Hide php extension for social engineering purpose
First thoughts when see these url :
http://www.mydomain.com/about.pl
this site use perl
http://www.mydomain.com/about.cfm
this site use cfm
http://www.mydomain.com/about.htm
or
http://www.mydomain.com/about.html
then you might think about ordinary htm/html file
is it true?
the answers are : maybe yes and maybe no 
how about this?
http://www.mydomain.com/about.exe
http://www.mydomain.com/about.us
whats? new language for web
yeah, that’s my first impression till I know about this apache directive on httpd.conf :
AddType application/x-httpd-php .php
You can add extension as much as you can, depends on requirements;
for promotion purpose : .mycompanyname for file extension
or using :
.htm .html .asp .jsp for social engineering purpose
just add
AddType application/x-httpd-php .php .mycompanyname .cocacola .pepsi
or
AddType application/x-httpd-php .php .htm .html .asp .jsp
save the file (httpd.conf) and restart your apache
voila!
You are U
- Top Forum Posters Required by ahmansoor
- Project for Edmund by DorisC
- Nonpublic project #328415 by slipp
- Oscommerce small CCGV +Affiliate fix by fullecommerce1
- Banners design for a website, splash page presentation and sell page design by bullco
- Project for BeiManiago #2 by uchoa55
- Nonpublic project #328412 by bunnyg
- Number of small changes to 2 websites - pls read details by sanet
- Need quick fix for OSC site by flyhead64
- Project For "creator115". by sunconsultancy1
3 Comments
Pingback & Trackback
Random Post
Leave Your Comments Below