Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Fast Track
“There's Nothing so Permanent as
Temporary”
Alexa top 1,000,000 websites
Robots
Robots.txt
Google dork:
inurl:robots filetype:txt
Disallow: /admin/*
Disallow: /backup/*
Disallow: /logs/*
Disallow...
Robots
Hypertext
.htaccess
.htpasswd
_.htpasswd
!.htpasswd
0.htpasswd
old.htpasswd
%20.htpasswd
backup.htpasswd
1.htpasswd
OS files
Thumbs.db
ehthumbs.db
Desktop.ini
.DS_Store
.apdisk
.AppleDouble
.LSOverride
Logs
access.log
access_log
error.log
error_log
/log/*
/logs/*
Logs
Logs
Google dorks:
site:mysite.com filetype:log
site:mysite.com inurl:error_log
site:mysite.com inurl:access_log
Status
/server-status/
/nginx-status/
/status/
/stats/
/stat/
DGT Release Checker for vBulletin
validator.php
Tools for managing content in
databases
/sqlbuddy/login.php
/adminer/index.php
/adminer/adminer.php
/adminer.php
/phpmyadm...
Revision control
/.svn/entries
/.git/index
/.hg/store/undo
/.hg/store/data/
Revision control
.cvsignore
.gitignore
.gitignore_global
.npmignore
.svnignore
.hgignore
Revision control
.hgrc (mercurial.ini for win)
.gitconfig
.gitattributes
Test files
test.php
1.php
tst.php
test1.php
example.php
demo.php
phpinfo.php
php.php
info.php
i.php
p.php
*.diff
*.err
*.orig
*.rej
.*.swo
.*.swn
.*.swm
.*.swp
*.vi
*~
*.part
.#.*
*.bak
*.backup
*.un~
*.old
*.tmp
*.sublime-works...
Swap and backup files
Other configs
/WEB-INF/context.xml
/WEB-INF/web.xml
/web.config
/dataobject.ini
/.travis.yml
/database.yml
/config/AppData...
/dataobjects.ini
/WEB-INF/context.xml
Statistic
/webstat/
/cgi-bin/awstats.pl
/apc.php
/apc/index.php
/apc/apc.php
IDE and other
/nbproject/
/.komodotools/
/.sass-cache/
/.idea/
.project
.buildpath
.settings
.tmproj
IDE and other
/.config
/.pki
/.local
/.cache
/.filemgr-tmp
/.shrc
/.rhosts
/.profile
/.mailrc
/.mail_aliases
/.login_conf
...
home = www
.bash_history
SSH
•/.ssh/known_host
•/.ssh/authorized_keys
•/.ssh/*
Attn!
/.ssh/id_rsa
@i_bo0om
Спасибо за внимание ;)
There's Nothing so Permanent as Temporary
There's Nothing so Permanent as Temporary
Upcoming SlideShare
Loading in …5
×

There's Nothing so Permanent as Temporary

3,036 views

Published on

Published in: Technology, Design
  • Be the first to comment

There's Nothing so Permanent as Temporary

  1. 1. Fast Track “There's Nothing so Permanent as Temporary”
  2. 2. Alexa top 1,000,000 websites
  3. 3. Robots Robots.txt Google dork: inurl:robots filetype:txt Disallow: /admin/* Disallow: /backup/* Disallow: /logs/* Disallow: /secret-file.tar.gz
  4. 4. Robots
  5. 5. Hypertext .htaccess .htpasswd _.htpasswd !.htpasswd 0.htpasswd old.htpasswd %20.htpasswd backup.htpasswd 1.htpasswd
  6. 6. OS files Thumbs.db ehthumbs.db Desktop.ini .DS_Store .apdisk .AppleDouble .LSOverride
  7. 7. Logs access.log access_log error.log error_log /log/* /logs/*
  8. 8. Logs
  9. 9. Logs Google dorks: site:mysite.com filetype:log site:mysite.com inurl:error_log site:mysite.com inurl:access_log
  10. 10. Status /server-status/ /nginx-status/ /status/ /stats/ /stat/
  11. 11. DGT Release Checker for vBulletin validator.php
  12. 12. Tools for managing content in databases /sqlbuddy/login.php /adminer/index.php /adminer/adminer.php /adminer.php /phpmyadmin/index.php /myadmin/index.php /pma/index.php
  13. 13. Revision control /.svn/entries /.git/index /.hg/store/undo /.hg/store/data/
  14. 14. Revision control .cvsignore .gitignore .gitignore_global .npmignore .svnignore .hgignore
  15. 15. Revision control .hgrc (mercurial.ini for win) .gitconfig .gitattributes
  16. 16. Test files test.php 1.php tst.php test1.php example.php demo.php phpinfo.php php.php info.php i.php p.php
  17. 17. *.diff *.err *.orig *.rej .*.swo .*.swn .*.swm .*.swp *.vi *~ *.part .#.* *.bak *.backup *.un~ *.old *.tmp *.sublime-workspace *.sublime-project Swap and backup files
  18. 18. Swap and backup files
  19. 19. Other configs /WEB-INF/context.xml /WEB-INF/web.xml /web.config /dataobject.ini /.travis.yml /database.yml /config/AppData.config /inc/config.inc
  20. 20. /dataobjects.ini /WEB-INF/context.xml
  21. 21. Statistic /webstat/ /cgi-bin/awstats.pl /apc.php /apc/index.php /apc/apc.php
  22. 22. IDE and other /nbproject/ /.komodotools/ /.sass-cache/ /.idea/ .project .buildpath .settings .tmproj
  23. 23. IDE and other /.config /.pki /.local /.cache /.filemgr-tmp /.shrc /.rhosts /.profile /.mailrc /.mail_aliases /.login_conf /.login /.cshrc .cache
  24. 24. home = www
  25. 25. .bash_history
  26. 26. SSH •/.ssh/known_host •/.ssh/authorized_keys •/.ssh/*
  27. 27. Attn!
  28. 28. /.ssh/id_rsa
  29. 29. @i_bo0om Спасибо за внимание ;)

×