
The Offensive Security Certified Professional (OSCP) examination challenges individuals to demonstrate their skills in penetration testing and ethical hacking. Familiarity with key file paths and configurations on both Linux and Windows systems is crucial for success in the exam.
In this article, we will discuss important locations in both operating systems that are commonly targeted during penetration testing and vulnerability assessments.
Windows:
System Configuration and Logs:
- C:/Users/Administrator/NTUser.dat: Windows user profile registry hive for the Administrator.
- C:/Documents and Settings/Administrator/NTUser.dat: Previous location of user profiles in older Windows versions.
- C:/boot.ini: Windows boot configuration file, important for system booting.
- C:/WINDOWS/System32/drivers/etc/hosts: Hosts file containing IP address mappings.
Web Server Configurations and Logs:
- C:/apache/logs/access.log: Apache web server access logs.
- C:/apache/logs/error.log: Apache web server error logs.
- C:/apache/php/php.ini: PHP configuration file for Apache.
Database Configurations and Logs:
- C:/MySQL/data/: Various MySQL logs and configurations.
- C:/Program Files/MySQL/: MySQL configurations and logs for different versions.
Miscellaneous:
- C:/Program Files/FileZilla Server/FileZilla Server.xml: FileZilla Server configuration.
- C:/WINDOWS/php.ini: PHP configuration file for Windows.
- C:/Windows/win.ini: Windows initialization file, storing system-wide settings.
Linux:
System Configuration and Logs:
- /etc/passwd: User account information.
- /etc/shadow: Secure user account information.
- /etc/hosts: Hosts file for IP address mappings.
Web Server Configurations and Logs:
- /etc/apache2/: Apache web server configurations.
- /var/log/apache2/: Apache web server logs.
- /etc/httpd/: Apache HTTP server configurations.
- /var/log/httpd/: Apache HTTP server logs.
Database Configurations and Logs:
- /etc/mysql/my.cnf: MySQL server configuration.
- /var/log/mysql/: MySQL server logs.
Miscellaneous:
- /proc/: Directory containing process and system information pseudo-files.
- /root/anaconda-ks.cfg: Kickstart configuration file for Anaconda installer.
- ~/.ssh/: SSH configuration and key files for user authentication.
These file paths and configurations are valuable targets for security testing and assessment during the OSCP exam.
Other useful important file path locations for both Windows and Linux OS:
Windows | C:/Users/Administrator/NTUser.dat |
Windows | C:/Documents and Settings/Administrator/NTUser.dat |
Windows | C:/apache/logs/access.log |
Windows | C:/apache/logs/error.log |
Windows | C:/apache/php/php.ini |
Windows | C:/boot.ini |
Windows | C:/inetpub/wwwroot/global.asa |
Windows | C:/MySQL/data/hostname.err |
Windows | C:/MySQL/data/mysql.err |
Windows | C:/MySQL/data/mysql.log |
Windows | C:/MySQL/my.cnf |
Windows | C:/MySQL/my.ini |
Windows | C:/php4/php.ini |
