{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 够拽才男人 的问题《Is it possible to get a list of files under a dire》','https://www.manongdao.com/q-463100.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Say I have a website www.abc.com. Under the website directory there is a page secret.html. It can be accessed directly like www.abc.com/secret.html, but there are no pages that link to it. Is it possible to discover this page, or will it remain hidden from outside world?
相关问题
- Web server farms with IIS ? Basic Infos [closed]
- Using WebStorm with Parse.com
- IE11 Not Displaying Image With Object Tag Through
- Node.js - Good WebServer with WebSocket-proxying &
- PermissionError: [Errno 13] Permission denied Pyth
相关文章
- WebService 启动调试后,能成功调用函数,但断点进不去任何方法
- Using the PHP built-in server in production
- How do i make my IP public, Externally can access
- How to email attachment from PHP?
- Is it possible to set up nginx without cookies?
- Python Webserver: How to serve requests asynchrono
- Running two web server at the same time in one go
- Why does HTTP headers doesn't get created when
If you have directory listing disabled in your webserver, then the only way somebody will find it is by guessing or by finding a link to it.
That said, I've seen hacking scripts attempt to "guess" a whole bunch of these common names. "secret.html" would probably be in such a guess list.
The more reasonable solution is to restrict access using a username/password via a htaccess file (for apache) or the equivalent setting for whatever webserver you're using.
There are only two ways to find a web page: through a link or by listing the directory.
Usually, web servers disable directory listing, so if there is really no link to the page, then it cannot be found.
BUT: information about the page may get out in ways you don't expect. For example, if a user with Google Toolbar visits your page, then Google may know about the page, and it can appear in its index. That will be a link to your page.
If a website's directory does NOT have an "index...." file, AND .htaccess has NOT been used to block access to the directory itself, then Apache will create an "index of" page for that directory. You can save that page, and its icons, using "Save page as..." along with the "Web page, complete" option (Firefox example). If you own the website, temporarily rename any "index...." file, and reference the directory locally. Then restore your "index...." file.
Yes, you can, but you need a few tools first. You need to know a little about basic coding, FTP clients, port scanners and brute force tools, if it has a
.htaccess file.If not just try tgp.linkurl.htm or html, ie
default.html,www/home/siteurl/web/, orwap /index/ default /includes/ main/ files/ images/ pics/ vids/, could be possible file locations on the server, so try all of them sowww/home/siteurl/web/includes/.htaccessordefault.html. You'll hit a file after a few tries then work off that. Yahoo has a site file viewer too: you can try to scan sites file indexes.Alternatively, try brutus aet, trin00, trinity.x, or whiteshark airtool to crack the site's FTP login (but it's illegal and I do not condone that).