渗透测试可能会用到的本地固定文件路径

  • A+
所属分类:安全文章

Linux

/etc/passwd

/etc/shadow

/etc/issue

/etc/hosts

/etc/group

/etc/hostname

/etc/ssh/ssh_config

/etc/ssh/sshd_config

/root/.bashrc

/root/.bash_history

/root/.viminfo

/root/.ssh/id_rsa

/root/.ssh/authorized_keys

/home/user/.ssh/authorized_keys

/home/user/.ssh/id_rsa

/proc/[0-9]*/fd/[0-9]*

/proc/mounts

/home/$USER/.bash_history

/home/$USER/.ssh/id_rsa

/var/run/secrets/kubernetes.io/serviceaccount

/var/lib/mlocate/mlocate.db

/var/lib/mlocate.db

 

 

Apache

/etc/apache2/apache2.conf

/usr/local/etc/apache2/httpd.conf

/etc/httpd/conf/httpd.conf

Red Hat/CentOS/Fedora Linux -> /var/log/httpd/access_log

Debian/Ubuntu -> /var/log/apache2/access.log

FreeBSD -> /var/log/httpd-access.log

/var/log/apache/access.log

/var/log/apache/error.log

/var/log/apache2/access.log

/var/log/apache/error.log

 

MySQL

/var/lib/mysql/mysql/user.frm

/var/lib/mysql/mysql/user.MYD

/var/lib/mysql/mysql/user.MYI

 

Windows

/boot.ini

/autoexec.bat

/windows/system32/drivers/etc/hosts

/windows/repair/SAM

/windows/panther/unattended.xml

/windows/panther/unattend/unattended.xml

/windows/system32/license.rtf

/windows/system32/eula.txt


好文推荐

渗透测试Tips

免杀知识汇总

干货|各种WAF绕过手法学习

信息收集-入口点-免杀-内网/域=渗透测试完整流程

登陆页面渗透测试常见的几种思路与总结

Github渗透测试工具库-2021版

常见内网穿透工具使用总结

11个步骤完美排查Linux机器是否已经被入侵


欢迎关注 系统安全运维 

每日坚持分享好工具好资源,麻烦各位师傅文章底部给点个“再看”,感激不尽渗透测试可能会用到的本地固定文件路径

本文始发于微信公众号(系统安全运维):渗透测试可能会用到的本地固定文件路径

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: