94\u6848\u985e\u578b<\/li>\n\n\n\n<li><code>intext<\/code> ex: <code>intext:\"confidential\" <\/code> \u5167\u6587\u5305\u542b\u300cconfidential\u300d<\/li>\n\n\n\n<li><code>cache<\/code>   \u67e5\u770b\u7db2\u9801\u7684\u5feb\u53d6\u7248\u672c<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u6bd4\u5c0d\u6280\u5de7<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>\" \"<\/code>(\u7cbe\u78ba\u6bd4\u5c0d) , ex: <code>\"admin login\"<\/code>  \u7cbe\u6e96\u6bd4\u5c0dadmin login\u5b8c\u6574\u7684\u5b57\u4e32<\/li>\n\n\n\n<li><code>*<\/code> (\u842c\u7528\u5b57\u5143) , ex:<code>\"password * gmail\"<\/code>  password \u5f8c\u4efb\u610f\u5b57<\/li>\n\n\n\n<li><code>..<\/code> (\u7bc4\u570d) , ex: <code>site:example.com 2020..2023<\/code>   \u641c\u5c0b\u6578\u5b57\u5340\u9593<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<p>ex:<br>\u5c0b\u627e\u67d0\u500b\u57df\u540d\u7684\u6240\u6709\u53ef\u80fd\u8f38\u5165\u9ede<br>\u7528google\u641c\u5c0b<code>login site:vulnweb.com<\/code><\/p>\n\n\n\n<p>ex:<br>\u5c0b\u627edemo.testfire.net\u7684\u8f38\u5165\u9ede<br>\u7528google\u641c\u5c0b<code>site:demo.testfire.net inurl:login<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u5c0b\u627e\u653b\u64ca\u76ee\u6a19<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">\u767b\u5165 <\/h3>\n\n\n\n<p>keyword\uff1a<code>login, logon, signin, pass, password, user, admin, member, manager, auth<\/code>\u7b49<\/p>\n\n\n\n<p>Google Dork:<code>inurl:login | intitle:login | intext:login site: example.com<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u8a3b\u518a\u5e33\u865f<\/h3>\n\n\n\n<p>keyword\uff1a<code>register,  signup,  join,  create-account,  new-account,  \"sign up\",  \"create account\" <\/code>\u7b49<\/p>\n\n\n\n<p>Google Dork:<code>inurl:register | intitle:register | intext:register site: example.com<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u4e0a\u50b3\u9801<\/h3>\n\n\n\n<p>keyword: <code>upload, choose file<\/code><\/p>\n\n\n\n<p>Google Dork\uff1a<code>inurl:upload | intitle:upload | intext:upload site: example.com<\/code><\/p>\n\n\n\n<p>Google Dork\uff1a<code>\"choose file\" site:example.com<\/code><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u5728URL\u5c0b\u627e\u53ef\u80fd\u5f31\u9ede<\/h2>\n\n\n\n<p>\u5c0b\u627eSQL Injection\u53ef\u80fd\u6ce8\u5165\u9ede<\/p>\n\n\n\n<p>Google Dork\uff1a<code>inurl:id= | inurl:pid= | inurl:category= | inurl:cat= | inurl:action= | inurl:sid= | inurl:dir= | inurl:&amp; site:example.com<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>\u5c0b\u627eLFI\u53ef\u80fd\u6ce8\u5165\u9ede<\/p>\n\n\n\n<p>Google Dork\uff1a<code>inurl:include | inurl:dir | inurl:detail= | inurl:file= | inurl:folder= | inurl:inc= | inurl:locate= | inurl:doc= | inurl:conf= | inurl:&amp; site:example.com<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>\u5c0b\u627eRCE\u53ef\u80fd\u6ce8\u5165\u9ede<\/p>\n\n\n\n<p>Google Dork\uff1a<code>inurl:cmd | inurl:exec= | inurl:query= | inurl:code= | inurl:do= | inurl:run= | inurl:read= | inurl:ping= | inurl:&amp; site:example.com<\/code><\/p>\n\n\n\n<p><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u81ea\u52d5\u5316\u5de5\u5177<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Dork Scanner<\/h3>\n\n\n\n<p>\u7d66\u4e00\u7d44 Dork\uff0c\u6703\u81ea\u52d5\u67e5\u8a62 Google \u4e26\u5b58\u7d50\u679c\u3002<\/p>\n\n\n\n<p>Options<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>-h, --help<\/code>  \uff1a show this help message and exit<\/li>\n\n\n\n<li><code>-q QUERY, --query QUERY<\/code>\uff1a   Specify the Search Query within &#8221;<\/li>\n\n\n\n<li><code>-e ENGINE, --engine ENGINE<\/code>\uff1a  Specify the Search Engine (Google\/Bing)<\/li>\n\n\n\n<li><code>-p PAGES, --pages PAGES<\/code>\uff1aSpecify the Number of Pages (Default: 1)<\/li>\n\n\n\n<li><code>-P PROCESSES, --processes PROCESSES<\/code> \uff1aSpecify the Number of Processes (Default: 2)<\/li>\n<\/ul>\n\n\n\n<p>Single Dork search<\/p>\n\n\n\n<p><code>python3 dorkScanner.py --query inurl:wp-content\/plugins\/wp-jobsearch --engine google --page 3 --process 3<\/code><\/p>\n\n\n\n<p><a href=\"https:\/\/github.com\/madhavmehndiratta\/dorkScanner\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/madhavmehndiratta\/dorkScanner<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.geeksforgeeks.org\/linux-unix\/dork-scanner-vulnerable-urls-finder-tool-in-linux\" target=\"_blank\" rel=\"noopener\">https:\/\/www.geeksforgeeks.org\/linux-unix\/dork-scanner-vulnerable-urls-finder-tool-in-linux<\/a><\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">DorkEye<\/h3>\n\n\n\n<p>Is an automated&nbsp;<strong>dorking<\/strong>&nbsp;tool that uses&nbsp;<strong>DuckDuckGo<\/strong>&nbsp;to find web resources exposed via OSINT techniques.