Search...

uDork - Google Hacking Tool

2020-03-21T12:00:02

ID KITPLOIT:1679847446309154895
Type kitploit
Reporter KitPloit
Modified 2020-03-21T12:00:02

Description

uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.
uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database ).

Author: M3n0sD0n4ld
Twitter: @David_Uton

You need to have goop installed

pip3 install goop

Download and install:

$ git clone https://github.com/m3n0sd0n4ld/uDork
$ cd uDork
- Open the file and write inside this line:

cookie = 'YOUR FACEBOOK COOKIES HERE'

$ python3 uDork.py -h

Important!!!

For the tool to work, you must configure uDork with your Facebook cookie in the file cookie.py .
You must also be logged in to Facebook on the computer you are using uDork WITHOUT logging out.

Steps to obtain the cookie and configure the cookie

Login to facebook.com
Press in your browser control + shift + K (Firefox) o control + shift + J (Google Chrome) to go to console.
Write document.cookie in the console and copy the cookies "c_user = content" and "xs = content" to the variable "cookie" inside the file "cookie.py""

cookie = 'c_user=XXXXXX; xs=XXXXXX'

Note: If the "xs" cookie does not appear, follow these steps .

Save and remember, you must NOT log out of Facebook or you will have to do these steps again.

Use:

Menu

$ python3 uDork.py -h
       _____             _    
      |  __ \           | |   
 _   _| |  | | ___  _ __| | __
| | | | |  | |/ _ \| '__| |/ /
| |_| | |__| | (_) | |  |   &lt; 
 \__,_|_____/ \___/|_|  |_|\_\ v.2020.03.13
  by M3n0sD0n4ld - (@David_Uton)

----------------------------------------------------------------------------------------------------
usage: uDork.py [-h] [-d DOMAIN] [-e EXTENSION] [-t TEXT] [-s STRING]
                [-m MASSIVE] [-l LIST] [-f FILE] [-k DORK] [-p PAGES]
                [-o OUTPUT]

optional arguments:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
                        Domain or IP address.
  -e EXTENSION, --extension EXTENSION
                        Search files by extension. Use 'all' to find the list
                        extension.
  -t TEXT, --text TEXT  Find text in website content.
  -s STRING, --   string STRING
                        Locate text strings within the URL.
  -m MASSIVE, --massive MASSIVE
                        Attack a site with a predefined list of dorks. Review
                        list &lt;-l / - list&gt;
  -l LIST, --list LIST  Shows the list of predefined dorks (Exploit-DB).
  -f FILE, --file FILE  Use your own personalized list of dorks.
  -k DORK, --dork DORK  Specifies the type of dork &lt;filetype | intext | inurl&gt;
                        (Required for '&lt;-f / - file'&gt;).
  -p PAGES, --pages PAGES
                        Number of pages to search in Google. (By default 5
                        pages).
  -o OUTPUT, --output OUTPUT
                        Export results to a file.

Example of searching pdf files

$ python3 uDork.py -d nasa.gov -e pdf

       _____             _    
      |  __ \           | |   
 _   _| |  | | ___  _ __| | __
| | | | |  | |/ _ \| '__| |/ /
| |_| | |__| | (_) | |  |   &lt; 
 \__,_|_____/ \___/|_|  |_|\_\ v.2020.03.13
  by M3n0sD0n4ld - (@David_Uton)

