Add information gathering via hidden directory crawling solution

author: Thomas Vanbesien <tvanbesi@proton.me> 2026-03-26 22:33:53 +0100
committer: Thomas Vanbesien <tvanbesi@proton.me> 2026-03-26 22:33:53 +0100
commit: c1d65afac94fd43f79f4f6189fb273866219ceaa (patch)
tree: 7edb3cdfa661ae67134faba90573cc393c401a4d /Information gathering 2/Resources/notes.md
parent: cf5cc6e1db519ef7bd1d786656027a64c208d8b9 (diff)
download: darkly-c1d65afac94fd43f79f4f6189fb273866219ceaa.tar.gz
darkly-c1d65afac94fd43f79f4f6189fb273866219ceaa.zip
1 files changed, 16 insertions, 0 deletions
diff --git a/Information gathering 2/Resources/notes.md b/Information gathering 2/Resources/notes.md
new file mode 100644
index 0000000..1f8aad0
--- /dev/null
+++ b/Information gathering 2/Resources/notes.md
@@ -0,0 +1,16 @@
+## Exploit
+
+[https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/01-Information_Gathering/01-Conduct_Search_Engine_Discovery_Reconnaissance_for_Information_Leakage]()
+
+1. Explore public `robots.txt`
+    ```bash
+    ❯ curl http://10.0.2.15/robots.txt
+    User-agent: *
+    Disallow: /whatever
+    Disallow: /.hidden
+    ```
+1. Explore the links in `http://10.0.2.15/.hidden` with the `crawl.bash` script to find a flag
+
+## Fix
+
+Same as **Information gathering 1**: do not put sensitive data in `robots.txt` because this file is publicly available.
author	Thomas Vanbesien <tvanbesi@proton.me>	2026-03-26 22:33:53 +0100
committer	Thomas Vanbesien <tvanbesi@proton.me>	2026-03-26 22:33:53 +0100
commit	c1d65afac94fd43f79f4f6189fb273866219ceaa (patch)
tree	7edb3cdfa661ae67134faba90573cc393c401a4d /Information gathering 2/Resources/notes.md
parent	cf5cc6e1db519ef7bd1d786656027a64c208d8b9 (diff)
download	darkly-c1d65afac94fd43f79f4f6189fb273866219ceaa.tar.gz darkly-c1d65afac94fd43f79f4f6189fb273866219ceaa.zip