July 2018
Beginner
564 pages
12h 22m
English
Content preview from Learn Ethical Hacking from Scratch
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Information gathering using files
So far, we have learned how to find any subdomains that exist within our target website that have not been listed. In this section, we're going to see how we can find files and directories that are stored on our target computer or our target website. Again, these could be useful because these files could contain passwords, they could contain config information, or they could contain information about the actual server, which will help us further exploit our target.
Let's just first see what is meant by files and directories, just to show the structure of directories on a web server. We have our Metasploitable machine and, as we know, usually the web server stuff is stored in var/www/ directory. If we run ...