----------------------------------------------------------------------------------------------------
[!] The results will appear below. This may take several minutes, please wait ...
----------------------------------------------------------------------------------------------------
Domain/IP: nasa.gov
Find links with: pdf
----------------------------------------------------------------------------------------------------
https://www.sti.nasa.gov/thesvol2.pdf
https://www.sti.nasa.gov/thesvol1.pdf
https://www.nasa.gov/pdf/220260main_Workforce_Transition_Strategy_briefing   .pdf
https://oig.nasa.gov/docs/SAR0318.pdf
https://oig.nasa.gov/docs/FinalWrittenStatement_03_13_2013.pdf
https://oig.nasa.gov/docs/MC-2018.pdf
https://www.nasa.gov/centers/dryden/pdf/88798main_srfcs.pdf
https://www.nasa.gov/specials/apollo50th/pdf/A10_PressKit.pdf
https://www.nasa.gov/specials/apollo50th/pdf/A14_PressKit.pdf
https://www.nasa.gov/specials/apollo50th/pdf/A07_PressKit.pdf
https://www.nasa.gov/specials/apollo50th/pdf/A15_PressKit.pdf
https://www.nasa.gov/specials/apollo50th/pdf/A09_PressKit.pdf
https://www.nasa.gov/specials/apollo50th/pdf/A08_PressKit.pdf
https://www.nasa.gov/centers/dryden/pdf/88790main_Dryden.pdf
https://oig.nasa.gov/docs/MC-2017.pdf
....

Example of searching routes with the word "password"

$ python3 uDork.py -d nasa.gov -s password

       _____             _    
      |  __ \           | |   
 _   _| |  | | ___  _ __| | __
| | | | |  | |/ _ \| '__| |/ /
| |_| | |__| | (_) | |  |   &lt; 
 \__,_|_____/ \___/|_|  |_|\_\ v.2020.03.13
  by M3n0sD0n4ld - (@David_Uton)

----------------------------------------------------------------------------------------------------
[!] The results will appear below. This may take several minutes, please wait ...
----------------------------------------------------------------------------------------------------
Domain/IP: nasa.gov
Find links with: password
----------------------------------------------------------------------------------------------------
https://www.grc.nasa.gov/its-training/best-practices/password-tips/
https://www.grc.nasa.gov/its-training/best-practices/password-rules/
htt   ps://www.nas.nasa.gov/hecc/support/kb/password-creation-rules_270.html
https://www.nas.nasa.gov/hecc/support/kb/index.php%3FView%3Dentry%26EntryID%3D270%26EntryTitle%3Dpassword-creation-rules%26mobile%3D0
https://open.nasa.gov/datanaut-accounts/password/reset/%3Fnext%3D/explore/datanauts/app/profile
https://www.nas.nasa.gov/hecc/support/kb/i-cant-log-inmy-password-is-not-workingmy-account-is-locked_5.html
https://www.nas.nasa.gov/hecc/support/kb/index.php%3FView%3Dentry%26EntryID%3D53%26EntryTitle%3Dtwo-step-connection-using-rsa-securid-passcode-and-nas-password%26mobile%3D0
https://www.nas.nasa.gov/hecc/support/kb/index.php%3FView%3Dentry%26EntryID%3D8%26EntryTitle%3Dwhat-are-the-requirements-for-creating-a-password%26mobile%3D0
https://oltaris.nasa.gov/password/new
https://ghrc.nsstc.nasa.gov/data-publication/user/password
https://answers.nssc.nasa.gov/app/answers/detail/a_id/6173/~/change-launchpad-%2528idmax%2529-password
https://answers.nssc.   nasa.gov/app/answers/list/search/1/kw/Password/search/1
https://answers.nssc.nasa.gov/app/answers/list/search/1/kw/CHANGE%2520NDC%2520PASSWORD/suggested/1
https://answers.nssc.nasa.gov/app/answers/detail/a_id/6174/~/reset-ndc-password
.....

Dorks listing

$ python3 uDork.py -l list

       _____             _    
      |  __ \           | |   
 _   _| |  | | ___  _ __| | __
| | | | |  | |/ _ \| '__| |/ /
| |_| | |__| | (_) | |  |   &lt; 
 \__,_|_____/ \___/|_|  |_|\_\ v.2020.03.13
  by M3n0sD0n4ld - (@David_Uton)

----------------------------------------------------------------------------------------------------

 ======================== DORKS LISTING ========================
 admin : Access panels of all kinds (administration, login, CMS, ...)
 directories : Sensitive directories (drupal, wordpress, phpmyadmin ...)
 [usernames](&lt;https://www.kitploit.com/search/label/Usernames&gt; "usernames" ) : Find files containing user names.
 [passwords](&lt;https://www.kitploit.com/search/label/Passwords&gt; "passwords" ) : Find files that contain passwords   .
 webservers: Find web servers.
 vulnerable_files : Find [vulnerable](&lt;https://www.kitploit.com/search/label/Vulnerable&gt; "vulnerable" ) files. 
 vulnerable_servers : Find vulnerable servers.
 error_messages : Show error messages.
 vulnerable_networks : Find software data on vulnerable networks.
 portal_logins : List portal logins.
 devices :  Find connected devices (printers, webcams, thermostats, ...)

