Guide | How To WannaCry Google Dork

[Retality]

So despite all of the chaos going on with the WannaCry ransom ware, you can actually use a simple Google Dork to search for websites affected by the ransom ware. Although I haven't tested the websites yet, I can tell you that the robots.txt' of the websites have become either unresponsive or just ruined completely.

Here's a screenshot of an example of what I searched earlier on.

Here's the Google Dork for anyone interested in testing it out:

intitle:"index of" "@Please_Read_Me@.txt"

P.S. Use common sense and don't touch any of these websites unless you're running under a virtual machine closed off from your host machine. Turn off the SMB protocol on your host machine just to prevent it from spreading.

 

[Winter Soldier]

Technically the Google Dorks are comparable to specific queries that we can ask the search engine to get what we want.

Well, in this case, the request is a bit unusual and I would add: those who want to open these links should also use a good VPN to prevent your real IP from being prosecuted for not good intentions or even worse, blacklisted from your ISP.

 

[TairikuOkami]

Thanks, the first page had, what I was looking for, a live sample, it ended up as expected, nothing happened once run. I post screens on my security setup.

 

[Retality]

Technically the Google Dorks are comparable to specific queries that we can ask the search engine to get what we want.

Well, in this case, the request is a bit unusual and I would add: those who want to open these links should also use a good VPN to prevent your real IP from being prosecuted for not good intentions or even worse, blacklisted from your ISP.

EDIT: I removed my request.

 

[GonzitoVir]

Here's the Google Dork for anyone interested in testing it out:

intitle:"index of" "@Please_Read_Me@.txt"

It seems Google doesn't like above search parameters After copying and pasting it I got a list of affected sites. Then I wanted to use Google again and got this: