View file File name : lfi-os-files.data Content :# This list comes from: # - https://github.com/lightos/Panoptic # - https://github.com/danielmiessler/SecLists # /proc and /sys entries should be kept in sync with restricted-files.data # Entries in this list generally use the shortest path that suffices for identifying them as dangerous. # .ssh/id_rsa and .ssh/id_dsa for example, are both dangerous paths but are represented in this list as .ssh. # The same applies to different log files below /var/log/mysql: var/log/mysql is enough to tell us that the request is suspicious. # Additionally, similar paths with different roots are represented as a single entry. # For example, the two entries usr/local/mysql/data/mysql.err and xampp/mysql/data/mysql.err are # represented as mysal/data, as that is enough to identify the paths as being suspicious. # Most of the dotfile entries can be generated from the following three commands. # Unfortunately, the output contains many more entries, including some file # extensions. There are also some entries that probably added by hand. # curl -s https://raw.githubusercontent.com/lightos/Panoptic/master/home.txt | grep -E "^\." | awk '{ print tolower($0) }' | sort | uniq # curl -s https://raw.githubusercontent.com/lightos/Panoptic/master/cases.xml | grep "file value" | cut -d'"' -f2 | grep -E "^\." | awk '{ print tolower($0) }' | sort | uniq # curl -s https://raw.githubusercontent.com/danielmiessler/SecLists/master/Fuzzing/fuzz-Bo0oM.txt | grep -Ev '\\|\.\.|=\b|%' | grep -E "^\." | awk '{ print tolower($0) }' | sort | uniq .addressbook .anydesk/ .aptitude/config .atom/ .aws/ .azure/ .bash_ .bashrc .boto .cache/notify-osd.log .config/ .cshrc .cups/ .dbus/ .docker .drush/ .env .eslintignore .fbcindex .forward .gem/ .gitattributes .gitconfig .gnonme/ .gnupg/ .gsutil/ .hplip/hplip.conf .htaccess .htdigest .htpasswd .java/ .ksh_history .kube/ .lesshst .lftp/ .lhistory .lighttpdpassword .lldb-history .local/share/mc/ .lynx_cookies .minikube/ .my.cnf .mysql_history .nano_history .netrc .node_repl_history .npm/ .nsconfig .nsr .nvm/ .oh-my- .password-store .pearrc .pgpass .php_history .pinerc .pki/ .proclog .procmailrc .profile .psql_history .python_history .rediscli_history .rhistory .rhosts .sh_history .sqlite_history .ssh/ .subversion/ .tconn/ .tcshrc .thunderbird/ .tor/ .vidalia/ .vim/ .viminfo .vimrc .vmware/ .www_acl .wwwacl .xauthority .zhistory .zsh_history .zshrc /php.ini /tmp/ # Apache httpd entries can be generated with the following command: # curl -s https://raw.githubusercontent.com/lightos/Panoptic/master/cases.xml | grep "file value" | cut -d'"' -f2 | awk -F/ '{ { if (length($NF) > 0) {v1 = NF-1; v2 = NF} else {v1 = NF-2; v2 = NF-1} print tolower($v1"/"$v2) }) }' | grep apache | sort | uniq apache/access.conf apache/apache.conf apache/apache2.conf apache/audit_log apache/conf apache/default-server.conf apache/error_log apache/error.log apache/httpd.conf apache/log apache2/apache.conf apache2/apache2.conf apache2/conf apache2/default-server.conf apache2/envvars apache2/httpd.conf apache2/httpd2.conf apache2/logs apache2/mods apache2/ports.conf apache2/sites apache2/ssl-global.conf apache2/vhosts.d apache22/conf apache22/httpd.conf apache22/logs apache24/conf apache24/httpd.conf apache24/logs app/etc/local.xml boot.ini boot/grub/grub.cfg boot/grub/menu.lst config_dev.yml config_prod.yml config.sample.php config_test.yml config.inc.php config.php config.yml config/app.php config/custom.php config/database.php configuration.php cpanel/logs data/elasticsearch data/kafka defaults.inc.php etc/.java etc/acpi etc/adduser.conf etc/alias etc/alsa etc/alternatives etc/anacrontab etc/ansible etc/apache/access.conf etc/apache/apache.conf etc/apache/default-server.conf etc/apache/httpd.conf etc/apache/vhosts.conf etc/apache2 etc/apm etc/apparmor etc/apport etc/apt etc/asciidoc etc/at.allow etc/at.deny etc/avahi etc/bash_completion.d