Zmei Posted January 20, 2004 Report Share Posted January 20, 2004 Ключевые слова для поиска уязвимых веб-страниц -------------------------------------------------------------------------------- 1. Что мы ищем? Одна из уязвимостей веб-сайтов это открытые директории. Многие администраторы часто забывают поменять настройки выставленные сервером по умолчанию. Такие ошибки в обычно приводят к дефейсу веб-страницы. 2. Что дают нам открытые директории? Например, через дериктории cgi-bin или scripts можно исполнить любой скрипт на удаленной машине. Через директорию _vti_bin (сайт под управление FrontPage), через утилиту shtml.exe можно просмотреть любой файл на диске. А, например, в директории vti_pvt содержатся все пароли доступа к FrontPage Extension (файл service.pwd). Рассшифровать полученные пароли я думаю труда не составит. 3. Где искать? Это самый простой вопрос. Набираем www.google.com или любой другой поисковик вводим нужную фразу и вперед, остаеться только пересмотреть результаты пойска . Иногда это не простая задача. Например на запрос /ets/passwd yahoo выдал 102000 результатов. Но думаю для настоящего хакера это не проблема. 4. Список. А вот наконец и сам список: /cgi-bin/axs.cgi /cgi-bin/bash /cgi-bin/bb-hist.sh /cgi-bin/bigconf.cgi /cgi-bin/bnbform /cgi-bin/bnbform.cgi /cgi-bin/cachemgr.cgi /cgi-bin/calendar /cgi-bin/campas /cgi-bin/carbo.dll /cgi-bin/cgimail.exe /cgi-bin/Cgitest.exe /cgi-bin/cgiwrap /cgi-bin/classified.cgi /cgi-bin/classifieds /cgi-bin/classifieds.cgi /cgi-bin/Count.cgi /cgi-bin/csh /cgi-bin/date /cgi-bin/day5datacopier.cgi /cgi-bin/day5notifier /cgi-bin/dbmlparser.exe /cgi-bin/download.cgi /cgi-bin/dumpenv.pl /cgi-bin/edit.pl /cgi-bin/environ.cgi /cgi-bin/excite /cgi-bin/faxsurvey /cgi-bin/faxsurvey /cgi-bin/filemail /cgi-bin/filemail.pl /cgi-bin/files.pl /cgi-bin/finger /cgi-bin/finger.cgi /cgi-bin/finger.pl /cgi-bin/flexform /cgi-bin/flexform.cgi /cgi-bin/FormHandler.cgi /cgi-bin/formmail.pl /cgi-bin/fortune /cgi-bin/fpexplorer.exe /cgi-bin/get32.exe\|dir /cgi-bin/glimpse /cgi-bin/guestbook.cgi /cgi-bin/guestbook.pl /cgi-bin/GW5 /cgi-bin/GWWEB.EXE /cgi-bin/handler /cgi-bin/handler.cgi /cgi-bin/htmlscript /cgi-bin/htmlscript /cgi-bin/info2www /cgi-bin/input.bat /cgi-bin/input2.bat /cgi-bin/jj /cgi-bin/ksh /cgi-bin/lwgate /cgi-bin/LWGate.cgi /cgi-bin/lwgate.cgi /cgi-bin/MachineInfo /cgi-bin/mail /cgi-bin/maillist.pl /cgi-bin/man.sh /cgi-bin/mlog.phtml /cgi-bin/mylog.phtml /cgi-bin/nlog-smb.pl /cgi-bin/nph-error.pl /cgi-bin/nph-publish /cgi-bin/nph-test-cgi /cgi-bin/passwd /cgi-bin/passwd.txt /cgi-bin/password /cgi-bin/password.txt /cgi-bin/perl /cgi-bin/perl.exe /cgi-bin/perlshop.cgi /cgi-bin/pfdispaly.cgi /cgi-bin/phf /cgi-bin/phf.pp /cgi-bin/php /cgi-bin/php.cgi /cgi-bin/phpscan /cgi-bin/post-query /cgi-bin/ppdscgi.exe /cgi-bin/query /cgi-bin/redirect /cgi-bin/responder.cgi /cgi-bin/rguest.exe /cgi-bin/rksh /cgi-bin/rsh /cgi-bin/rwwwshell.pl /cgi-bin/sam._ /cgi-bin/search.cgi /cgi-bin/search97.vts /cgi-bin/sendform.cgi /cgi-bin/sh /cgi-bin/snorkerz.bat /cgi-bin/snorkerz.cmd /cgi-bin/status.cgi /cgi-bin/survey /cgi-bin/survey.cgi /cgi-bin/tcsh /cgi-bin/test.bat /cgi-bin/test-cgi /cgi-bin/test-cgi.tcl /cgi-bin/test-env /cgi-bin/textcounter.pl /cgi-bin/tst.bat /cgi-bin/tst.bat\|dir /cgi-bin/unlg1.1 /cgi-bin/upload.pl /cgi-bin/uptime /cgi-bin/view-source /cgi-bin/visadmin.exe /cgi-bin/visitor.exe /cgi-bin/w3-msql /cgi-bin/w3-sql /cgi-bin/w3tvars.pm /cgi-bin/wais.pl /cgi-bin/webdist.cgi /cgi-bin/webgais /cgi-bin/webmap.cgi /cgi-bin/websendmail /cgi-bin/wguest.exe /cgi-bin/whois_raw.cgi /cgi-bin/wrap /cgi-bin/wwwadmin.pl /cgi-bin/wwwboard.pl /cgi-bin/www-sql /cgi-bin/zsh /cgi-dos/args.bat /cgi-dos/args.cmd /cgi-shl/win-c-sample.exe /cgi-win/uploader.exe /cool-logs/mlog.html /cool-logs/mylog.html /database.nsf /database.nsf /domcfg.nsf /domlog.nsf /hosts.dat /iisadmpwd/achg.htr /IISADMPWD/achg.htr /iisadmpwd/aexp.htr /iisadmpwd/aexp2.htr /iisadmpwd/aexp2b.htr /iisadmpwd/aexp3.htr /iisadmpwd/aexp4.htr /iisadmpwd/aexp4b.htr /iisadmpwd/anot.htr /iisadmpwd/anot3.htr /iissamples/exair/howitworks/codebrws.asp /iissamples/sdk/asp/docs/codebrws.asp /log.nsf /manage/cgi/cgiproc /msadc/msadcs.dll /msadc/samples/adctest.asp /msadc/Samples/SELECTOR/codebrws.cfm /msadc/Samples/SELECTOR/showcode.asp /msads/samples/selector/showcode.asp /names.nsf /names.nsf /passwd /passwd.txt /password /password.txt /publisher/ /samples/search/queryhit.htm /scripts/CGImail.exe /scripts/convert.bas /scripts/counter.exe /scripts/cpshost.dll /scripts/fpcount.exe /scripts/iisadmin/bdir.htr /scripts/iisadmin/ism.dll /scripts/iisadmin/tools/ctss.idc /scripts/iisadmin/tools/getdrvrs.exe /scripts/iisadmin/tools/mkilog.exe /scripts/issadmin/bdir.htr /scripts/perl /scripts/postinfo.asp /scripts/proxy/w3proxy.dll /scripts/samples/ctguestb.idc /scripts/samples/details.idc /scripts/samples/search/webhits.exe /scripts/tools/dsnform.exe /scripts/tools/getdrvrs.exe /scripts/tools/getdrvs.exe /scripts/tools/newdsn.exe /scripts/upload.asp /scripts/uploadn.asp /scripts/uploadx.asp /search /search97.vts /secure/.htaccess /secure/.wwwacl /session/adminlogin /showfile.asp /smdata.dat /ssi/envout.bat /today.nsf /tree.dat /WebSTAR /ws_ftp.ini /wwwboard/passwd.txt Удачной рыбалки Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.