Advanced Google Dorking Commands

Posted by kunnan on April 23, 2018


  • the basic syntax for using the advanced operator in Google is as follows:
    allintext:Google dorking


you can use Google to find the vulnerable database, websites, security cameras and other Internet of Things connected devices.

Simple Google Dorks:

  • Allintext
    Searches for occurrences of all the keywords given
  • Intext
    Searches for the occurrences of keywords all at once or one at a time
  • Inurl
    Searches for a URL matching one of the keywords
  • Allinurl
    Searches for a URL matching all the keywords in the query
  • Intitle
    Searches for occurrences of keywords in URL all or one
  • Allintitle
      Searches for occurrences of keywords all at a time
  • Site
      Specifically searches that particular site and lists all the results for that site
  • filetype
      Searches for a particular filetype mentioned in the query
  • Link
    Searches for external links to pages
    The "link:" search operator that Google used to have, has been turned off by now (2017)
  • Numrange
      Used to locate specific numbers in your searches
  • Daterange
      Used to search within a particular date range

Advanced operators

  • define:ReverseEngineering
  • info:
  • stocks:高阳

Basics: some examples of using Google Dorking

  • inurl:group_concat(username, filetype:php intext:admin
    Using the above information, we were able to tap in to some of the SQL injection results done by somebody else on the sites.
  • filetype:xls
    be used to glean emails ids from Google.
  • -site:

  • inurl:8443 -intext:8443
    inurl:8080 -intext:8080
    inurl:nqt -intext:8080 filetype:php intext:"network query tool"  --
  • filetype:log inurl password login
    filetype:sql + "IDENTIFIED BY" -cvs
    filetype:sql + "IDENTIFIED BY" ("Grant * on *" | "create user")
    filetype:mp4 inurl:xxx intext:xxx: 在渗透检测过程中省时省力
  • ”#-Frontpage-“ inurl:administrators.pwd
  • inurl:”ViewerFrame?Mode=”
    find public web cameras
  • intitle:index.of
    This can give a list of files on the servers
  • intitle:index.of mp3
    will give all the MP3 files available on various servers

see also

There are many similar advanced operators which can be used to exploit insecure websites:

Operator Purpose Mixes with Other Operators? Can be used Alone? Web Images Groups News
intitle Search page Title yes yes yes yes yes yes
allintitle[simple-google-dorks] Search page title no yes yes yes yes yes
inurl Search URL yes yes yes yes not really like intitle
allinurl Search URL no yes yes yes yes like intitle
filetype specific files yes no yes yes no not really
intext Search text of page only yes yes yes yes yes yes
allintext Search text of page only not really yes yes yes yes yes
site Search specific site yes yes yes yes no not really
link Search for links to pages no yes yes no no not really
inanchor Search link anchor text yes yes yes yes not really yes
numrange Locate number yes yes yes no no not really
daterange Search in date range yes no yes not really not really not really
author Group author search yes yes no no yes not really
group Group name search not really yes no no yes not really
insubject Group subject search yes yes like intitle like intitle yes like intitle
msgid Group msgid search no yes not really not really yes not really
allintext:Google dorking

`some advanced commands`: | Password

filetype:sql intext:wp_users phpmyadmin

intext:”Dumping data for table `orders`”

“Index of /wp-content/uploads/backupbuddy_backups” zip

Zixmail inurl:/s/login?

inurl:/remote/login/ intext:”please login”

intext:”FortiToken clock drift detected”



inurl:/sap/bc/webdynpro/sap/ | “sap-system-login-oninputprocessing”

intext:”Powered by net2ftp”
Date	Title	Category
2018-04-18	inurl:default.aspx?ReturnUrl=/spssmr -stackoverflow -github	Pages Containing Login Portals
2018-04-18	inurl:"/SAMLLogin/" -github	Pages Containing Login Portals
2018-04-17	Drupal CMS - Drupalgeddon2	Vulnerable Servers
2018-04-17	intext:build:SVNTag= JBoss intitle:Administration Console inurl:web-console	Various Online Devices
2018-04-17	Codeigniter filetype:sql intext:password | pwd intext:username | uname intext: Insert into users values	Files Containing Passwords
2018-04-17	"login" "adp login"	Pages Containing Login Portals
2018-04-16	intitle:"index.of" | inurl:/filemanager/connectors/ intext:uploadtest.html	Sensitive Directories
2018-04-16	intitle:\index.of inurl:/websendmail/	Sensitive Directories
2018-04-16	:DIR | intitle:index of inurl://whatsapp/	Sensitive Directories
2018-04-16	inurl:report.cgi?dashboard=	Various Online Devices
  • knpost
    /Users/devzkn/bin/knpost GoogleHacking Advanced Google Dorking Commands -t Search
    ps:需要自己加上"GoogleHacking Advanced Google Dorking Commands"

转载请注明: > GoogleHacking