For programmers, has been completely inseparable from the search engine, encountered any difficult problems, the first time to reflect, is to open Google, input the keywords of the problem, and then in the search results page, further search for matching results.
However, sometimes a simple search method does not suffice. As a result, Google provides advanced search techniques that hackers use to discover the back doors of many websites known as “Google Hacking Database.” Here are some examples of these searches.
The Google search operator
Google removes operators from time to time, so you need to pay attention to which operators are valid.
Here, A and B are used to represent the entered search terms.
“A B”
Enforce a perfect match search to avoid ambiguity for a single keyword.
“steve jobs”
A AND B
Google’s default operator is AND, which returns search results related to A AND B. It’s not really that different for regular searches, but it can be very useful when paired with other operators.
Participle AND tutorial
A OR B
Search results for A OR B, OR A and B, you can also use the symbol “|” to replace the OR.
Movie OR TV series
-A
-a excludes the search term A, that is, the returned search results exclude those related to A.
Apple – Inc.
*
* acts as a wildcard and will match any single keyword.
steve * apple
(a)
The search operators are grouped by () to control how the search is performed.
(git OR SVN) Rollback
This is the basic search logic that can combine complex query expressions to narrow the search scope and resolve ambiguity.
Google also provides property fields to limit the search scope and be more precise.
filetype:
Limit search results to specific file types, such as PDF and PPT. You can also use “ext:” for the same purpose.
Filetype: PDF Machine learning
Here’s a list of common file types:
- PHP
- ASP
- CGI
- JSP
- FCGI
- SWF
- DOC
- TXT
- EXE
- PPT
- XLS
- INI
- YML
- MP3
- MP4
- JPG
For more information on file types, visit this link.
site:
Restrict search results to specified sites.
Site :juejin. Im deeply understand the Chinese segmentation of NLP
intitle:
Limit your search terms and look them up in the title of the page to better fit the topic of the page.
Intitle: Natural language processing
Allintitle is similar to intitle, except that the result contains the search term entirely.
inurl:
Limit the search term and look it up in the URL. The standard format of the URL is as follows:
[Protocol type]://[domain name]:[port]/[Resource level][file name]? [query]# [fragment ID]
i.e.: https://juejin.cn/book/6844733812102922247
Copy the code
inurl:juejin
Allinurl is similar to inURL, except that the result contains the search term entirely.
intext:
Limit your search terms to the content of the web page.
Intext: Natural language processing
Allintext is similar to Intext, except that the results contain search terms entirely.
cache:
Return to the latest cached version of the page to view the history of the page.
cache:juejin.im
The above are the most commonly used attribute fields, which basically meet more than 90% of the search requirements. There are a few other property fields that are applicable to specific domains, as follows:
- Weather: Queries the weather
- Stocks: Queries stocks
- Map: Queries a map
- Movie: Queries movies
- Source: Check news sources
Actual search results:
How do hackers use Google to search
Hackers can use a combination of Google advanced search techniques to obtain server information, files containing sensitive information, and detect hidden login pages and server logs.
Proxy server
inurl:”nph-proxy.cgi” “start browsing”
The URL of the proxy server retains certain characteristics, and the page also retains relevant information. Therefore, only knowing these characteristics, you can look up proxy server addresses throughout the network.
File directory
intitle:index.of etc shadow
intitle:index.of “parent directory”
intitle:index.of name size
intitle:index.of “server at”
Intitle: the index of login
Intitle: the index of management
The database
site: filetype:mdb
site: intext:”to parent directory”+”intext.mdb”
github
Github is a great database for hackers. It contains a lot of sensitive information that was accidentally uploaded by the company’s programmers.
site:github.com intext:smtp
site:github.com intext:password,username
conclusion
These hackers’ search techniques are well worth learning and can solve some tricky search problems, but remember not to use them for illegal purposes.
Amway has a book entitled in-depth Understanding of NLP Chinese Word Segmentation: From Principle to Practice, which will help you master Chinese word segmentation from scratch and step into NLP. If the above content is helpful to you, I hope to like, comment, forward, thank you!