• Like
Bo0oM - There's Nothing so Permanent as Temporary (PHDays IV, 2014)
Upcoming SlideShare
Loading in...5
×

Bo0oM - There's Nothing so Permanent as Temporary (PHDays IV, 2014)

  • 5,407 views
Uploaded on

How to obtain a list of files in a directory via a single HTTP request without a directory index? Is it possible to view a script’s source code on a working site? What if to gain database or FTP …

How to obtain a list of files in a directory via a single HTTP request without a directory index? Is it possible to view a script’s source code on a working site? What if to gain database or FTP passwords? Today many people neglect their temporary files and make configuration mistakes, facilitating attackers’ access to sensitive information.


Как получить список файлов в директории одним HTTP-запросом без directory index? Можно ли посмотреть исходники скрипта на работающем сайте? А что, если достать пароли к базе данных или FTP? Сегодня многие не обращают внимания на временные файлы и допускают ошибки в конфигурации, благодаря чему злоумышленник может легко получить доступ к важной информации.

More in: Technology , Design
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
5,407
On Slideshare
0
From Embeds
0
Number of Embeds
3

Actions

Shares
Downloads
15
Comments
0
Likes
6

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Fast Track “There's Nothing so Permanent as Temporary”
  • 2. Alexa top 1,000,000 websites
  • 3. Robots ● Robots.txt Google dork: inurl:robots filetype:txt Disallow: /admin/* Disallow: /backup/* Disallow: /logs/* Disallow: /secret-file.tar.gz
  • 4. Robots
  • 5. Hypertext ● .htaccess ● .htpasswd ● _.htpasswd ● !.htpasswd ● 0.htpasswd ● old.htpasswd ● %20.htpasswd ● backup.htpasswd ● 1.htpasswd
  • 6. OS files ● Thumbs.db ● ehthumbs.db ● Desktop.ini ● .DS_Store ● .apdisk ● .AppleDouble ● .LSOverride
  • 7. Logs ● access.log ● access_log ● error.log ● error_log ● /log/* ● /logs/*
  • 8. Logs
  • 9. Logs Google dorks: site:mysite.com filetype:log site:mysite.com inurl:error_log site:mysite.com inurl:access_log
  • 10. Status ● /server-status/ ● /nginx-status/ ● /status/ ● /stats/ ● /stat/
  • 11. DGT Release Checker for vBulletin validator.php
  • 12. Tools for managing content in databases ● /sqlbuddy/login.php ● /adminer/index.php ● /adminer/adminer.php ● /adminer.php ● /phpmyadmin/index.php ● /myadmin/index.php ● /pma/index.php
  • 13. Revision control ● /.svn/entries ● /.git/index ● /.hg/store/undo ● /.hg/store/data/
  • 14. Revision control ● .cvsignore ● .gitignore ● .gitignore_global ● .npmignore ● .svnignore ● .hgignore
  • 15. Revision control ● .hgrc (mercurial.ini for win) ● .gitconfig ● .gitattributes
  • 16. Test files ● test.php ● 1.php ● tst.php ● test1.php ● example.php ● demo.php ● phpinfo.php ● php.php ● info.php ● i.php ● p.php
  • 17. ● *.dif ● *.err ● *.orig ● *.rej ● .*.swo ● .*.swn ● .*.swm ● .*.swp ● *.vi ● *~ ● *.sass-cache ● *.cache ● *.part ● .#.* ● *.bak ● *.backup ● *.un~ ● *.old ● *.tmp ● *.sublime-workspace ● *.sublime-project etc… Swap and backup files
  • 18. Swap and backup files
  • 19. Other configs ● /WEB-INF/context.xml ● /WEB-INF/web.xml ● /web.config ● /dataobject.ini ● /.travis.yml ● /database.yml ● /config/AppData.config ● /inc/config.inc
  • 20. /dataobjects.ini /WEB-INF/context.xml
  • 21. Statistic ● /webstat/ ● /cgi-bin/awstats.pl ● /apc.php ● /apc/index.php ● /apc/apc.php Ну и там всякий xcache, загуглите сами ;)
  • 22. IDE and other ● /nbproject/ ● /.komodotools/ ● /.sass-cache/ ● /.idea/ ● .project ● .buildpath ● .settings ● .tmproj
  • 23. IDE and other ● /.config ● /.pki ● /.local ● /.cache ● /.filemgr-tmp ● /.shrc ● /.rhosts ● /.profile ● /.mailrc ● /.mail_aliases ● /.login_conf ● /.login ● /.cshrc ● .cache
  • 24. home = www
  • 25. .bash_history
  • 26. SSH • /.ssh/known_host • /.ssh/authorized_keys • /.ssh/*
  • 27. Attn!
  • 28. /.ssh/id_rsa
  • 29. @i_bo0om Спасибо за внимание ;) Тут я работаю > < тут принимаю участие / Тут я пишу короч)))