🚀 LFI - Interesting Linux files
/etc/issue
/etc/passwd
/etc/shadow
/etc/group
/etc/hosts
/etc/motd
/etc/mysql/my.cnf
/proc/[0-9]*/fd/[0-9]* (first number is the PID, second is the filedescriptor)
/proc/self/environ
/proc/version
/proc/cmdline
/proc/sched_debug
/proc/mounts
/proc/net/arp
/proc/net/route
/proc/net/tcp
/proc/net/udp
/proc/self/cwd/index.php
/proc/self/cwd/main.py
/home/$USER/.bash_history
/home/$USER/.ssh/id_rsa
/run/secrets/kubernetes.io/serviceaccount/token
/run/secrets/kubernetes.io/serviceaccount/namespace
/run/secrets/kubernetes.io/serviceaccount/certificate
/var/run/secrets/kubernetes.io/serviceaccount
/var/lib/mlocate/mlocate.db
/var/lib/plocate/plocate.db
/var/lib/mlocate.db
#bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity #securitycipher #technology #coding #code #recon #ai #llm #owasp
/etc/issue
/etc/passwd
/etc/shadow
/etc/group
/etc/hosts
/etc/motd
/etc/mysql/my.cnf
/proc/[0-9]*/fd/[0-9]* (first number is the PID, second is the filedescriptor)
/proc/self/environ
/proc/version
/proc/cmdline
/proc/sched_debug
/proc/mounts
/proc/net/arp
/proc/net/route
/proc/net/tcp
/proc/net/udp
/proc/self/cwd/index.php
/proc/self/cwd/main.py
/home/$USER/.bash_history
/home/$USER/.ssh/id_rsa
/run/secrets/kubernetes.io/serviceaccount/token
/run/secrets/kubernetes.io/serviceaccount/namespace
/run/secrets/kubernetes.io/serviceaccount/certificate
/var/run/secrets/kubernetes.io/serviceaccount
/var/lib/mlocate/mlocate.db
/var/lib/plocate/plocate.db
/var/lib/mlocate.db
#bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity #securitycipher #technology #coding #code #recon #ai #llm #owasp
Kubernetes
Configure Service Accounts for Pods
Kubernetes offers two distinct ways for clients that run within your cluster, or that otherwise have a relationship to your cluster's control plane to authenticate to the API server.
A service account provides an identity for processes that run in a Pod,…
A service account provides an identity for processes that run in a Pod,…
A Comprehensive Repo for Shodan Dorks
This GitHub repository provides a range of Shodan dorks to find vulnerabilities and configuration issues in various types of devices such as webcams, routers, and servers.
• Repository: https://github.com/nullfuzz-pentest/shodan-dorks
#infosec #cybersecurity #bugbounty #pentest #bugbountyTips #shodan #recon #dork
This GitHub repository provides a range of Shodan dorks to find vulnerabilities and configuration issues in various types of devices such as webcams, routers, and servers.
• Repository: https://github.com/nullfuzz-pentest/shodan-dorks
#infosec #cybersecurity #bugbounty #pentest #bugbountyTips #shodan #recon #dork
GitHub
GitHub - nullfuzz-pentest/shodan-dorks: Shodan Dorks
Shodan Dorks. Contribute to nullfuzz-pentest/shodan-dorks development by creating an account on GitHub.
If you come across a WordPress website, fuzz for these files and patterns:
• You can generate wordlists with the patterns above or any pattern you want using Fback:
https://github.com/Spix0r/Fback
#InfoSec #CyberSecurity #Hacking #Course #bugbounty #wordpress #Fuzzing
.env.bak
.env.php
wp-config-backup.php
wp-config.php.save
wp-config.php~
wp-config.php.old
error_log.log
php_error.log
wp.sql
db.sql
wpbackup.sql
mysql_backup.sql
{TARGET}.zip
{TARGET}-backup.zip
• You can generate wordlists with the patterns above or any pattern you want using Fback:
https://github.com/Spix0r/Fback
#InfoSec #CyberSecurity #Hacking #Course #bugbounty #wordpress #Fuzzing
GitHub
GitHub - Spix0r/fback: This is a useful Python script for generating a target specific wordlist for fuzzing backup files.
This is a useful Python script for generating a target specific wordlist for fuzzing backup files. - Spix0r/fback