Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Google Dork Secret | P J Borah

Pj borah
May 10, 2021

Google Dork Secret | P J Borah

Secret Google dork Learn For recon perfectly.

Pj borah

May 10, 2021
Tweet

More Decks by Pj borah

Other Decks in Education

Transcript

  1. Google dork secret Hope Everything Is Going Well Today in

    this Blog we will Explore A hidden Way to find Critical Information . Here We Will utilize Search engine Through Google dork . How Google dork Help You to find Secret Organization’s data . I encountered Different Critical Bug p1 to p4 Using Google dork , Here about My Story By: P J Borah Instagram: @pj_boorah linkedin: pallab-jyoti-borah-20874a18 Twitter: @PJBorah2 VAPT Analyst | Bugbounty hunter
  2. Here We will Find Out confidential Data using google dork

    : Dork 1 site:http://s3.amazonaws.com confidential OR “top secret” POC
  3. Basically I start My google dorking using query filetype:php As

    we know php Application Are most vulnerable so I look for php extension Against Target using : Dork 2 Site:*facebook.com filetype:php OR ext:php POC Found two LFI
  4. Now look for yml which Mostly Contain backend Structure such

    as credentials , users etc Dork 3 dork ext:yml inurl:Orgname POC: found LDAP Credentials Leak
  5. More google dork ext:txt | ext:log | ext:cfg | ext:yml

    "administrator:500:"intitle:"index of" "password.yml filetype:xls inurl:”email.xls” filetype:bak inurl:\"htaccess|passwd|shadow|htusers\" ste:*.site.com intitle:"Index-Of" Instagram: @pj_boorah Twitter: @PJBorah2 linkedin: pallab-jyoti-borah-20874a18