Example of use Dorks Massive

$ python3 uDork.py -d nasa.gov -m admin -p 3 -o report.txt

       _____             _    
      |  __ \           | |   
 _   _| |  | | ___  _ __| | __
| | | | |  | |/ _ \| '__| |/ /
| |_| | |__| | (_) | |  |   &lt; 
 \__,_|_____/ \___/|_|  |_|\_\ v.2020.03.13
  by M3n0sD0n4ld - (@David_Uton)

----------------------------------------------------------------------------------------------------
[!] The results will appear below. This may take several minutes, please wait ...
----------------------------------------------------------------------------------------------------
Domain/IP: nasa.gov
Find links with: ADMIN/

https://asd.gsfc.nasa.gov/blueshift/index.php/author/admin/
https://lists.hq.nasa.gov/mailman/admin
https://lists.hq.nasa.gov/mailman/admin/LISTNAME
https://rosetta.jpl.nasa.gov/blogs/admin
https://dartslab.jpl.nasa.go   v/qa/user/admin
https://landsat.gsfc.nasa.gov/author/admin/page/8/
https://rosetta.jpl.nasa.gov/blogs/admin%3Fpage%3D1
https://www.nasa.gov/news/speeches/admin/mg_speech_collection_archive_4.html
https://dartslab.jpl.nasa.gov/qa/user/admin/answers
https://dartslab.jpl.nasa.gov/qa/user/admin/wall
https://landsat.gsfc.nasa.gov/author/admin/page/14/
....
----------------------------------------------------------------------------------------------------
Domain/IP: nasa.gov
Find links with: AdminTools/

https://kscddms.ksc.nasa.gov/adminTools.html
----------------------------------------------------------------------------------------------------
Domain/IP: nasa.gov
Find links with: Server.html

https://image.msfc.nasa.gov/ChrisDocs/udfLib/Server.html
https://www.nasa.gov/privacy/PIA-ODIN-server.html

MORE RESULTS...

