当前位置:网站首页>Background search, how to find the website background
Background search, how to find the website background
2022-06-26 20:58:00 【The end of the world and you】
Background search , How to find the website background
1. Weak password defaults to background password
admin,admin/login.asp,manage,login.asp And so on
2. Check out the links on the web
Generally speaking , The homepage of the website has management login and similar things , Some may be deleted by the Administrator
3. Use tools to find
- Not by default , Consider using the imperial sword + The dictionary runs in the background directory
- The background address is complex , Consider crawling websites , Like using a crawling kitchen knife ,Web robot
- With the help of
Google-hackerConstruction lookup
web robot demonstration :
Open the robot and select the web spider :
Right click to add URL To list :
Start crawling :
4.robots.txt With the help of the
robots.txt The file tells the spider what kind of file can be viewed on the server
5. Picture attribute
The image attribute path exposes the background location
6. Editor leaks
Check whether the editor used by the website has a default background
7. Short file utilization
8. utilize sqlmap
sqlmap --sql-shell load_file('d:/wwroot/index.php');
9. The background is not on the same site
- Port background
- Subdomain background
- Check the side station of the same server
- CSS style ,JS Code remote
linkDisclose the background address
边栏推荐
- 回首望月
- c语言99乘法表
- 剑指 Offer II 098. 路径的数目 / 剑指 Offer II 099. 最小路径之和
- Garbage collection mechanism of browser
- Muke 8. Service fault tolerance Sentinel
- Two methods of QT to realize timer
- [Bayesian classification 3] semi naive Bayesian classifier
- Can I open an account online? Is it safe?
- C: Reverse linked list
- Is there any risk in opening a mobile stock registration account? Is it safe?
猜你喜欢
MySQL - database creation and management
Gee: calculate the maximum and minimum values of pixels in the image area
Two methods of QT to realize timer
慕课11、微服务的用户认证与授权
Mongodb implements creating and deleting databases, creating and deleting tables (sets), and adding, deleting, modifying, and querying data
Arduino UNO + DS1302利用31字节静态RAM存储数据并串口打印
Yonghui released the data of Lantern Festival: the sales of Tangyuan increased significantly, and several people's livelihood products increased by more than 150%
飞天+CIPU体为元宇宙带来更大想象空间
MySQL - subquery usage
Disruptor local thread queue_ Use transprocessor processor and workpool to compare consumption - Notes on inter thread communication 005
随机推荐
Bonne Recommandation: développer des outils de sécurité pour les terminaux mobiles
[serial] shuotou O & M monitoring system 01 overview of monitoring system
The two files are merged into a third file.
C exercise. Class list plus records, display records and clear records
Establish a connection with MySQL
Is there any risk in opening a mobile stock registration account? Is it safe?
Muke 8. Service fault tolerance Sentinel
Mr. Sun's version of JDBC (21:34:25, June 12, 2022)
Garbage collection mechanism of browser
Sentinelresource annotation details
Idea error: process terminated
windows系统下怎么安装mysql8.0数据库?(图文教程)
[serialization] how to master the core technology of opengauss database? Secret 5: master database security (6)
0 basic C language (3)
MySQL中存储过程的详细详解
GameFi 活跃用户、交易量、融资额、新项目持续性下滑,Axie、StepN 能摆脱死亡螺旋吗?链游路在何方?
SentinelResource注解详解
Detailed explanation of shutter textfield
On the origin of the dispute between the tradition and the future of database -- AWS series column
Leetcode question brushing: String 05 (Sword finger offer 58 - ii. left rotation string)