Real World Based Website: Finding Web server Misconfiguration and bypassing it with Penetration skill.
--------------------------------------------------------------
Note: This video only for security Auditing Purpose, Don't try it without any permission of that Organization.
--------------------------------------------------------------
Nikto - Free open-source tool which is a bit old and is mainly used to find configuration issues on the web server.
--------------------------------------------------------------
Server misconfiguration attacks exploit configuration weaknesses found in web and application servers. Many servers come with unnecessary default and sample files, including applications, configuration files, scripts, and webpages.
--------------------------------------------------------------
Default Debug Pages.
1. robots.txt.
2. phpinfo.php.
3. Users.xml.
4. Backup.sql.
5. Config.bak.
6. error_log / error.log.
7. server-status and server-info.
8. manager/html.
9. phpmyadmin.
--------------------------------------------------------------------
for continue above above video click: for continue above video /:
https://youtu.be/sEs1zUimLH4
Тэги:
#kali #penetration_testing #nikto #information_gathering #hacking #security_testing #cyber_security #real_world_example #linux #server_hack