Thanks:
Thank s0md3v for goop, very good job! https://github.com/s0md3v/goop

Download uDork

JSON Vulners Source

Initial Source

{"id": "KITPLOIT:1679847446309154895", "bulletinFamily": "tools", "title": "uDork - Google Hacking Tool", "description": "[ ![](https://1.bp.blogspot.com/-cgvzVwJKlg8/XnWCA4PsWoI/AAAAAAAAR-M/qj6zpXP9E6QUGvviEIi9ohIaQX5BDpZAgCNcBGAsYHQ/s640/uDork.png) ](<https://1.bp.blogspot.com/-cgvzVwJKlg8/XnWCA4PsWoI/AAAAAAAAR-M/qj6zpXP9E6QUGvviEIi9ohIaQX5BDpZAgCNcBGAsYHQ/s1600/uDork.png>)\n\n \nuDork is a script written in Python that uses advanced Google search techniques to obtain [ sensitive information ](<https://www.kitploit.com/search/label/Sensitive%20Information> \"sensitive information\" ) in files or directories, find IoT devices, detect versions of web applications, and so on. \nuDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: [ https://www.exploit-db.com/google-hacking-database ](<https://www.exploit-db.com/google-hacking-database> \"https://www.exploit-db.com/google-hacking-database\" ) ). \n \n** Author: M3n0sD0n4ld ** \n** Twitter: [ @David_Uton ](<https://twitter.com/David_Uton> \"@David_Uton\" ) ** \n \n** You need to have goop installed ** \n\n \n \n pip3 install goop\n\n \n** Download and install: ** \n\n \n \n $ git clone https://github.com/m3n0sd0n4ld/uDork\n $ cd uDork\n - Open the file and write inside this line:\n\ncookie = 'YOUR FACEBOOK COOKIES HERE' \n\n \n \n $ python3 uDork.py -h\n\n \n** Important!!! ** \n\n\n * For the tool to work, you must configure uDork with your [ Facebook ](<https://www.kitploit.com/search/label/Facebook> \"Facebook\" ) cookie in the file ` cookie.py ` . \n * You must also be logged in to Facebook on the computer you are using uDork WITHOUT logging out. \n \n** Steps to obtain the cookie and configure the cookie ** \n\n\n * Login to facebook.com \n * Press in your browser control + shift + K (Firefox) o control + shift + J (Google Chrome) to go to console. \n * Write document.cookie in the console and copy the cookies \"c_user = content\" and \"xs = content\" to the variable \"cookie\" inside the file \"cookie.py\"\" \n \n \n cookie = 'c_user=XXXXXX; xs=XXXXXX'\n\nNote: If the \"xs\" cookie does not appear, [ follow these steps ](<https://gist.github.com/sqren/0e4563f258c9e85e4ae1> \"follow these steps\" ) . \n\n\n * Save and remember, you must NOT log out of Facebook or you will have to do these steps again. \n \n** Use: ** \n \n** Menu ** \n\n \n \n $ python3 uDork.py -h\n _____ _ \n | __ \\ | | \n _ _| | | | ___ _ __| | __\n | | | | | | |/ _ \\| '__| |/ /\n | |_| | |__| | (_) | | | < \n \\__,_|_____/ \\___/|_| |_|\\_\\ v.2020.03.13\n by M3n0sD0n4ld - (@David_Uton)\n \n ----------------------------------------------------------------------------------------------------\n usage: uDork.py [-h] [-d DOMAIN] [-e EXTENSION] [-t TEXT] [-s STRING]\n [-m MASSIVE] [-l LIST] [-f FILE] [-k DORK] [-p PAGES]\n [-o OUTPUT]\n \n optional arguments:\n -h, --help show this help message and exit\n -d DOMAIN, --domain DOMAIN\n Domain or IP address.\n -e EXTENSION, --extension EXTENSION\n Search files by extension. Use 'all' to find the list\n extension.\n -t TEXT, --text TEXT Find text in website content.\n -s STRING, -- string STRING\n Locate text strings within the URL.\n -m MASSIVE, --massive MASSIVE\n Attack a site with a predefined list of dorks. Review\n list <-l / - list>\n -l LIST, --list LIST Shows the list of predefined dorks (Exploit-DB).\n -f FILE, --file FILE Use your own personalized list of dorks.\n -k DORK, --dork DORK Specifies the type of dork <filetype | intext | inurl>\n (Required for '<-f / - file'>).\n -p PAGES, --pages PAGES\n Number of pages to search in Google. (By default 5\n pages).\n -o OUTPUT, --output OUTPUT\n Export results to a file.