Windows | C:/php5/php.ini |
Windows | C:/php/php.ini |
Windows | C:/Program Files/Apache Group/Apache2/conf/httpd.conf |
Windows | C:/Program Files/Apache Group/Apache/conf/httpd.conf |
Windows | C:/Program Files/Apache Group/Apache/logs/access.log |
Windows | C:/Program Files/Apache Group/Apache/logs/error.log |
Windows | C:/Program Files/FileZilla Server/FileZilla Server.xml |
Windows | C:/Program Files/MySQL/data/hostname.err |
Windows | C:/Program Files/MySQL/data/mysql-bin.log |
Windows | C:/Program Files/MySQL/data/mysql.err |
Windows | C:/Program Files/MySQL/data/mysql.log |
Windows | C:/Program Files/MySQL/my.ini |
Windows | C:/Program Files/MySQL/my.cnf |
Windows | C:/Program Files/MySQL/MySQL Server 5.0/data/hostname.err |
Windows | C:/Program Files/MySQL/MySQL Server 5.0/data/mysql-bin.log |
Windows | C:/Program Files/MySQL/MySQL Server 5.0/data/mysql.err |
Windows | C:/Program Files/MySQL/MySQL Server 5.0/data/mysql.log |
Windows | C:/Program Files/MySQL/MySQL Server 5.0/my.cnf |
Windows | C:/Program Files/MySQL/MySQL Server 5.0/my.ini |
Windows | C:/Program Files (x86)/Apache Group/Apache2/conf/httpd.conf |
Windows | C:/Program Files (x86)/Apache Group/Apache/conf/httpd.conf |
Windows | C:/Program Files (x86)/Apache Group/Apache/conf/access.log |
Windows | C:/Program Files (x86)/Apache Group/Apache/conf/error.log |
Windows | C:/Program Files (x86)/FileZilla Server/FileZilla Server.xml |
Windows | C:/Program Files (x86)/xampp/apache/conf/httpd.conf |
Windows | C:/WINDOWS/php.ini |
Windows | C:/WINDOWS/Repair/SAM |
Windows | C:/Windows/repair/system |
Windows | C:/Windows/repair/software |
Windows | C:/Windows/repair/security |
Windows | C:/WINDOWS/System32/drivers/etc/hosts |
Windows | C:/Windows/win.ini |
Windows | C:/WINNT/php.ini |
Windows | C:/WINNT/win.ini |
Windows | C:/xampp/apache/bin/php.ini |
Windows | C:/xampp/apache/logs/access.log |
Windows | C:/xampp/apache/logs/error.log |
Windows | C:/Windows/Panther/Unattend/Unattended.xml |
Windows | C:/Windows/Panther/Unattended.xml |
Windows | C:/Windows/debug/NetSetup.log |
Windows | C:/Windows/system32/config/AppEvent.Evt |
Windows | C:/Windows/system32/config/SecEvent.Evt |
Windows | C:/Windows/system32/config/default.sav |
Windows | C:/Windows/system32/config/security.sav |
Windows | C:/Windows/system32/config/software.sav |
Windows | C:/Windows/system32/config/system.sav |
Windows | C:/Windows/system32/config/regback/default |
Windows | C:/Windows/system32/config/regback/sam |
Windows | C:/Windows/system32/config/regback/security |
Windows | C:/Windows/system32/config/regback/system |
Windows | C:/Windows/system32/config/regback/software |
Windows | C:/Program Files/MySQL/MySQL Server 5.1/my.ini |
Windows | C:/Windows/System32/inetsrv/config/schema/ASPNET_schema.xml |
Windows | C:/Windows/System32/inetsrv/config/applicationHost.config |
Windows | C:/inetpub/logs/LogFiles/W3SVC1/u_ex[YYMMDD].log |
