Hide php extension for social engineering purpose

First thoughts when see these url :
http://www.mydomain.com/about.pl

this site use perl

http://www.mydomain.com/about.cfm

this site use cfm

http://www.mydomain.com/about.htm

or

http://www.mydomain.com/about.html

then you might think about ordinary htm/html file

is it true?

the answers are : maybe yes and maybe no icon smile Hide php extension for social engineering purpose

how about this?

http://www.mydomain.com/about.exe

http://www.mydomain.com/about.us

whats? new language for web

yeah, that’s my first impression till I know about this apache directive on httpd.conf :

AddType application/x-httpd-php .php

You can add extension as much as you can, depends on requirements;

for promotion purpose : .mycompanyname for file extension

or using :

.htm .html .asp .jsp for social engineering purpose

just add

AddType application/x-httpd-php .php .mycompanyname .cocacola .pepsi

or

AddType application/x-httpd-php .php .htm .html .asp .jsp

save the file (httpd.conf) and restart your apache

voila!

You are U icon smile Hide php extension for social engineering purpose

3 Comments

  1. Pingback: engineering » Blog Archive » Charities Worth Supporting

  2. Pingback: engineering » Blog Archive » Social Engineering

  3. Pingback: engineering » Blog Archive » Social engineering petrie dishes could easily be more secure

Comments are closed.