Module Name: Interesting File Finder
Module path: discovery/info_disclosure/interesting_files
Name: Interesting File Finder
Path: modules/discovery/info_disclosure/interesting_files.py
Author: Tim Tomes (@LaNMaSteR53), thrapt (
[email protected]), Jay Turla (@shipcod3), and Mark Jeffery
Description:
Checks hosts for interesting files in predictable locations.
Options:
| Name |
Current Value |
Required |
Description |
| DOWNLOAD |
True |
yes |
download discovered files |
| PORT |
80 |
yes |
request port |
| PROTOCOL |
http |
yes |
request protocol |
| SOURCE |
default |
yes |
source of input (see 'show info' for details) |
Source Options:
| default |
SELECT DISTINCT host FROM hosts WHERE host IS NOT NULL |
| <string> |
string representing a single input |
| <path> |
path to a file containing a list of inputs |
| query <sql> |
database query returning one column of inputs |
Comments:
* Files: robots.txt, sitemap.xml, sitemap.xml.gz, crossdomain.xml, phpinfo.php, test.php, elmah.axd, server-status, jmx-console/, admin-console/, web-console/
* Google Dorks:
- inurl:robots.txt ext:txt
- inurl:elmah.axd ext:axd intitle:"Error log for"
- inurl:server-status "Apache Status"