Apache 、服务器敏感全路径收集
发布时间:2014-07-15 11:50:28作者:知识屋
/etc/httpd/conf/httpd.conf
/usr/local/apache/conf/httpd.conf
/usr/local/apache2/conf/httpd.conf
Apache 2.2 default layout (apache.org source package):
ServerRoot :: /usr/local/apache2
DocumentRoot :: /usr/local/apache2/htdocs
Apache Config File :: /usr/local/apache2/conf/httpd.conf
Other Config Files :: /usr/local/apache2/conf/extra/
SSL Config File :: /usr/local/apache2/conf/extra/httpd-ssl.conf
ErrorLog :: /usr/local/apache2/logs/error_log
AccessLog :: /usr/local/apache2/logs/access_log
cgi-bin :: /usr/local/apache2/cgi-bin (enabled by default, but the bundled scripts are 644)
binaries (apachectl) :: /usr/local/apache2/bin
start/stop :: /usr/local/apache2/bin/apachectl (start|restart|graceful|graceful-stop|stop|configtest)
Apache 2.0 default layout (apache.org source package):
ServerRoot :: /usr/local/apache2
DocumentRoot :: /usr/local/apache2/htdocs
Apache Config File :: /usr/local/apache2/conf/httpd.conf
SSL Config :: /usr/local/apache2/conf/ssl.conf
ErrorLog :: /usr/local/apache2/logs/error_log
AccessLog :: /usr/local/apache2/logs/access_log
cgi-bin :: /usr/local/apache2/cgi-bin (enabled by default, but the bundled scripts are 644)
binaries (apachectl) :: /usr/local/apache2/bin
start/stop :: /usr/local/apache2/bin/apachectl (start|stop|graceful|configtest)
Apache 1.3 default layout (apache.org source package):
ServerRoot :: /usr/local/apache
DocumentRoot :: /usr/local/apache/htdocs
Apache Config File :: /usr/local/apache/conf/httpd.conf
ErrorLog :: /usr/local/apache/logs/error_log
AccessLog :: /usr/local/apache/logs/access_log
cgi-bin :: /usr/local/apache/cgi-bin (enabled by default, but the bundled scripts are 644)
binaries (apachectl) :: /usr/local/apache/bin
start/stop :: /usr/local/apache/bin/apachectl (start|stop|graceful|configtest)
Debian, Ubuntu (Apache 2):
ServerRoot :: /etc/apache2
DocumentRoot :: /var/www
Apache Config Files :: /etc/apache2/apache2.conf
:: /etc/apache2/ports.conf
Default VHost Config :: /etc/apache2/sites-available/default, /etc/apache2/sites-enabled/000-default
Module Locations :: /etc/apache2/mods-available, /etc/apache2/mods-enabled
ErrorLog :: /var/log/apache2/error.log
AccessLog :: /var/log/apache2/access.log
cgi-bin :: /usr/lib/cgi-bin
binaries (apachectl) :: /usr/sbin
start/stop :: /etc/init.d/apache2 (start|stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean)
Notes:
The Debian/Ubuntu layout is fully documented in /usr/share/doc/apache2/README.Debian
Debian/Ubuntu use symlinks to enable vhosts and modules. Configuration files are created in their respective sites-available and mods-available directories. To activate vhosts and modules, symlinks are created in the respective sites-enabled and mods-enabled directories to the config files in either sites-available and mods-available. Debian provides scripts to handle this process called ‘a2ensite’ and ‘a2enmod’ which enables vhosts and modules.
The default DocumentRoot is specified in the default vhost config file, /etc/apache2/sites-available/default
Debian, Ubuntu (Apache 1.3):
ServerRoot :: /etc/apache
DocumentRoot :: /var/www
ErrorLog :: /var/log/apache/error.log
AccessLog :: /var/log/apache/access.log
cgi-bin :: /usr/lib/cgi-bin
binaries (apachectl) :: /usr/sbin
start/stop :: /etc/init.d/apache (start|stop|graceful|configtest)
Fedora Core, CentOS, RHEL:
ServerRoot :: /etc/httpd
Primary Config Fle :: /etc/httpd/conf/httpd.conf
Other Config Files :: /etc/httpd/conf.d
Module Locations :: /usr/lib/httpd/modules
DocumentRoot :: /var/www/html
ErrorLog :: /var/log/httpd/error_log
AccessLog :: /var/log/httpd/access_log
cgi-bin :: /var/www/cgi-bin (empty and disabled by default)
binary :: /usr/sbin/httpd
runtime directory :: /etc/httpd/run
start/stop :: /sbin/service httpd {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}
Notes:
There is an extra config file in /etc/sysconfig/httpd which can be used to change to the worker mpm /usr/sbin/httpd.worker.