etc/bash.bashrc etc/bashrc etc/bind etc/binfmt.d etc/bluetooth etc/bonobo-activation etc/bootptab etc/brltty etc/ca-certificates etc/calendar etc/casper.conf etc/centos-release etc/chatscripts etc/chkrootkit.conf etc/chromium-browser etc/chrootusers etc/chttp.conf etc/clam.d etc/clamav etc/cni etc/console-setup etc/coraza-waf etc/cracklib etc/cron.allow etc/cron.d etc/cron.hourly etc/cron.monthly etc/cron.weekly etc/crontab etc/crypttab etc/cups etc/cvs-cron.conf etc/cvs-pserver.conf etc/dbus-1 etc/dconf etc/debconf.conf etc/debian_version etc/default etc/deluser.conf etc/depmod.d etc/dhcp etc/dictionaries-common etc/dkms etc/dns2tcpd.conf etc/dnsmasq.d etc/dockeretc/dpkg etc/e2fsck.conf etc/elasticsearch etc/emacs etc/environment.d etc/esound/esd.conf etc/etter.conf etc/exports etc/fail2ban etc/fedora-release etc/firebird etc/firefox etc/firewall etc/fonts etc/foremost.conf etc/freshclam.conf etc/fstab etc/ftpaccess etc/ftpchroot etc/ftphosts etc/ftpusers etc/fuse.conf etc/fwupd etc/gconf etc/gdb etc/gdm3 etc/geoclue etc/ghostscript etc/gimp etc/glvnd etc/gnome etc/gnucash etc/gnustep etc/groff etc/group etc/grub.conf etc/grub.d etc/gshadow etc/gss etc/gtk-2.0 etc/gtk-3.0 etc/hdparm.conf etc/host.conf etc/hostname etc/hosts etc/hp etc/http/conf etc/http/httpd.conf etc/httpd etc/ifplugd etc/imagemagick-6 etc/inetd.conf etc/init etc/insserv.conf.d etc/ipfw etc/iproute2 etc/iptables etc/issue etc/java etc/kafka etc/kbd/config etc/kernel etc/kibana etc/ld.so.conf etc/ldap etc/libblockdev etc/libibverbs.d etc/libnl-3 etc/libpaper.d etc/libreoffice etc/lighttpd etc/lilo.conf etc/logcheck etc/login.defs etc/logrotate.conf etc/logrotate.d etc/logstash etc/lsb-release etc/ltrace.conf etc/lvm etc/lynx etc/mail etc/mandrake-release etc/manpath.config etc/mc etc/menu etc/miredo-server.conf etc/miredo.conf etc/miredo/miredo-server.conf etc/miredo/miredo.conf etc/modprobe.d etc/modsecurity etc/modulesf etc/mongod.conf etc/monit etc/mono etc/motd etc/mplayer etc/mpv etc/mtab etc/mtools.conf etc/muddleftpd etc/muddleftpd.com etc/muttrc.d etc/my.cnf etc/my.conf etc/mysql etc/netplan etc/network etc/networkmanager etc/newsyslog.conf etc/newt etc/nghttpx etc/nginx/ etc/nikto etc/npasswd etc/nuxeo.conf etc/odbcdatasources etc/openal etc/openldap/ldap.conf etc/openmpi etc/opt etc/os-release etc/osxhttpd etc/osync etc/packagekit etc/pam.conf etc/pam.d etc/pam.d/proftpd etc/passwd etc/password etc/pcmcia etc/perl etc/php etc/pki etc/pm etc/polkit-1 etc/postfix etc/postgresql etc/ppp etc/printcap etc/profile etc/proftp.conf etc/proftpd etc/pulse etc/pure-ftpd etc/pureftpd etc/python etc/rc.conf etc/rc.d/rc.httpd etc/rc0.d etc/rc1.d etc/rc2.d etc/rc3.d etc/rc4.d etc/rc5.d etc/rc6.d etc/rcs.d etc/redhat-release etc/redis-sentinel.conf etc/redis.conf etc/resolv.conf etc/resolvconf etc/rsyslog.d etc/samba etc/sane.d etc/scw-release etc/security etc/selinux etc/sensors.conf etc/sensors.d etc/sensors3.conf etc/sgml etc/shadow etc/signon-ui etc/skel etc/slackware-release etc/smb.conf etc/smbpasswd etc/smi.conf etc/snmp etc/sound etc/spamassassin etc/speech-dispatcher etc/squid etc/squirrelmail etc/ssh etc/ssl etc/sso etc/stunnel etc/subgid etc/subuid etc/subversion etc/sudoers etc/suse-release etc/sw-cp-server/applications.d etc/sysconfig etc/sysctl.conf etc/sysctl.d etc/syslog.conf etc/sysstat etc/system-release-cpe etc/systemd etc/termcap etc/terminfo etc/texmf etc/thermald etc/thnuclnt etc/thunderbird etc/timezone etc/timidity etc/tinyproxy etc/tmpfiles.d etc/tor/tor-tsocks.conf etc/tsocks.conf etc/ubuntu-advantage etc/udev etc/udisks2 etc/ufw etc/update-manager etc/update-motd.d etc/update-notifier etc/updatedb.conf etc/upower etc/urlview etc/usb_modeswitch.d etc/utmp etc/vhcs2/proftpd/proftpd.conf etc/vim etc/vmware etc/vsftpd.chroot_list etc/vsftpd.conf etc/vsftpd/vsftpd.conf etc/vulkan etc/w3m etc/webmin etc/wicd etc/wireshark etc/wpa_supplicant etc/wu-ftpd