- All system linux has a file with name passwd that is in the folder / etc /. This file is salve all users of server, this file is the key of all, but exist other alternatives for find users but less eficient.
- I check if the actual folder has a structure / home / my_user / public_html / , for default in servers linux.
- I do the read of file passwb and list all users for a loop.
Next step, we will search configuration files, files of database, system or writting folders. Exemplo:
- All site init with index.html or index.php in php, last item is that important for us, so checked if existe this file / home / my_user / public_html / index.php
- In case of WordPress site used / home / my_user / public_html / wp-config.php
- In case of Joomla site used / home / my_user / public_html / configuration.php
- And many others standards indentified how cms and frameworks
- And in the end return data of files and os information if folder is can write or not.
Many peoples will say that the problem is permission wrong. Correctly, but what? All system have folders with permission 755 and files 644. Where is wrong?
The result is:
- Eliminate view of file / etc / passwd for common users.
- Eliminate access of users in folder of other users, for view or writting.
- Edit permission of root folder for 750.
- Never use 777 for folders or files.
- For statemant, internal folders use 755 and files 644. Only internals, this root folder 750.
How do you do for test:
Make download of file octopus in https://github.com/lenonleite/octopus and insert in your server. Existe two files, a simple file and other with stegonography with header metatag in gif for by pass in system of upload if necessary.
See the vídeo:
4 users, 11 found sensibles files:
1 user, 5 found sensibles files
21 users, 35 found sensibles files.
Clicking in check of column of configuration Zend file.