Linux | /etc/passwd |
Linux | /etc/shadow |
Linux | /etc/aliases |
Linux | /etc/anacrontab |
Linux | /etc/apache2/apache2.conf |
Linux | /etc/apache2/httpd.conf |
Linux | /etc/apache2/sites-enabled/000-default.conf |
Linux | /etc/at.allow |
Linux | /etc/at.deny |
Linux | /etc/bashrc |
Linux | /etc/bootptab |
Linux | /etc/chrootUsers |
Linux | /etc/chttp.conf |
Linux | /etc/cron.allow |
Linux | /etc/cron.deny |
Linux | /etc/crontab |
Linux | /etc/cups/cupsd.conf |
Linux | /etc/exports |
Linux | /etc/fstab |
Linux | /etc/ftpaccess |
Linux | /etc/ftpchroot |
Linux | /etc/ftphosts |
Linux | /etc/groups |
Linux | /etc/grub.conf |
Linux | /etc/hosts |
Linux | /etc/hosts.allow |
Linux | /etc/hosts.deny |
Linux | /etc/httpd/access.conf |
Linux | /etc/httpd/conf/httpd.conf |
Linux | /etc/httpd/httpd.conf |
Linux | /etc/httpd/logs/access_log |
Linux | /etc/httpd/logs/access.log |
Linux | /etc/httpd/logs/error_log |
Linux | /etc/httpd/logs/error.log |
Linux | /etc/httpd/php.ini |
Linux | /etc/httpd/srm.conf |
Linux | /etc/inetd.conf |
Linux | /etc/inittab |
Linux | /etc/issue |
Linux | /etc/knockd.conf |
Linux | /etc/lighttpd.conf |
Linux | /etc/lilo.conf |
Linux | /etc/logrotate.d/ftp |
Linux | /etc/logrotate.d/proftpd |
Linux | /etc/logrotate.d/vsftpd.log |
Linux | /etc/lsb-release |
Linux | /etc/motd |
Linux | /etc/modules.conf |
Linux | /etc/motd |
Linux | /etc/mtab |
Linux | /etc/my.cnf |
Linux | /etc/my.conf |
Linux | /etc/mysql/my.cnf |
Linux | /etc/network/interfaces |
Linux | /etc/networks |
Linux | /etc/npasswd |
Linux | /etc/passwd |
Linux | /etc/php4.4/fcgi/php.ini |
Linux | /etc/php4/apache2/php.ini |
Linux | /etc/php4/apache/php.ini |
Linux | /etc/php4/cgi/php.ini |
Linux | /etc/php4/apache2/php.ini |
Linux | /etc/php5/apache2/php.ini |
Linux | /etc/php5/apache/php.ini |
Linux | /etc/php/apache2/php.ini |
Linux | /etc/php/apache/php.ini |
Linux | /etc/php/cgi/php.ini |
Linux | /etc/php.ini |
Linux | /etc/php/php4/php.ini |
Linux | /etc/php/php.ini |
Linux | /etc/printcap |
Linux | /etc/profile |
Linux | /etc/proftp.conf |
Linux | /etc/proftpd/proftpd.conf |
Linux | /etc/pure-ftpd.conf |
Linux | /etc/pureftpd.passwd |
Linux | /etc/pureftpd.pdb |
Linux | /etc/pure-ftpd/pure-ftpd.conf |
Linux | /etc/pure-ftpd/pure-ftpd.pdb |
Linux | /etc/pure-ftpd/putreftpd.pdb |
Linux | /etc/redhat-release |
Linux | /etc/resolv.conf |
Linux | /etc/samba/smb.conf |
Linux | /etc/snmpd.conf |
Linux | /etc/ssh/ssh_config |
Linux | /etc/ssh/sshd_config |
Linux | /etc/ssh/ssh_host_dsa_key |
Linux | /etc/ssh/ssh_host_dsa_key.pub |
Linux | /etc/ssh/ssh_host_key |
Linux | /etc/ssh/ssh_host_key.pub |
Linux | /etc/sysconfig/network |
Linux | /etc/syslog.conf |
Linux | /etc/termcap |
Linux | /etc/vhcs2/proftpd/proftpd.conf |
Linux | /etc/vsftpd.chroot_list |
Linux | /etc/vsftpd.conf |
Linux | /etc/vsftpd/vsftpd.conf |
Linux | /etc/wu-ftpd/ftpaccess |
Linux | /etc/wu-ftpd/ftphosts |
Linux | /etc/wu-ftpd/ftpusers |