\n\n \n** Example of searching pdf files ** \n\n \n \n $ python3 uDork.py -d nasa.gov -e pdf\n \n _____ _ \n | __ \\ | | \n _ _| | | | ___ _ __| | __\n | | | | | | |/ _ \\| '__| |/ /\n | |_| | |__| | (_) | | | < \n \\__,_|_____/ \\___/|_| |_|\\_\\ v.2020.03.13\n by M3n0sD0n4ld - (@David_Uton)\n \n ----------------------------------------------------------------------------------------------------\n [!] The results will appear below. This may take several minutes, please wait ...\n ----------------------------------------------------------------------------------------------------\n Domain/IP: nasa.gov\n Find links with: pdf\n ----------------------------------------------------------------------------------------------------\n https://www.sti.nasa.gov/thesvol2.pdf\n https://www.sti.nasa.gov/thesvol1.pdf\n https://www.nasa.gov/pdf/220260main_Workforce_Transition_Strategy_briefing .pdf\n https://oig.nasa.gov/docs/SAR0318.pdf\n https://oig.nasa.gov/docs/FinalWrittenStatement_03_13_2013.pdf\n https://oig.nasa.gov/docs/MC-2018.pdf\n https://www.nasa.gov/centers/dryden/pdf/88798main_srfcs.pdf\n https://www.nasa.gov/specials/apollo50th/pdf/A10_PressKit.pdf\n https://www.nasa.gov/specials/apollo50th/pdf/A14_PressKit.pdf\n https://www.nasa.gov/specials/apollo50th/pdf/A07_PressKit.pdf\n https://www.nasa.gov/specials/apollo50th/pdf/A15_PressKit.pdf\n https://www.nasa.gov/specials/apollo50th/pdf/A09_PressKit.pdf\n https://www.nasa.gov/specials/apollo50th/pdf/A08_PressKit.pdf\n https://www.nasa.gov/centers/dryden/pdf/88790main_Dryden.pdf\n https://oig.nasa.gov/docs/MC-2017.pdf\n ....\n\n \n** Example of searching routes with the word \"password\" ** \n\n \n \n $ python3 uDork.py -d nasa.gov -s password\n \n _____ _ \n | __ \\ | | \n _ _| | | | ___ _ __| | __\n | | | | | | |/ _ \\| '__| |/ /\n | |_| | |__| | (_) | | | < \n \\__,_|_____/ \\___/|_| |_|\\_\\ v.2020.03.13\n by M3n0sD0n4ld - (@David_Uton)\n \n ----------------------------------------------------------------------------------------------------\n [!] The results will appear below. This may take several minutes, please wait ...\n ----------------------------------------------------------------------------------------------------\n Domain/IP: nasa.gov\n Find links with: password\n ----------------------------------------------------------------------------------------------------\n https://www.grc.nasa.gov/its-training/best-practices/password-tips/\n https://www.grc.nasa.gov/its-training/best-practices/password-rules/\n htt ps://www.nas.nasa.gov/hecc/support/kb/password-creation-rules_270.html\n https://www.nas.nasa.gov/hecc/support/kb/index.php%3FView%3Dentry%26EntryID%3D270%26EntryTitle%3Dpassword-creation-rules%26mobile%3D0\n https://open.nasa.gov/datanaut-accounts/password/reset/%3Fnext%3D/explore/datanauts/app/profile\n https://www.nas.nasa.gov/hecc/support/kb/i-cant-log-inmy-password-is-not-workingmy-account-is-locked_5.html\n https://www.nas.nasa.gov/hecc/support/kb/index.php%3FView%3Dentry%26EntryID%3D53%26EntryTitle%3Dtwo-step-connection-using-rsa-securid-passcode-and-nas-password%26mobile%3D0\n https://www.nas.nasa.gov/hecc/support/kb/index.php%3FView%3Dentry%26EntryID%3D8%26EntryTitle%3Dwhat-are-the-requirements-for-creating-a-password%26mobile%3D0\n https://oltaris.nasa.gov/password/new\n https://ghrc.nsstc.nasa.gov/data-publication/user/password\n https://answers.nssc.nasa.gov/app/answers/detail/a_id/6173/~/change-launchpad-%2528idmax%2529-password\n https://answers.nssc. nasa.gov/app/answers/list/search/1/kw/Password/search/1\n https://answers.nssc.nasa.gov/app/answers/list/search/1/kw/CHANGE%2520NDC%2520PASSWORD/suggested/1\n https://answers.nssc.nasa.gov/app/answers/detail/a_id/6174/~/reset-ndc-password\n .....