Google Dork Secret | P J Borah

Transcript

1. Google dork secret Hope Everything Is Going Well Today in

   this Blog we will Explore A hidden Way to find Critical Information . Here We Will utilize Search engine Through Google dork . How Google dork Help You to find Secret Organization’s data . I encountered Different Critical Bug p1 to p4 Using Google dork , Here about My Story By: P J Borah Instagram: @pj_boorah linkedin: pallab-jyoti-borah-20874a18 Twitter: @PJBorah2 VAPT Analyst | Bugbounty hunter

2. Here We will Find Out confidential Data using google dork

   : Dork 1 site:http://s3.amazonaws.com confidential OR “top secret” POC

3. Basically I start My google dorking using query filetype:php As

   we know php Application Are most vulnerable so I look for php extension Against Target using : Dork 2 Site:*facebook.com filetype:php OR ext:php POC Found two LFI

4. Now look for yml which Mostly Contain backend Structure such

   as credentials , users etc Dork 3 dork ext:yml inurl:Orgname POC: found LDAP Credentials Leak

5. More google dork ext:txt | ext:log | ext:cfg | ext:yml

   "administrator:500:"intitle:"index of" "password.yml filetype:xls inurl:”email.xls” filetype:bak inurl:\"htaccess|passwd|shadow|htusers\" ste:*.site.com intitle:"Index-Of" Instagram: @pj_boorah Twitter: @PJBorah2 linkedin: pallab-jyoti-borah-20874a18

6. Actual Blog: https://pallabjyoti218.medium.com/how-i-get-p1-to-p4-using-google-dork-some-google-dork-which- give-you-all-secrets-de9df507a3ca End Instagram: @pj_boorah Twitter: @PJBorah2 linkedin:

   pallab-jyoti-borah-20874a18
7. None