Linux | /logs/pure-ftpd.log |
Linux | /logs/security_debug_log |
Linux | /logs/security_log |
Linux | /opt/lampp/etc/httpd.conf |
Linux | /opt/xampp/etc/php.ini |
Linux | /proc/cmdline |
Linux | /proc/cpuinfo |
Linux | /proc/filesystems |
Linux | /proc/interrupts |
Linux | /proc/ioports |
Linux | /proc/meminfo |
Linux | /proc/modules |
Linux | /proc/mounts |
Linux | /proc/net/arp |
Linux | /proc/net/tcp |
Linux | /proc/net/udp |
Linux | /proc/ |
Linux | /proc/ |
Linux | /proc/sched_debug |
Linux | /proc/self/cwd/app.py |
Linux | /proc/self/environ |
Linux | /proc/self/net/arp |
Linux | /proc/stat |
Linux | /proc/swaps |
Linux | /proc/version |
Linux | /root/anaconda-ks.cfg |
Linux | /usr/etc/pure-ftpd.conf |
Linux | /usr/lib/php.ini |
Linux | /usr/lib/php/php.ini |
Linux | /usr/local/apache/conf/modsec.conf |
Linux | /usr/local/apache/conf/php.ini |
Linux | /usr/local/apache/log |
Linux | /usr/local/apache/logs |
Linux | /usr/local/apache/logs/access_log |
Linux | /usr/local/apache/logs/access.log |
Linux | /usr/local/apache/audit_log |
Linux | /usr/local/apache/error_log |
Linux | /usr/local/apache/error.log |
Linux | /usr/local/cpanel/logs |
Linux | /usr/local/cpanel/logs/access_log |
Linux | /usr/local/cpanel/logs/error_log |
Linux | /usr/local/cpanel/logs/license_log |
Linux | /usr/local/cpanel/logs/login_log |
Linux | /usr/local/cpanel/logs/stats_log |
Linux | /usr/local/etc/httpd/logs/access_log |
Linux | /usr/local/etc/httpd/logs/error_log |
Linux | /usr/local/etc/php.ini |
Linux | /usr/local/etc/pure-ftpd.conf |
Linux | /usr/local/etc/pureftpd.pdb |
Linux | /usr/local/lib/php.ini |
Linux | /usr/local/php4/httpd.conf |
Linux | /usr/local/php4/httpd.conf.php |
Linux | /usr/local/php4/lib/php.ini |
Linux | /usr/local/php5/httpd.conf |
Linux | /usr/local/php5/httpd.conf.php |
Linux | /usr/local/php5/lib/php.ini |
Linux | /usr/local/php/httpd.conf |
Linux | /usr/local/php/httpd.conf.ini |
Linux | /usr/local/php/lib/php.ini |
Linux | /usr/local/pureftpd/etc/pure-ftpd.conf |
Linux | /usr/local/pureftpd/etc/pureftpd.pdn |
Linux | /usr/local/pureftpd/sbin/pure-config.pl |
Linux | /usr/local/www/logs/httpd_log |
Linux | /usr/local/Zend/etc/php.ini |
Linux | /usr/sbin/pure-config.pl |
Linux | /var/adm/log/xferlog |
Linux | /var/apache2/config.inc |
Linux | /var/apache/logs/access_log |
Linux | /var/apache/logs/error_log |
Linux | /var/cpanel/cpanel.config |
Linux | /var/lib/mysql/my.cnf |
Linux | /var/lib/mysql/mysql/user.MYD |
Linux | /var/local/www/conf/php.ini |
Linux | /var/log/apache2/access_log |
Linux | /var/log/apache2/access.log |
Linux | /var/log/apache2/error_log |
Linux | /var/log/apache2/error.log |
Linux | /var/log/apache/access_log |
Linux | /var/log/apache/access.log |
Linux | /var/log/apache/error_log |
Linux | /var/log/apache/error.log |
Linux | /var/log/apache-ssl/access.log |
Linux | /var/log/apache-ssl/error.log |
Linux | /var/log/auth.log |
