Prady18
commented
1 year ago It seems like you are trying to scan a website using a wordlist, but you are having trouble finding the index.php page. Here are some steps that might help you:
1.Make sure your web server is running and the website is accessible. You can check this by visiting the website in your web browser.
2.Check if the index.php page is accessible by typing the URL http://yourwebsite.com/index.php in your web browser. If you see the index.php page, then it's working.
3.If you can't find the index.php page using your wordlist, try using a different wordlist that includes common file names and extensions, such as admin.php, config.php, login.php, etc.
4.You can also try using a web vulnerability scanner tool like Nikto or OWASP ZAP to scan your website for vulnerabilities and find hidden files and directories.
Regarding your specific wordlist, it looks like you have included some variations of the index.php filename. %EXT% is a placeholder that will be replaced with the file extension, so index.%EXT% will become index.php in this case. index.php/login might be a valid URL if you have a login directory inside the index.php file. index.phps is a file extension that is not commonly used, but it's worth checking if your web server supports it.👾
shelld3v
The target website exists index.php file but cannot scan out
dirsearch-v0.4.3
I set up a PHP website myself and created index.php, but I can't scan out index.php with my own wordlist. My wordlist content is as follows:
The command I use is as follows:
The results of dirsearch-v0.4.3 is as follows, only appear [15:17:51] 404 - 543B - /index.phps
My PHP server log is as follows:
It can be seen from the log that Index.php is indeed accessed, but it has not appeared in the results of dirsearch-v0.4.3