Certified Ethical Hacker (CEH) Practice Question

The Google operator "site:" limits results to the specified domain and all of its sub-domains, while "filetype:" restricts the returned documents to a given extension. Therefore, the query "site:*.example.com filetype:sql" (with the asterisk wildcard for any sub-domain) will show only .sql files hosted under any host inside example.com.

The other options are less precise:

• Using "inurl:" simply searches for the text in the URL and can return results from many different domains that mention the string, so it does not guarantee the file is hosted by the target.
• The "link:" operator lists pages that link to a domain, not files served by it, so it is unsuitable for locating exposed dumps.
• "ext:" works like "filetype:", but without the domain‐limiting "site:" it can return SQL backups stored anywhere on the Internet, not just the company's infrastructure. Thus, only the combination of the wildcarded "site:" operator with the appropriate "filetype:" filter meets all requirements.