【渗透测试】任意文件下载的奇特操作

在Linux操作系统的/var/lib/mlocate/目录下有一个mlocate.db文件,这个文件是一个包含了本地所有文件的信息的数据库。

┌─[root@parrot]─[/var/lib/mlocate]
└──╼ #pwd
/var/lib/mlocate
┌─[root@parrot]─[/var/lib/mlocate]
└──╼ #ll
总用量 11836

-rw-r----- 1 root mlocate 12116816 1月  14 06:28 mlocate.db

查找文件示例:

┌─[✗]─[root@parrot]─[/var/lib/mlocate]
└──╼ #locate mlocate.db root
/root
/bin/btrfs-find-root
/etc/chkrootkit.conf
/etc/alternatives/fakeroot
/etc/alternatives/fakeroot.1.gz
/etc/alternatives/fakeroot.es.1.gz
/etc/alternatives/fakeroot.fr.1.gz
/etc/alternatives/fakeroot.sv.1.gz
/etc/cron.daily/chkrootkit
/etc/exim4/conf.d/router/mmm_mail4root
/etc/ld.so.conf.d/fakeroot-x86_64-linux-gnu.conf
/etc/postgresql-common/root.crt
/etc/selinux/default/contexts/users/root
/etc/skel/.local/share/applications/zenmap-root.desktop
/etc/ssl/certs/Comodo_AAA_Services_root.pem
/etc/ssl/certs/Comodo_Secure_Services_root.pem
/etc/ssl/certs/Comodo_Trusted_Services_root.pem
/home/wyy/.local/lib/python2.7/site-packages/cheroot
/home/wyy/.local/lib/python2.7/site-packages/cheroot-6.0.0.dist-info
/home/wyy/.local/lib/python2.7/site-packages/certifi/old_root.pem
/home/wyy/.local/lib/python2.7/site-packages/cheroot/__init__.py
/home/wyy/.local/lib/python2.7/site-packages/cheroot/__init__.pyc
/home/wyy/.local/lib/python2.7/site-packages/cheroot/_compat.py
/home/wyy/.local/lib/python2.7/site-packages/cheroot/_compat.pyc
/home/wyy/.local/lib/python2.7/site-packages/cheroot/errors.py
/home/wyy/.local/lib/python2.7/site-packages/cheroot/errors.pyc
/home/wyy/.local/lib/python2.7/site-packages/cheroot/makefile.py
/home/wyy/.local/lib/python2.7/site-packages/cheroot/makefile.pyc
/home/wyy/.local/lib/python2.7/site-packages/cheroot/server.py
/home/wyy/.local/lib/python2.7/site-packages/cheroot/server.pyc
/home/wyy/.local/lib/python2.7/site-packages/cheroot/ssl
/home/wyy/.local/lib/python2.7/site-packages/cheroot/test
/home/wyy/.local/lib/python2.7/site-packages/cheroot/workers
/home/wyy/.local/lib/python2.7/site-packages/cheroot/wsgi.py
/home/wyy/.local/lib/python2.7/site-packages/cheroot/wsgi.pyc

你可能感兴趣的:(信息安全)