etc/x11 etc/xdg etc/xml gruntfile.js home/postgres http/httpd.conf httpd/conf/httpd.conf inc/config.php includes/config.php includes/configure.php inetpub/wwwroot/global.asa jakarta/dist/tomcat jakarta/tomcat/conf jakarta/tomcat/logs library/webserver/documents lighttpd/conf lighttpd/lighttpd.conf lighttpd/log localsettings.php logs/access_log logs/access.log logs/error_log logs/error.log logs/pure-ftpd.log logs/samba.log logs/security_debug_log logs/security_log lsws/conf lsws/logs mysql/bin/my.ini mysql/data mysql/my.cnf mysql/my.ini nginx/conf/nginx.conf npm-debug.log opt/apache opt/apache2 opt/httpd/apache.conf opt/httpd/apache2.conf opt/httpd/conf/ opt/jboss opt/lampp opt/nuxeo opt/tomcat opt/xampp ormconfig.json package-lock.json package.json parameters.yml pgsql/bin/pg_passwd pgsql/data php/apache.conf php/apache2.conf php/httpd.conf php5/apache.conf php5/apache2.conf php5/httpd.conf postgresql/log/ proc/0 proc/1 proc/2 proc/3 proc/4 proc/5 proc/6 proc/7 proc/8 proc/9 proc/acpi proc/asound proc/bootconfig proc/buddyinfo proc/bus proc/cgroups proc/cmdline proc/config.gz proc/consoles proc/cpuinfo proc/crypto proc/devices proc/diskstats proc/dma proc/docker proc/driver proc/dynamic_debug proc/execdomains proc/fb proc/filesystems proc/fs proc/interrupts proc/iomem proc/ioports proc/ipmi proc/irq proc/kallsyms proc/kcore proc/key-users proc/keys proc/kmsg proc/kpagecgroup proc/kpagecount proc/kpageflags proc/latency_stats proc/loadavg proc/locks proc/mdstat proc/meminfo proc/misc proc/modules proc/mounts proc/mpt proc/mtd proc/mtrr proc/net proc/pagetypeinfo proc/partitions proc/pressure proc/sched_debug proc/schedstat proc/scsi proc/self proc/slabinfo proc/softirqs proc/stat proc/swaps proc/sys proc/sysrq-trigger proc/sysvipc proc/thread-self proc/timer_list proc/timer_stats proc/tty proc/uptime proc/version proc/version_signature proc/vmallocinfo proc/vmstat proc/zoneinfo program files psa/admin pureftpd/etc root/anaconda-ks.cfg routing.yml samba/lib sb/config security.yml server/default/conf server/default/deploy server/default/log services.yml sftp-config.json sites/default/default.settings.php sites/default/settings.local.php sites/default/settings.php squirrelmail/config/config.php squirrelmail/www sys/block sys/bus sys/class sys/dev sys/devices sys/firmware sys/fs sys/hypervisor sys/kernel sys/module sys/power system/library/webobjects/adaptors system32/config system32/inetsrv/config tmp/access.log tmp/kafka-logs tsconfig.json typo3conf/localconf.php usr/etc/pure-ftpd.conf usr/home/user/lighttpd usr/lib/cron/log usr/lib/php usr/lib/rpm/rpm.log usr/lib/security usr/local/zeus/web usr/pkg/etc/httpd usr/pkgsrc/net/pureftpd usr/ports/contrib/pure-ftpd usr/ports/ftp/pure-ftpd usr/sbin/mudlogd usr/sbin/mudpasswd usr/sbin/pure-config.pl usr/share/adduser usr/share/logs usr/share/squirrelmail usr/share/tomcat usr/spool/lp usr/spool/mqueue var/adm var/apache/logs var/apache2/config.inc var/cpanel var/cron/log var/data/elasticsearch var/data/mysql-bin var/htmp var/lib/elasticsearch var/lib/mysql var/lib/pgsql var/lib/squirrelmail var/lighttpd var/local/www/conf var/log var/lp/logs var/mail var/mysql-bin var/mysql.log var/nm2/postgresql.conf var/postgresql var/run/utmp var/saf/_log var/saf/port/log var/spool var/webmin var/www/conf var/www/html/squirrelmail var/www/log volumes/macintosh_hd volumes/webbackup wamp/bin/apache wamp/bin/mysql wamp/bin/php wamp/logs web.config webpack.config.js windows/comsetup.log windows/debug/netsetup.log windows/odbc.ini windows/repair/setup.log windows/setupact.log windows/setupapi.log windows/setuperr.log windows/system32 windows/updspapi.log windows/windowsupdate.log windows/wmsetup.log winnt/repair winnt/system32/logfiles wp-config. www/conf/httpd.conf www/logs xampp/apache/logs xampp/filezillaftp xampp/htdocs xampp/mercurymail xampp/mysql/data xampp/php xampp/sendmail xampp/webalizer/webalizer.conf yarn.lock