Google Hacking: What is a Google Hack?
Google hacking, sometimes, referred to as Google dorking, is an information gathering technique used by an attacker leveraging advanced Google searching techniques. Google hacking search queries can be used to identify security vulnerabilities in web applications, gather information for arbitrary or individual targets, discover error messages disclosing sensitive information, discover files containing credentials and other sensitive data.
The advanced search string crafted by an attacker could be searching for the vulnerable version of a web application, or a specific file-type (.pwd, .sql...) in order to further restrict the search. The search can also be restricted to pages on a specific site, or it can search for specific information across all websites, giving a list of sites that contain the information.
For instance, the following search query will list SQL files (filetype:sql) available that have been indexed by Google on websites where directory listing is enabled (intitle:"index of").