Extra config files named *.conf are loaded from /etc/httpd/conf.d. This directory is used by packages like mod_python for drop-in configs
If you’re having issues with authorization and your permissions are correct make sure that you try testing with SELinux turned off. Run ‘setenforce 0′ and use ‘chcon’ to fix permissions. Run ‘ls -alZ’ to view the current permissions.’ SELinux first appeared in Fedora Core 3, RHEL 4, and CentOS 4.
RedHat 9.0 and older:
ServerRoot :: /etc/httpd
Primary Config Fle :: /etc/httpd/conf/httpd.conf
DocumentRoot :: /var/www/html
ErrorLog :: /var/log/httpd/error_log
AccessLog :: /var/log/httpd/access_log
cgi-bin :: /var/www/cgi-bin (empty and disabled by default)
binary :: /usr/sbin/httpd
start/stop :: /sbin/service httpd {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}
Mandriva (Apache 2.2):
ServerRoot :: /etc/httpd
Primary Config Fle :: /etc/httpd/conf/httpd.conf
DocumentRoot :: /var/www/html
ErrorLog :: /var/log/httpd/error_log
AccessLog :: /var/log/httpd/access_log
cgi-bin :: /var/www/cgi-bin
binary :: /usr/sbin/httpd
start/stop :: /sbin/service httpd
{start|stop|restart|reload|graceful|condreload|closelogs|update|condrestart|status|extendedstatus|configtest|configtest_vhosts|semcleanrestart|debug|show_defines}
Mac OS X (Leopard, Apache 2.2):
ServerRoot :: /usr
Primary Config Fle :: /etc/apache2/httpd.conf
DocumentRoot :: /Library/WebServer/Documents
ErrorLog :: /var/log/apache2/error_log
AccessLog :: /var/log/apache2/access_log
cgi-bin :: /Library/WebServer/CGI-Executables (empty by default)
binary :: /usr/sbin/httpd
start/stop :: /usr/sbin/apachectl (start|stop|restart|fullstatus|status|graceful|graceful-stop|configtest|help)
Mac OS X (Tiger and earlier, Apache 1.3):
ServerRoot :: /usr
Primary Config Fle :: /etc/httpd/httpd.conf
DocumentRoot :: /Library/WebServer/Documents
ErrorLog :: /var/log/httpd/error_log
AccessLog :: /var/log/httpd/access_log
cgi-bin :: /Library/WebServer/CGI-Executables (empty by default)
binary :: /usr/sbin/httpd
start/stop :: apachectl (start|stop|restart|fullstatus|status|graceful|configtest|help)
NetBSD Apache 2.0 and 1.3 from pkgsrc (layout is identical):
ServerRoot :: /usr/pkg
Config File :: /usr/pkg/etc/httpd/httpd.conf
DocumentRoot :: /usr/pkg/share/httpd/htdocs
ErrorLog :: /var/log/httpd/error_log
AccessLog :: /var/log/httpd/access_log
cgi-bin :: /usr/pkg/libexec/cgi-bin
binaries (apachectl) :: /usr/pkg/sbin
start/stop :: /etc/rc.d/apache [fast|force|one](start stop restart rcvar reload status poll)
/etc/rc.conf variables :: apache=YES, apache_start=”start” (or “startssl”)
Notes:
The “apache” script must be copied from the installation default /usr/pkg/share/examples/rc.d to /etc/rc.d (for automatic rc.conf usage) or /usr/pkg/etc/rc.d (for advanced usage).
FreeBSD 6.1 (Apache 2.2):
ServerRoot :: /usr/local
Config File :: /usr/local/etc/apache22/httpd.conf
DocumentRoot :: /usr/local/www/apache22/data
ErrorLog :: /var/log/httpd-error.log
AccessLog :: /var/log/httpd-access.log
cgi-bin :: /usr/local/www/apache22/cgi-bin
binaries (apachectl) :: /usr/local/sbin
start/stop :: /usr/local/etc/rc.d/apache22.sh (start|restart|stop|reload|graceful|gracefulstop|configtest)
/etc/rc.conf variables :: apache22_enable=”YES”
Notes:
Other variables to insert in rc.conf are listed in the comments at the top of the start/stop script
To start 2.2 on freebsd 6.1 the accf_http kernel module must be loaded. To do this once, run kldload accf_http . To do so at boot time, add accf_http_load=”YES” to /boot/loader.conf
Apache 2.2.6 in the FreeBSD 6.2 release will start regardless of the accf_http kernel module being loaded, and by default doesn’t use it. To reverse this, add apache22_http_accept_enable=”YES” to /etc/rc.conf (which will cause the kernel module to be loaded and Apache to use it).
