.png)
2 days ago
11 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello Everyone! 😊
I hope you’re all doing well and having a productive bug-hunting journey. Today, I’m going to share how I used a Google Dork to discover sensitive user information on a target and report a P1 vulnerability. This technique is simple yet effective, and I hope it inspires you to explore new avenues for finding bugs.
— -
The Discovery
While performing reconnaissance on a target, I decided to search for publicly accessible files that might contain sensitive information. I crafted the following Google Dork:
site:target.com ext:xlsx "name" "@gmail.com" "phone"This Dork is designed to find .xlsx (Excel) files hosted on the target domain (site:target.com) that include specific terms such as name, @gmail.com (to filter email addresses), and phone.
Upon executing this search, I found several exposed Excel files containing user names, email addresses, phone numbers, and even home addresses. 😮
— -
Why This is Critical
The exposure of such sensitive information can lead to severe privacy violations, phishing attacks, and even identity theft. Since the target company stored personal data of its users, this became a high-priority issue (P1) due to the potential impact on user security.
— -
Steps to Reproduce
Here’s how you can use this technique in your own bug-hunting:
Replace target.com with the domain you’re testing.Modify the search terms in the Dork based on what information you’re looking for (e.g., SSNs, passwords, credit cards, etc.).Review the search results carefully and download any files that might contain sensitive data (only after obtaining proper authorization).Analyze the content of the files to identify sensitive information.— -
Example Search Results
Here’s an example of the search result I found (censored for privacy):
File Name: User_Contacts.xlsxContent:Name: John DoeEmail: john.doe@gmail.comPhone: +123456789Address: 123 Main Street, Springfield— -
Bengali (Bangladesh) · 
English (United States) ·