Missing /opcache/ directory in Web-Content

danielmiessler / SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project

MIT License

57.4k stars 23.8k forks source link

Missing /opcache/ directory in Web-Content #683

Closed FLX-0x00 closed 2 years ago

FLX-0x00 commented 2 years ago

On a recent pentest i noticed a webserver using php opcache gui (https://github.com/amnuts/opcache-gui) The unprotected gui shows up some jucy information about the running web server and could be useful for further analysis. The /opcache/ name is not included in any wordlist. Is there a chance to include this directory name in one of the Web-Content lists?

Cheers.

g0tmi1k commented 2 years ago

Thanks for the suggestion.

Please do open up a pull request with it, and we can accept it :)

g0tmi1k commented 2 years ago

I believe its now merged in - thanks for taking the time to make the pull request!