🔮
P4n1cBook
  • 🏴‍☠️Welcome!
    • 🔮P4n1cBook
    • 📚Bookmarks
    • 🚨Licence and Disclaimer
  • Fundamentals
    • Starter Kit
      • Linux
      • PowerShell
      • Git
      • 💾Regex
      • curl
      • tcpdump
      • Nmap
      • 🦈Wireshark
      • Metasploit
    • 🌐Network Protocols
      • ICMP
      • SSH
      • Telnet
      • DNS
      • FTP
      • HTTP/HTTPS
      • SMB
      • SNMP
      • SMTP
      • NFS
      • IPP
      • WinRM
      • LLMNR
    • Code
      • Python Essentials
      • C & C++
    • Web APIs
      • GraphQL
    • Shells/TTYs
    • Dorks
    • Cryptography
    • Reverse Engineering
      • GDB
      • Binaries
  • Web Exploitation
    • Web Enumeration
    • Web Fuzzing
      • ffuf
      • feroxbuster
      • Gobuster
      • GoWitness
    • Main Techniques
      • Arbitrary File Read
      • Session Hijacking
      • SSRF
      • Eval Injection
      • Template Manipulation
      • Path Traversal
      • Prototype Pollution
      • XXE
      • Deserialization
      • Log Poisoning
      • Command Injection
      • SQLi
        • SQLmap
      • Arbitrary File Upload
      • SSTI
      • LFI
      • XSS
    • Web Servers
      • Apache
      • Nginx
      • Werkzeug
    • Web Services/Frameworks
      • Wordpress
      • Laravel
      • Express
      • Magento
      • AIOHTTP
      • HashiCorp Vault
      • Tiny File Manager
      • Joomla
      • CMS Made Simple
      • 🌵Cacti
      • Tomcat
      • Zabbix
      • OpenNetAdmin
      • ImageMagick
    • Databases
      • MySQL
      • NoSQL
        • MongoDB
        • Redis
    • Java-based web application
      • pd4ml.jar
      • Struts
      • .WAR
      • JDWP
  • Cloud Exploitation
    • Kubernetes
    • AWS
  • Post Exploitation
    • File Transfer
      • Exfiltration
    • Credential Dumping
      • Thunderbird
    • Lateral Movement
    • Persistence
    • Linux Privilege Escalation
      • Static Binaries
      • Enumeration
      • Hijacks
      • Command Injection
      • Jailbreaks
      • Binary Exploitation - Linux
      • Kernel Exploits
      • Buffer Overflow - Linux
      • Docker
      • Abusing Wildcards
  • Wireless Exploitation
    • NFC
Powered by GitBook
On this page
Edit on GitHub
  1. Web Exploitation
  2. Web Servers

Apache

It uses a process-based model, where each request is handled by a separate thread or process, which can be resource-heavy under high traffic but provides great compatibility.

Configuration Files
Standard
/etc/apache2/apache2.conf
RHEL
/etc/httpd/httpd.conf
FreeBSD
/etc/apache24/httpd.conf
vhost
/etc/apache2/sites-enabled/000-default.conf
Modules
/etc/apache2/mods-available/
Initial Recon

  • If you are lucky you may be able to find /sites-enabled and /sites-available or even logs: 

feroxbuster -u http://URL.htb -w ~/Documents/Wordlists/default-web-root-directory-linux.txt --output urls.txt --redirects

  • robots.txt can reveal pages that the server is hiding.

  • Fuzz for vhosts at sight of 301 responses.

Ffuf
ffuf -c -w ~/Documents/Wordlists/subdomains-top1million-20000.txt -u http://SITE/ -H "Host: FUZZ.URL.htb" -fc 301 -ac

  • /cgi-bin/: Directory for executing CGI scripts.

  • /icons/: Often used for directory listings. It may expose unintended file paths.

  • phpinfo.php: Disclose sensitive server and PHP configuration details.

Authentication/Authorization

Authentication

  • .htaccess: Configures directory-specific rules for authentication and other settings.

  • .htpasswd: Stores user credentials for basic authentication.

Standard Modules

mod_status

/server-status: Real-time status and diagnostic information about the server, including active requests, resource usage, and server performance.

/server-info: Server health and performance monitoring.

PHP Modules

To Allow PHP execution you need to add this line to /etc/apache2/apache2.conf:

LoadModule php_module /usr/lib/apache2/modules/libphp.so
    AddType application/x-httpd-php .php

  • You can actually add any extension that you want:

AddType application/x-httpd-php .l33t
PreviousWeb ServersNextNginx

Last updated 13 days ago