Skip to content

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

Notifications You must be signed in to change notification settings

m3n0sd0n4ld/uDork

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

uDork - Google Hacking Tool

Author: M3n0sD0n4ld
Twitter: @David_Uton

News

11/06/2022

I have some bad news to give, last week Facebook withdrew the service by which the tool made the requests, unfortunately the tool no longer works.

Sorry, thank you very much to all the users who have been using it, reporting bugs and contributing with new ideas.

Note: I am working on another tool, Say hello to GooFuzz!

23/02/2022

  • Adapting uDork to the programming changes from Facebook to Meta.
  • Removed the Perl library "libany-uri-escape-perl".
  • Speed has been improved, gaining 2 seconds between requests.

Description:

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

uDork does NOT make attacks against any server, it only uses predefined dorks and/or official lists from exploit-db.com (Google Hacking Database: https://www.exploit-db.com/google-hacking-database).

Download and install:

$ git clone https://github.com/m3n0sd0n4ld/uDork
$ cd uDork
$ chmod +x uDork.sh
- Open the file "uDork.sh" and write inside this line:

Screenshot

$ ./uDork.sh -h

Steps to obtain the cookie and configure the cookie

  1. Login to facebook.com
  2. Now we will access www.messenger.com (It is the Facebook messaging app) and click on the "Continue as..." button. Screenshot
  3. Once we're in, all we have to do is get the two cookies we need to make uDork work.

3.1 - With firefox:

-- Right mouse button and click on "Inspect".
Screenshot
-- Click on the "Network" tab and select any line that is in the domain "www.messenger.com".
-- Now click on the "Cookies" tab, copy and paste the cookies "c_user" and "xs" into the "uDork.sh" file.
Screenshot
Thus: cookies="c_user=XXXXXX; xs=XXXXXX;"

Screenshot

3.2 - With Google Chrome

-- Right mouse button and click on "Inspect".
Screenshot
-- Click on the tab "Application", in the left column, look for the section "Cookies", copy and paste the cookies "c_user" and "xs" with their value to the file "uDork.sh".
Screenshot
Thus: cookies="c_user=XXXXXX; xs=XXXXXX;"
Screenshot

Docker version:

Acknowledgement

Twitter: @interh4ck GitHub:(https://github.com/interhack86)

$ git clone https://github.com/m3n0sd0n4ld/uDork
$ cd uDork
$ docker build -t udork .
$ docker run --rm -it -e c_user=XXXXXXXXX -e xs=XXXXXXXXX udork -h

Use:

Menu

Screenshot

Example of searching pdf files

Screenshot

Example of a search for a list of default extensions.

Screenshot Screenshot

Example of searching routes with the word "password"

Screenshot

Dorks listing

Screenshot

Example of use Dorks Massive

Screenshot

Example of use All Dorks Massive (Recommend for pentesting/audit)

Screenshot Screenshot

Disclaimer

This tool requires session cookies from a Facebook account to work. I am NOT responsible for any problems with your account and/or computer.

About

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published