Last week, it became known that thousands of Google Calendar users made their calendars public . Why and why they did that and did not pay attention to the warning that all entries and data were publicly accessible to everyone, remains the question. With Google Dorks or even Google Hacking, such data is available to everyone. What it’s all about we explain in our tip article.
Google Calendar – Data from many users are publicly available
Google Calendar is the default calendar used by many of us, and it’s easy to sync with any other Google product.
Last week, it became known that thousands of people share their appointments with the public – without knowing it, or simply because a warning has been clicked off.
On the web, you have the option to share your Google Calendar, which is set by default private, in the settings with others or to make the calendar public. When you split the calendar, a link will be sent that the other person can open to see your schedule. Also with the help of search engines such a link can be found.
If you’ve made your calendar public, Google will show a warning: “Publishing your calendar will make all appointments visible to all Google users through Google Search. Do you really want that? “
Actually a very clear warning and yet it was simply ignored by thousands of users and confirmed with OK. Thus, the own Google calendar (as well as that of some enterprises) was accessible to all search engines.
In order to find such entries one uses additional search parameters, which are also known as Google Hacking or Google Dorks / Dorking. Dorks refers here to the site operators, the “jerk / dorks,” who has not given enough thought to the safety of his entries.
With the search query inurl: https: //calendar.google.com/calendar?cid= ( (which no longer works), more than 7,000 Google Calendar results have been revealed. With further inquiries appointments were discovered by medical practices. It is also possible to search specifically for entries of certain users, provided the e-mail address is known. https://calendar.google.com/calendar/b/1/r?cid=example@email.com
Google Dorks and Google Hacking / Dorking
The term Google Dorks or Dorking was used for the first time by Johnny Long, who used search parameters in 2002 to find unprotected content on the WWW. In the Google Hacking Database , the dorks were once described as:
- “We call them ‘googledorks’: Inept or foolish people as revealed by Google. Whatever you call these fools, you’ve found the center of the Google Hacking Universe! “
- “We call them ‘googledorks’: incompetent or stupid people revealed by Google. Whatever you call these fools, you’ve found (with them) the center of the universe Google Hacking! “
There is now a large database of such queries.
Google Hacking or Dorking is not prohibited or punishable! Because all information found in this way can be accessed unprotected via the web, as it was not protected by the user / owner of the information. However, it becomes a criminal offense if the information thus found is misused for criminal purposes and causes harm to the users concerned (financially, personally and in any way).
Google hacking is not a hacking attack on Google itself, but just like a Google Dork query, a special query using advanced parameters to retrieve information from the web that would otherwise be unavailable but publicly posted by the user ( knowing or ignorant is something to be discussed). They can only be tapped because the user has not or only insufficiently protected them.
Hacking / Dorking can be used, for example, to find usernames and passwords, e-mail addresses and many other documents. Such data can then be used for identity theft or cyber terror.
Special parameters are prefixed to the URL and restrict the search query. Some are known, others may not yet. However, this is just a selection of common search parameters.
""
– Everyone knows the two goose feet. This makes it possible to search exactly for the given word / sentence between the quotation marks.intitle:
searches for the specified term in the title of the pages.allintitle:
only searches for pages containing all specified terms in the title.intext:
searches only in the text of the pages for the given term.allintext:
works as withallintitle:
, except that here all terms in the text of the page must occur.inurl:
searches for the specified term in the URL of the pages.site:
restricts the search to a specific website.filetype:
searches for a specific file type, eg PHP or PDF. It is also possible to filter out several file types at the same time. For this the file extensions are separated with “|”.cache:url
returns the Google-cached version of the URL. This is very useful if a page has changed in the meantime. Since Google regularly refreshes the cache, the pages may not be preserved for very long. For longer side versions, the Wayback Machine can be used.info:url
provides an overview of all information Google has about this URL.
In the search queries, several parameters can be linked to each other, for example, to search for a particular filetype on a particular site .
Furthermore, it is also possible to refine the actual Google search. To do this, you call up the advanced search and can improve the search query through various information in a form.
Conclusion
Although it is now known to Google, many calendars were publicly available: The blame lies entirely alone with the user of the calendar, which has simply dismissed a warning. A public calendar is public.
While Google Hacking or Dorking is primarily legal, it can quickly become a criminal offense. However, if you use it to scan your own website for vulnerabilities or to optimize personal search results, it can be of great help.