一、报错显示
搜索inurl:warning,查看百度快照
二、搜索敏感文件
inurl:phpinfo.php
三、Windows下常用路径
c:/boot.ini //查看系统版本 c:/windows/php.ini //php配置信息 c:/windows/my.ini //MYSQL配置文件,记录管理员登陆过的MYSQL用户名和密码 c:/winnt/php.ini c:/winnt/my.ini c:\mysql\data\mysql\user.MYD //存储了mysql.user表中的数据库连接密码 c:\Program Files\RhinoSoft.com\Serv-U\ServUDaemon.ini //存储了虚拟主机网站路径和密码 c:\Program Files\Serv-U\ServUDaemon.ini c:\windows\system32\inetsrv\MetaBase.xml 查看IIS的虚拟主机配置 c:\windows\repair\sam //存储了WINDOWS系统初次安装的密码 c:\Program Files\ Serv-U\ServUAdmin.exe //6.0版本以前的serv-u管理员密码存储于此 c:\Program Files\RhinoSoft.com\ServUDaemon.exe C:\Documents and Settings\All Users\Application Data\Symantec\pcAnywhere\*.cif文件 //存储了pcAnywhere的登陆密码 c:\Program Files\Apache Group\Apache\conf\httpd.conf 或C:\apache\conf\httpd.conf //查看WINDOWS系统apache文件 c:/Resin-3.0.14/conf/resin.conf //查看jsp开发的网站 resin文件配置信息. c:/Resin/conf/resin.conf /usr/local/resin/conf/resin.conf 查看linux系统配置的JSP虚拟主机 d:\APACHE\Apache2\conf\httpd.conf C:\Program Files\mysql\my.ini C:\mysql\data\mysql\user.MYD 存在MYSQL系统中的用户密码
四、Linux/Unix 下常用路径
/apache/apache/conf/httpd.conf /apache/apache2/conf/httpd.conf /apache/php/php.ini /bin/php.ini /etc/anacrontab /etc/apache/apache.conf /etc/apache/httpd.conf /etc/apache2/apache.conf /etc/apache2/httpd.conf /etc/apache2/sites-available/default /etc/apache2/vhosts.d/00_default_vhost.conf /etc/at.allow /etc/at.deny /etc/cron.allow /etc/cron.deny /etc/crontab /etc/fstab /etc/host.conf /etc/httpd/conf.d/httpd.conf /etc/httpd/conf.d/php.conf /etc/httpd/conf/httpd.conf /etc/httpd/htdocs/index.html /etc/httpd/htdocs/index.php /etc/httpd/logs/access.log /etc/httpd/logs/access_log /etc/httpd/logs/error.log /etc/httpd/logs/error_log /etc/httpd/php.ini /etc/init.d/httpd /etc/init.d/mysql /etc/ld.so.conf /etc/motd /etc/my.cnf /etc/mysql/my.cnf /etc/mysql/my.cnf /etc/network/interfaces /etc/networks /etc/passwd /etc/php.ini /etc/php/apache/php.ini /etc/php/apache2/php.ini /etc/php/cgi/php.ini /etc/php/php.ini /etc/php/php4/php.ini /etc/php4.4/fcgi/php.ini /etc/php4/apache/php.ini /etc/php4/apache2/php.ini /etc/php4/cgi/php.ini /etc/php5/apache/php.ini /etc/php5/apache2/php.ini /etc/php5/cgi/php.ini /etc/phpmyadmin/config.inc.php /etc/resolv.conf /etc/shadow /etc/ssh/sshd_config /etc/ssh/sshd_config /etc/ssh/ssh_config /etc/ssh/ssh_config /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub /etc/ssh/ssh_host_key.pub /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_rsa_key.pub /etc/sysconfig/network /etc/sysconfig/network /home/apache/conf/httpd.conf /home/apache2/conf/httpd.conf /home/bin/stable/apache/php.ini /home2/bin/stable/apache/php.ini /NetServer/bin/stable/apache/php.ini /opt/www/conf/httpd.conf /opt/www/htdocs/index.html /opt/www/htdocs/index.php /opt/xampp/etc/php.ini /PHP/php.ini /php/php.ini /php4/php.ini /php5/php.ini /root/.atftp_history /root/.bashrc /root/.bash_history /root/.mysql_history /root/.nano_history /root/.php_history /root/.profile /root/.ssh/authorized_keys /root/.ssh/identity /root/.ssh/identity.pub /root/.ssh/id_dsa /root/.ssh/id_dsa.pub /root/.ssh/id_rsa /root/.ssh/id_rsa.pub /root/anaconda-ks.cfg /tmp/apache/htdocs/index.html /tmp/apache/htdocs/index.php /usr/lib/php.ini /usr/lib/php/php.ini /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/php.ini /usr/local/apache/htdocs/index.html /usr/local/apache/htdocs/index.php /usr/local/apache/logs/access.log /usr/local/apache/logs/access_log /usr/local/apache/logs/access_logaccess_log.old /usr/local/apache/logs/error.log /usr/local/apache/logs/error_log /usr/local/apache/logs/error_logerror_log.old /usr/local/apache2/conf/httpd.conf /usr/local/apache2/conf/php.ini /usr/local/apache2/htdocs/index.html /usr/local/apache2/htdocs/index.php /usr/local/cpanel/logs /usr/local/cpanel/logs/access_log /usr/local/cpanel/logs/error_log /usr/local/cpanel/logs/license_log /usr/local/cpanel/logs/login_log /usr/local/cpanel/logs/stats_log /usr/local/cpanel/logs/stats_log /usr/local/etc/php.ini /usr/local/httpd/conf/httpd.conf /usr/local/httpd2.2/htdocs/index.html /usr/local/httpd2.2/htdocs/index.php /usr/local/lib/php.ini /usr/local/mysql/bin/mysql /usr/local/mysql/my.cnf /usr/local/php/lib/php.ini /usr/local/php4/lib/php.ini /usr/local/php4/lib/php.ini /usr/local/php4/php.ini /usr/local/php5/etc/php.ini /usr/local/php5/lib/php.ini /usr/local/php5/php5.ini /usr/local/share/examples/php/php.ini /usr/local/share/examples/php4/php.ini /usr/local/tomcat5527/bin/version.sh /usr/local/Zend/etc/php.ini /usr/share/tomcat6/bin/startup.sh /usr/tomcat6/bin/startup.sh /var/apache2/config.inc /var/httpd/conf/httpd.conf /var/httpd/conf/php.ini /var/httpd/conf/php.ini /var/httpd/htdocs/index.html /var/httpd/htdocs/index.php /var/lib/mysql/my.cnf /var/lib/mysql/mysql/user.MYD /var/local/www/conf/httpd.conf /var/local/www/conf/php.ini /var/log/access.log /var/log/access_log /var/log/apache/access.log /var/log/apache/access_log /var/log/apache/error.log /var/log/apache/error_log /var/log/apache2/access.log /var/log/apache2/access_log /var/log/apache2/error.log /var/log/apache2/error_log /var/log/error.log /var/log/error_log /var/log/mysql.log /var/log/mysql/mysql-bin.log /var/log/mysql/mysql-slow.log /var/log/mysql/mysql.log /var/log/mysqlderror.log /var/mail/root /var/mysql.log /var/spool/cron/crontabs/root /var/spool/mail/root /var/www/conf/httpd.conf /var/www/htdocs/index.html /var/www/htdocs/index.php /var/www/index.html /var/www/index.php /var/www/logs/access.log /var/www/logs/access_log /var/www/logs/error.log /var/www/logs/error_log /web/conf/php.ini /www/conf/httpd.conf /www/htdocs/index.html /www/htdocs/index.php /www/php/php.ini /www/php4/php.ini /www/php5/php.ini /xampp/apache/bin/php.ini /xampp/apache/conf/httpd.conf root/.ssh/authorized_keys root/.ssh/identity root/.ssh/identity.pub root/.ssh/id_dsa root/.ssh/id_dsa.pub root/.ssh/id_rsa root/.ssh/id_rsa.pub
禁止非法,后果自负