Google Dorking seems an often under-appreciated technique in a bug bounty hunter’s arsenal when assessing a target web application for vulnerabilities. A Google dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators to find information that is not readily available on a website.

Google Dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries. That description includes information that is not intended for public viewing but that has not been adequately protected. Reference here https://whatis.techtarget.com/definition/Google-dork-query

I recently came across an interesting google dork inurl:storefrontb2bwebthat enables us to scan for e-commerce websites that are vulnerable to SQL Injection. This was originally discovered by a bug hunter going by the name ratboy. Typing this query in Google will return 4 pages of results. Unfortunately, most of the website owners have no vulnerability disclosure in place and efforts to contact them via other channels proved futile.

One website had a vulnerability disclosure channel which I found through running a search on google “Company name vulnerability disclosure”. The vulnerable parameter is the username parameter which throws a SQL error when injected with a single or double quote.

#bug-bounty #sql-injection #information-security #infosec #sqli #sql