<\/p>\n\n\n\n<p>Options<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>-d&nbsp;, --dork<\/code>\uff1a Single dork or .txt file with dork<\/li>\n\n\n\n<li><code>-o&nbsp;, --output<\/code>\uff1a Output file name<\/li>\n\n\n\n<li><code>-c&nbsp;, --count<\/code>\uff1a Number of results per dork<\/li>\n<\/ul>\n\n\n\n<p>Single Dork search<\/p>\n\n\n\n<p><code>python3 dorkeye.py -d \"inurl:admin login\" -o admin_panels -c 100<\/code><\/p>\n\n\n\n<p><a href=\"https:\/\/github.com\/xPloits3c\/DorkEye\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/xPloits3c\/DorkEye<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-dots\"\/>\n\n\n\n<p><\/p>\n\n\n\n<p>&nbsp;Google \u5c0d\u81ea\u52d5\u5316\u9023\u7e8c\u67e5\u8a62\u975e\u5e38\u654f\u611f\uff0c\u5e38\u6703\u6709\u4ee5\u4e0b\u963b\u64cb<\/p>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong>CAPTCHA \u9a57\u8b49<\/strong>\uff08\u201cI\u2019m not a robot\u201d reCAPTCHA\uff09 \u2192 \u5982\u679c\u77ed\u6642\u9593\u5167\u9001\u51fa\u592a\u591a\u76f8\u4f3c\u67e5\u8a62\uff0c\u5c31\u6703\u8df3\u51fa\u9a57\u8b49\u3002<\/li>\n\n\n\n<li><strong>HTTP 429 Too Many Requests<\/strong> \u2192 \u76f4\u63a5\u62d2\u7d55\u9023\u7dda\u3002<\/li>\n\n\n\n<li><strong>IP \u5c01\u9396 \/ \u66ab\u505c<\/strong> \u2192 \u653b\u64ca\u8005\u7684 IP \u5728\u5e7e\u5c0f\u6642\u5167\u5b8c\u5168\u4e0d\u80fd\u67e5\u8a62\u3002<\/li>\n<\/ol>\n\n\n\n<p>\u5e38\u898b\u7e5e\u904e\u624b\u6cd5<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u4ee3\u7406\u6c60 (proxy pool)<\/strong>\uff1a\u900f\u904e\u5927\u91cf\u4ee3\u7406\u4f3a\u670d\u5668\u63db IP\u3002<\/li>\n\n\n\n<li><strong>TOR \/ VPN<\/strong>\uff1a\u5207\u63db\u51fa\u53e3 IP\uff0c\u964d\u4f4e\u55ae\u4e00 IP \u5c01\u9396\u98a8\u96aa\u3002<\/li>\n\n\n\n<li><strong>\u5ef6\u9072 (throttling)<\/strong>\uff1a\u67e5\u8a62\u4e4b\u9593\u52a0\u96a8\u6a5f sleep\uff0c\u6a21\u4eff\u4eba\u985e\u884c\u70ba\u3002<\/li>\n\n\n\n<li><strong>Google Custom Search API (CSE API)<\/strong>\uff1a\u7528\u5b98\u65b9 API\uff0c\u4f46\u6bcf\u5929\u6709\u514d\u8cbb\u984d\u5ea6\u9650\u5236\uff08100 \u67e5\u8a62\u5de6\u53f3\uff09\u3002<\/li>\n\n\n\n<li><strong>\u6539\u7528\u5176\u4ed6\u641c\u5c0b\u5f15\u64ce<\/strong>\uff1aBing\u3001Yandex\u3001DuckDuckGo \u5bb9\u5fcd\u5ea6\u66f4\u9ad8\uff0c\u5e38\u88ab\u7576\u4f5c\u66ff\u4ee3\u4f86\u6e90\u3002<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Google \u99ed\u5ba2\u6280\u8853\u662f\u6307\u5229\u7528 Google \u641c\u5c0b\u5f15\u64ce\u7684\u9ad8\u7d1a\u641c\u5c0b\u529f\u80fd\u548c\u7279\u6b8a\u8a9e\u6cd5\u4f86\u5c0b\u627e\u7db2\u8def\u4e0a\u654f\u611f\u8cc7\u8a0a\u6216\u5b89\u5168\u6f0f\u6d1e\u7684\u6280\u8853\u3002\u9019\u500b\u6982\u5ff5\u6700\u521d\u7531\u5b89\u5168\u7814\u7a76\u54e1 Johnny Long \u63d0\u51fa<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"enabled":false},"version":2}},"categories":[369],"tags":[],"class_list":["post-2785","post","type-post","status-publish","format-standard","hentry","category-red-team"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/2785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=2785"}],"version-history":[{"count":5,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/2785\/revisions"}],"predecessor-version":[{"id":2936,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/2785\/revisions\/2936"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=2785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=2785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=2785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}