FreeBSD 6.1 (Apache 2.0):
ServerRoot :: /usr/local
Config File :: /usr/local/etc/apache2/httpd.conf
DocumentRoot :: /usr/local/www/data
ErrorLog :: /var/log/httpd-error.log
AccessLog :: /var/log/httpd-access.log
cgi-bin :: /usr/local/www/cgi-bin
binaries (apachectl) :: /usr/local/sbin
start/stop :: /usr/local/etc/rc.d/apache2.sh [fast|force|one](start|restart|stop|reload|configtest|rcvar)
/etc/rc.conf variables :: apache2_enable=”YES”
Notes:
Other variables to insert in rc.conf are listed in the comments at the top of the start/stop script
FreeBSD (Apache 1.3):
ServerRoot :: /usr/local
Config File :: /usr/local/etc/apache/httpd.conf
DocumentRoot :: /usr/local/www/data
ErrorLog :: /var/log/httpd-error.log
AccessLog :: /var/log/httpd-access.log
cgi-bin :: /usr/local/www/cgi-bin
binaries (apachectl) :: /usr/local/sbin
start/stop :: /usr/local/etc/rc.d/apache.sh
rc.conf variables :: apache_enable=”YES”
(other variables to insert in rc.conf are listed in the comments at the top of the start/stop script)
Win32 (2.2):
ServerRoot :: “C:/Program Files/Apache Software Foundation/Apache2.2″
Config File :: “C:/Program Files/Apache Software Foundation/Apache2.2/conf/httpd.conf”
DocumentRoot :: “C:/Program Files/Apache Software Foundation/Apache2.2/htdocs”
ErrorLog :: “C:/Program Files/Apache Software Foundation/Apache2.2/logs/error.log”
AccessLog :: “C:/Program Files/Apache Software Foundation/Apache2.2/logs/access.log”
cgi-bin :: “C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin/”
binaries (apachectl) :: “C:/Program Files/Apache Software Foundation/Apache2.2/bin”
Notes;
There are extra config files in “C:/Program Files/Apache Software Foundation/Apache2.2/conf/extra” that can be included for options such as vhosts
Solaris 10 (Apache 2.0):
ServerRoot :: /usr/apache2
Config File :: /etc/apache2/httpd.conf
DocumentRoot :: /var/apache2/htdocs
ErrorLog :: /var/apache2/logs/error_log
AccessLog :: /var/apache2/logs/access_log
cgi-bin :: /var/apache2/cgi-bin
binaries :: /usr/apache2/bin
Notes:
Config needs to be copied from example file to httpd.conf. Apache-1.3 is the default installation in /etc/init.d and /etc/rc3.d files.
Solaris 10 (Apache 1.3):
ServerRoot :: /usr/apache
Config File :: /etc/apache/httpd.conf
DocumentRoot :: /var/apache/htdocs
ErrorLog :: /var/apache/logs/error_log
AccessLog :: /var/apache/logs/access_log
cgi-bin :: /var/apache/cgi-bin
binaries :: /usr/apache/bin
start/stop :: /etc/init.d/apache (start|startssl|sslstart|start-SSL|restart|stop)
Notes:
Config needs to be copied from example file to httpd.conf.
Apache-1.3 is the default installation in /etc/init.d and /etc/rc3.d files. Also Apache Tomcat is included in 1.3 installation.
Slackware 10.1, 10.2 and 11.0 (Apache 1.3):
ServerRoot :: /usr
DocumentRoot :: /var/www/htdocs
AccessLog :: /var/log/apache/access_log
ErrorLog :: /var/log/apache/error_log
binaries (apachectl) :: /usr/sbin
modules :: /usr/libexec/apache
system startup script :: /etc/rc.d/rc.httpd (start|stop|restart|graceful)
Apache config file :: /etc/apache/httpd.conf
mod_ssl config file :: /etc/apache/mod_ssl.conf
php config file :: /etc/apache/mod_php.conf
cgi-bin :: /var/www/cgi-bin
on-line docs (“manual”) :: /var/www/htdocs/manual
proxy cache :: /var/cache/proxy
Slackware 12.0 (Apache 2.2):
ServerRoot :: /usr
DocumentRoot :: /svr/httpd/htdocs
AccessLog :: /var/log/httpd/access_log
ErrorLog :: /var/log/httpd/error_log
binaries (apachectl) :: /usr/sbin
modules :: /usr/lib/httpd
system startup script :: /etc/rc.d/rc.httpd (start|restart|graceful|graceful-stop|stop)
Apache config file :: /etc/httpd/httpd.conf
mod_ssl config file :: /etc/httpd/extra/httpd-ssl.conf
php config file :: /etc/httpd/mod_php.conf
cgi-bin :: /svr/httpd/cgi-bin
on-line docs (“manual”) :: /svr/httpd/htdocs/manual
openSUSE and SLES (Apache 2.2):
ServerRoot :: /srv/www
DocumentRoot :: /srv/www/htdocs
Apache Config File :: /etc/apache2/httpd.conf
Other Config Files :: /etc/sysconfig/apache2
SSL Config File :: /etc/apache2/ssl-global.conf
ErrorLog :: /var/log/apache2/error_log
AccessLog :: /var/log/apache2/access_log
cgi-bin :: /srv/www/cgi-bin
binaries (apachectl) :: /usr/sbin
start/stop :: /etc/init.d/apache2 (start|restart|restart-graceful|reload|graceful|graceful-stop|stop|configtest)
Notes:
Modules are enabled in /etc/sysconfig/apache2 which is read by the startup script. The a2enmod/a2dismod tool can be used to activate/deactivate modules.
