No products in the cart.
New functional version: v.3.0
Author: M3n0sD0n4ld
Twitter: @David_Uton
https://github.com/m3n0sd0n4ld/uDork
Description:
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.
uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).
Download and install:
$ git clone https://github.com/m3n0sd0n4ld/uDork
$ cd uDork
$ chmod +x uDork.sh
- Open the file "uDork.sh" and write inside this line:
$ ./uDork.sh -h
Steps to obtain the cookie and configure the cookie
- Login to facebook.com
- Now we will access www.messenger.com (It is the Facebook messaging app) and click on the "Continue as..." button.
- Once we're in, all we have to do is get the two cookies we need to make uDork work.
3.1 - With firefox:
-- Right mouse button and click on "Inspect".
-- Click on the "Network" tab and select any line that is in the domain "www.messenger.com".
-- Now click on the "Cookies" tab, copy and paste the cookies "c_user" and "xs" into the "uDork.sh" file.
Thus: cookies="c_user=XXXXXX; xs=XXXXXX;"
3.2 - With Google Chrome
-- Right mouse button and click on "Inspect".
-- Click on the tab "Application", in the left column, look for the section "Cookies", copy and paste the cookies "c_user" and "xs" with their value to the file "uDork.sh".
Thus: cookies="c_user=XXXXXX; xs=XXXXXX;"
Docker version:
Acknowledgement
Twitter: @interh4ck GitHub:(https://github.com/interhack86)
$ git clone https://github.com/m3n0sd0n4ld/uDork
$ cd uDork
$ docker build -t udork .
$ docker run --rm -it -e c_user=XXXXXXXXX -e xs=XXXXXXXXX udork -h
Use:
Menu
Example of searching pdf files
Example of a search for a list of default extensions.
Example of searching routes with the word "password"
Dorks listing
Example of use Dorks Massive
Example of use All Dorks Massive (Recommend for pentesting/audit)
Disclaimer
This tool requires session cookies from a Facebook account to work. I am NOT responsible for any problems with your account and/or computer.
Author
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky
Popular Authors
New Edition
Ha. Why write tools that do this? Or why publish them. It’s so trivial and only creates more problems than solutions unless it’s a honeypot.
People write tools to test their skills and see what they can achieve. But the main reason why they do it is that they need a tool with a particular set of features and they can’t find them anywhere else. I spoke with various developers and that is almost always the main reason. After that they usually just share the tool with others on Github.
Facebook cookies to use a Google Search. Seems legit. <_<
You’re a “dork” if you follow these instructions and get your Facebook account stolen LOL.
Thats nice