Linux | /var/log/boot |
Linux | /var/htmp |
Linux | /var/log/chttp.log |
Linux | /var/log/cups/error.log |
Linux | /var/log/daemon.log |
Linux | /var/log/debug |
Linux | /var/log/dmesg |
Linux | /var/log/dpkg.log |
Linux | /var/log/exim_mainlog |
Linux | /var/log/exim/mainlog |
Linux | /var/log/exim_paniclog |
Linux | /var/log/exim.paniclog |
Linux | /var/log/exim_rejectlog |
Linux | /var/log/exim/rejectlog |
Linux | /var/log/faillog |
Linux | /var/log/ftplog |
Linux | /var/log/ftp-proxy |
Linux | /var/log/ftp-proxy/ftp-proxy.log |
Linux | /var/log/httpd-access.log |
Linux | /var/log/httpd/access_log |
Linux | /var/log/httpd/access.log |
Linux | /var/log/httpd/error_log |
Linux | /var/log/httpd/error.log |
Linux | /var/log/httpsd/ssl.access_log |
Linux | /var/log/httpsd/ssl_log |
Linux | /var/log/kern.log |
Linux | /var/log/lastlog |
Linux | /var/log/lighttpd/access.log |
Linux | /var/log/lighttpd/error.log |
Linux | /var/log/lighttpd/lighttpd.access.log |
Linux | /var/log/lighttpd/lighttpd.error.log |
Linux | /var/log/mail.info |
Linux | /var/log/mail.log |
Linux | /var/log/maillog |
Linux | /var/log/mail.warn |
Linux | /var/log/message |
Linux | /var/log/messages |
Linux | /var/log/mysqlderror.log |
Linux | /var/log/mysql.log |
Linux | /var/log/mysql/mysql-bin.log |
Linux | /var/log/mysql/mysql.log |
Linux | /var/log/mysql/mysql-slow.log |
Linux | /var/log/proftpd |
Linux | /var/log/pureftpd.log |
Linux | /var/log/pure-ftpd/pure-ftpd.log |
Linux | /var/log/secure |
Linux | /var/log/vsftpd.log |
Linux | /var/log/wtmp |
Linux | /var/log/xferlog |
Linux | /var/log/yum.log |
Linux | /var/mysql.log |
Linux | /var/run/utmp |
Linux | /var/spool/cron/crontabs/root |
Linux | /var/webmin/miniserv.log |
Linux | /var/www/html |
Linux | /var/www/html/db_connect.php |
Linux | /var/www/html/utils.php |
Linux | /var/www/log/access_log |
Linux | /var/www/log/error_log |
Linux | /var/www/logs/access_log |
Linux | /var/www/logs/error_log |
Linux | /var/www/logs/access.log |
Linux | /var/www/logs/error.log |
Linux | ~/.atfp_history |
Linux | ~/.bash_history |
Linux | ~/.bash_logout |
Linux | ~/.bash_profile |
Linux | ~/.bashrc |
Linux | ~/.gtkrc |
Linux | ~/.login |
Linux | ~/.logout |
Linux | ~/.mysql_history |
Linux | ~/.nano_history |
Linux | ~/.php_history |
Linux | ~/.profile |
Linux | ~/.ssh/authorized_keys |
Linux | #id_rsa, id_ecdsa, id_ecdsa_sk, id_ed25519, id_ed25519_sk, and id_dsa |
Linux | ~/.ssh/id_dsa |
Linux | ~/.ssh/id_dsa.pub |
Linux | ~/.ssh/id_rsa |
Linux | ~/.ssh/id_edcsa |
Linux | ~/.ssh/id_rsa.pub |
Linux | ~/.ssh/identity |
Linux | ~/.ssh/identity.pub |
Linux | ~/.viminfo |
Linux | ~/.wm_style |
Linux | ~/.Xdefaults |
Linux | ~/.xinitrc |
Linux | ~/.Xresources |
Linux | ~/.xsession |
It is essential to exercise caution and adhere to ethical hacking principles, ensuring proper authorization before attempting any security-related activities. Good luck with your OSCP exam!