uDork : Tool That Uses Advanced Google Search Techniques

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

It does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).

Download & Install

$ git clone https://github.com/m3n0sd0n4ld/uDork
$ cd uDork
$ chmod +x uDork.sh
– Open the file “uDork.sh” and write inside this line:

$ ./uDork.sh -h

Steps To Obtain The Cookie & Configure The Cookie

  • Login to facebook.com
  • Now we will access www.messenger.com (It is the Facebook messaging app) and click on the “Continue as…” button.
  • Once we’re in, all we have to do is get the two cookies we need to make uDork work.
  • With firefox:
    • Right mouse button and click on “Inspect”.
    • Click on the “Network” tab and select any line that is in the domain “www.messenger.com“.
    • Now click on the “Cookies” tab, copy and paste the cookies “c_user” and “xs” into the “uDork.sh” file.

Thus: cookies=”c_user=XXXXXX; xs=XXXXXX;”

  • With Google Chrome
    • Right mouse button and click on “Inspect”.
    • Click on the tab “Application”, in the left column, look for the section “Cookies”, copy and paste the cookies “c_user” and “xs” with their value to the file “uDork.sh”.

Thus: cookies=”c_user=XXXXXX; xs=XXXXXX;”

Docker Version

  • Acknowledgement

Twitter: @interh4ck GitHub:(https://github.com/interhack86)

$ git clone https://github.com/m3n0sd0n4ld/uDork
$ cd uDork
$ docker build -t udork .
$ docker run –rm -it -e c_user=XXXXXXXXX -e xs=XXXXXXXXX udork -h

Use

  • Menu
  • Example of searching pdf files
  • Example of a search for a list of default extensions.
  • Example of searching routes with the word “password”
  • Dorks listing
  • Example of use Dorks Massive
R K

Recent Posts

Wez’s Terminal : A Rust-Powered GPU-Accelerated Terminal Emulator

A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust Getting…

6 hours ago

AutorizePro : Revolutionizing Authorization Testing With AI

一句话介绍工具: AutorizePro 是一款创新性的内置AI分析模块的专注于越权检测的 Burp 插件 (已有多个白帽反馈用工具嘎嘎挖到src洞, 每周末更新, 欢迎Star🌟以便持续跟踪项目最新版本功能) 工具背景 越权漏洞在黑盒测试、SRC挖掘中几乎是必测的一项,但手工逐个测试越权漏洞往往会耗费大量时间。 而自动化工具又因为接口的多样化,难以制定一个全面的检测逻辑而存在大量误报, 基于此产生了 AI辅助分析的检测工具 ➡️ AutorizePro…

7 hours ago

SharpRDPHijack : A .NET Utility For RDP Session Hijacking

Sharp RDP Hijack is a proof-of-concept .NET/C# Remote Desktop Protocol (RDP) session hijack utility. RDP…

7 hours ago

SharpExecute : Advanced Techniques For Stealth .NET Execution And CLR Manipulation

Executing .NET Files from an Unmanaged Process with Manual CLR Loading. Manually loading the CLR…

7 hours ago

BlackPill : A Comprehensive Overview Of A Stealthy Linux Rootkit

Dive into the dark intricacies of BlackPill, a sophisticated Linux rootkit engineered in Rust that…

1 day ago

RustScan : Revolutionizing Port Scanning With Speed And Extensibility

The Modern, Blazing Fast Port Scanner. Find ports quickly (3 seconds at its fastest). Run…

1 day ago