September 16, 2021

TECH HYME

A Blog For Tech Enthusiasts

Possible Sensitive Files – Vulnerability Scanning Checklist

2 min read
possible sensitive files tech hyme

Vulnerability Assessment is the process of evaluating the efficiency of the security controls of a system by measuring its security level. The scope of the process is to uncover all potential vulnerabilities through automated or human driven security tests.

The below listed files are not directly linked to the website. This check looks for common sensitive resources like password files, configuration files, log files, include files, statistics data, database dumps and administrative consoles. Each one of these files could help an attacker to learn more about his target like OS name, platform version, framework, outdated components etc.

The severity of these can range widely, depending on the context in which the product operates, the type of sensitive information that is revealed, and the benefits it may provide to an attacker.

Information disclosure issues in web application can be further used by attackers to gain insightful knowledge about the possible weaknesses of a web application, thus allowing them to craft a malicious hack attack. They allow the hackers or spammers to gain insightful and confidential information about the target such as DB information, OS name etc they want to attack just by performing basic testing, and sometimes just by looking for information in public pages or error pages.

There are so many automated tools are also available who can helps you to detect the possible sensitive files like Acunetix, Netsparker, Qualys, Burp Suite etc.

The only remediation is to restrict access to these files/directories or remove them from the website so that no personal information would be leaked. With respect to configuration files, make sure that the permissions for the configuration files on your website are set up with security in mind i.e. 400 or 444.

S.No. File Name Description
1 /.env Environment configuration File (Laravel)
2 /|~.aspx Improper Error Handling (ASP.NET)
3 /… Improper Error Handling (ASP.NET)
4 /trace.axd ASP.NET Tracing Enabled
5 /phpinfo.php PHP Configuration File
6 /php.ini PHP Configuration File
7 /wp-includes Directory Listing (WordPress)
8 /error.log, /error.txt. /error_log, /errorlog, /error.jsp, /logs, /logs.php Error Log Files
9 /htaccess.txt, /.htaccess Apache Htaccess Files
10 /etc/passwd, /tmp, /var Linux Directory Files
11 /admin, /administrator, /wp-admin, /admin/login.php, /admin.aspx, /adminlogin.aspx Possible Administrator Login Pages
12 /readme.html, /readme.txt, /README.MD, /license.txt, /manual
Documentation Files
13 /config.php, /configuration.php, /conn.php, /sites/default/settings.php, /app/etc/local.xml, /inc.config.php, /admin/config.php, /wp-config.php DB Configuration Files
14 /robots.txt Robots File (Pre Attack Probe)
15 /.gitignore Possible Sensitive File (Github)
16 /wp-includes/rss-functions.php, /wp-includes/user.php, /wp-includes/vars.php Fatal Error Check (WordPress)
17 /adminer.php, /phpminiadmin.php, /phpmyadmin, /db.php, /sql.php Possible DB login Files
18 /examples Apache Tomcat Examples Directory
19 /backup, /backup.zip, /download.zip, /backup.tar.gz,
Backup Files
20 /.bashrc, /.zshrc, /.cshrc Shell Configuration Files
21 /pass.txt, /password.txt, /passwords.txt, /password
Password Related Sensitive Files

If you want to add more information related to possible sensitive files, then you can drop a mail at hymeblogs@gmail.com.

Leave a Reply