\n\n \n** Dorks listing ** \n\n \n \n $ python3 uDork.py -l list\n \n _____ _ \n | __ \\ | | \n _ _| | | | ___ _ __| | __\n | | | | | | |/ _ \\| '__| |/ /\n | |_| | |__| | (_) | | | < \n \\__,_|_____/ \\___/|_| |_|\\_\\ v.2020.03.13\n by M3n0sD0n4ld - (@David_Uton)\n \n ----------------------------------------------------------------------------------------------------\n \n ======================== DORKS LISTING ========================\n admin : Access panels of all kinds (administration, login, CMS, ...)\n directories : Sensitive directories (drupal, wordpress, phpmyadmin ...)\n [usernames](<https://www.kitploit.com/search/label/Usernames> \"usernames\" ) : Find files containing user names.\n [passwords](<https://www.kitploit.com/search/label/Passwords> \"passwords\" ) : Find files that contain passwords .\n webservers: Find web servers.\n vulnerable_files : Find [vulnerable](<https://www.kitploit.com/search/label/Vulnerable> \"vulnerable\" ) files. \n vulnerable_servers : Find vulnerable servers.\n error_messages : Show error messages.\n vulnerable_networks : Find software data on vulnerable networks.\n portal_logins : List portal logins.\n devices : Find connected devices (printers, webcams, thermostats, ...)\n \n\n \n** Example of use Dorks Massive ** \n\n \n \n $ python3 uDork.py -d nasa.gov -m admin -p 3 -o report.txt\n \n _____ _ \n | __ \\ | | \n _ _| | | | ___ _ __| | __\n | | | | | | |/ _ \\| '__| |/ /\n | |_| | |__| | (_) | | | < \n \\__,_|_____/ \\___/|_| |_|\\_\\ v.2020.03.13\n by M3n0sD0n4ld - (@David_Uton)\n \n ----------------------------------------------------------------------------------------------------\n [!] The results will appear below. This may take several minutes, please wait ...\n ----------------------------------------------------------------------------------------------------\n Domain/IP: nasa.gov\n Find links with: ADMIN/\n \n https://asd.gsfc.nasa.gov/blueshift/index.php/author/admin/\n https://lists.hq.nasa.gov/mailman/admin\n https://lists.hq.nasa.gov/mailman/admin/LISTNAME\n https://rosetta.jpl.nasa.gov/blogs/admin\n https://dartslab.jpl.nasa.go v/qa/user/admin\n https://landsat.gsfc.nasa.gov/author/admin/page/8/\n https://rosetta.jpl.nasa.gov/blogs/admin%3Fpage%3D1\n https://www.nasa.gov/news/speeches/admin/mg_speech_collection_archive_4.html\n https://dartslab.jpl.nasa.gov/qa/user/admin/answers\n https://dartslab.jpl.nasa.gov/qa/user/admin/wall\n https://landsat.gsfc.nasa.gov/author/admin/page/14/\n ....\n ----------------------------------------------------------------------------------------------------\n Domain/IP: nasa.gov\n Find links with: AdminTools/\n \n https://kscddms.ksc.nasa.gov/adminTools.html\n ----------------------------------------------------------------------------------------------------\n Domain/IP: nasa.gov\n Find links with: Server.html\n \n https://image.msfc.nasa.gov/ChrisDocs/udfLib/Server.html\n https://www.nasa.gov/privacy/PIA-ODIN-server.html\n \n MORE RESULTS...\n\n \n** Thanks: ** \nThank s0md3v for goop, very good job! [ https://github.com/s0md3v/goop ](<https://github.com/s0md3v/goop> \"https://github.com/s0md3v/goop\" ) \n \n \n\n\n** [ Download uDork ](<https://github.com/m3n0sd0n4ld/uDork> \"Download uDork\" ) **\n", "published": "2020-03-21T12:00:02", "modified": "2020-03-21T12:00:02", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://www.kitploit.com/2020/03/udork-google-hacking-tool.html", "reporter": "KitPloit", "references": ["https://gist.github.com/sqren/0e4563f258c9e85e4ae1", "https://github.com/m3n0sd0n4ld/uDork", "https://github.com/s0md3v/goop"], "cvelist": [], "type": "kitploit", "lastseen": "2020-12-09T05:23:11", "edition": 5, "viewCount": 281, "enchantments": {"dependencies": {"references": [], "modified": "2020-12-09T05:23:11", "rev": 2}, "score": {"value": -0.5, "vector": "NONE", "modified": "2020-12-09T05:23:11", "rev": 2}, "vulnersScore": -0.5}, "toolHref": "https://github.com/m3n0sd0n4ld/uDork", "scheme": null, "immutableFields": []}