See /usr/share/doc/packages/apache2/README.SUSE for more information.
Gentoo (Apache 2.2):
ServerRoot :: /usr/lib/apache2
DocumentRoot :: /var/www/localhost/htdocs
Apache Config File :: /etc/apache2/httpd.conf
Other Config Files :: /etc/conf.d/apache2
Default VHost Config :: /etc/apache2/vhosts.d/00_default_vhost.conf
Module Configuration :: /etc/apache2/modules.d
Module Locations :: /usr/lib/apache2/modules
ErrorLog :: /var/log/apache2/error_log
AccessLog :: /var/log/apache2/access_log
cgi-bin :: /var/www/localhost/cgi-bin
binaries (apache2ctl) :: /usr/sbin
start/stop :: /etc/init.d/apache2 (start|restart|graceful|stop|configtest)
转载:[攻防]
敏感文件路径信息:
一、Windows 敏感文件
c:windowsphp.ini //php配置文件
c:windowsmy.ini //MYSQL配置文件
c:windowssystem32inetsrvMetaBase.xml //IIS配置文件
type c:windowssystem32inetsrvMetaBase.xml|find /i "ServerBindings"
c:Program FilesServ-UServUDaemon.ini
c:Program FilesRhinoSoft.comServ-UServUDaemon.ini //存储了网站路径和密码
c:mysqldatamysqluser.MYD //存储了mysql.user表中的连接密码
c:windowsrepairsam //存储了WINDOWS系统初次安装的密码
C:Documents and SettingsAll UsersApplication DataSymantecpcAnywhere*.cif文件
二、Linux 敏感文件
dmesg //系统引导日志
/etc/passwd //用户名
/etc/shadow //用户名密码
/etc/group //用户组
/etc/gshadow //用户组
/etc/rc.local //启动项
/etc/issue //系统版本
/etc/issue.net //系统版本
/proc/version //内核版本
/proc/self/environ //环境变量
/etc/sysconfig/network-scripts/ifcfg-eth0 //ip地址配置
/etc/httpd/conf/httpd.conf //httpd配置
/etc/httpd/conf.d/vhosts.conf //虚拟主机配置
/usr/local/php/etc/php.ini //php配置文件
/usr/local/Zend/etc/php.ini //php配置文件
/usr/local/php/lib/php.ini //php配置文件
/usr/local/nginx/conf/nginx.conf //nginx配置文件
/etc/init.d/httpd //服务配置文件
/etc/init.d/d //服务配置文件
/etc/syslog.conf //日志配置
/var/log/yum.log //yum安装日志
/etc/sysconfig/iptables-config //防火墙日志,需要root权限
/var/log/cron //计划任务日志,需要root权限
.bash_history //命令操作记录
.mysql_history //mysql操作记录
.viminfo //vim操作记录
/etc/vsftpd/vsftpd.conf //vsftpd配置文件
/etc/logrotate.d/vsftpd.log //vsftpd日志文件
(免责声明:文章内容如涉及作品内容、版权和其它问题,请及时与我们联系,我们将在第一时间删除内容,文章内容仅供参考)
相关知识
软件推荐
更多 >
-
1菜鸟简单抓肉鸡(如何抓肉鸡)
2011-06-17
-
2
电脑开机时出现lass.exe进程是病毒吗?
-
3
自拍须谨慎!教你如何通过照片定位查看拍摄地点
-
4
电脑病毒最基础知识
-
5
黑客学员必须了解的C语言技术
-
6
精典详细内网渗透专题文章
-
7
教你破解Tp-Link的无线路由密码
-
8
解决SecureCRT中文显示乱码
-
9
QQ电脑管家和360哪个好?横评实测对比
-
10
攻防实战:无线网络路由入侵过程
