An Interest In:
Web News this Week
- March 20, 2024
- March 19, 2024
- March 18, 2024
- March 17, 2024
- March 16, 2024
- March 15, 2024
- March 14, 2024
Google dorks for WordPress
Google is a gigantic word wild database. Finding a vulnerable WordPress website in a few seconds can be as simple as a Google search.
Disclaimer
As usual with ethical hacking in general and depending on your country, using Google dorks to find vulnerable websites can lead to lawsuits!
On no account should you use Google dorks to download logs, databases, and other resources you are not supposed to access, even in a white hat perspective or for test purposes.
I know that's lame, and most people do it with the best intentions, but remember that can be illegal, and don't believe all vulnerable companies and organizations will treat you well if they know you have access to their credentials.
Google dorks in short
It's called Google dorking and it consists of advanced Google search queries with unique keywords and operators to find sensitive information and security breaches.
For example, if you want websites that use the Woocommerce plugin, you may google the following:
inurl:"/wp-content/plugins/woocommerce"
It's pretty helpful when known vulnerabilities are revealed for specific plugins.
Read my logs
Google this:
inurl:wp-content/debug.log
You'll see WordPress websites that have logs enabled in production in a publically accessible directory!
Please, download my SQL dumps
You can even find SQL dumps with Google Dorks. Of course, not all WordPress installations have such a big security hole, but it happens:
filetype:sql intext:wp_users
Once you have the database, you do pretty much everything you want, including finding user passwords by decrypting MD5 strings.
Note that it can be slightly more subtle:
filetype:tar.gz site:mywebsite.comfiletype:sql site:mywebsite.com
The above dork query looks for publically accessible backup files in mywebsite.com. If you accidentally saved a backup in a public directory and forgot to remove it, that can turn nasty.
A database for Google dorks
Instead of listing all kinds of Google dorks here, I prefer you go to exploit-db.com to see it by yourself. Just type "wordpress" in the search form, and you'll get tones of Google dorks!
How to fix it
Test your website
Run dork queries against your website, and you'll see if there's something wrong.
Request removal
You can request removal with the Removals Tool, which enables you to temporarily block pages from Google Search results on sites that you own.
Disable directory browsing
Most of the time, those websites are misconfigured so that you can browse the wp-content
directory. Any website should disable directory browsing with, for example, this line in the .htaccess
file:
Options -Indexes
Forget the robots.txt
file
While the robots.txt
file is meant for search engines, it's publically accessible, so it's easy for hackers to use this file to discover directories and files.
You might end up giving them sensitive information!
Disable logs and debugging
The production environment is not meant for logging errors and debugging. You can add the following code in your wp-config.php
:
ini_set('display_errors','Off');ini_set('error_reporting', E_ALL );define('WP_DEBUG', false);define('WP_DEBUG_DISPLAY', false);
Install a security plugin
Most security plugins ensure your installation is safer, making all the quick fixes we just saw for you, protecting sensitive directories, and scanning your website regularly.
Wrap up
Fortunately, many web hosting providers have robust default configurations and pre-built CMS integrations to prevent harmful situations.
However, Google dorks for WordPress are still a common concern in 2021. You'd be surprised how many .env
files and credentials you can access with a simple search.
Original Link: https://dev.to/jmau111/google-dorks-for-wordpress-2mi8
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To