Dozens of websites are still vulnerable

Published Date: 2020/09/12 by: DaVieS

Dozens of websites are still vulnerable

We are not speaking about a BUG, or Exploit, this is something st*pid similar if you see a burglar and let you in meanwhile you thanks to him to choose your house. Oh wait.. Not just like that, because the website may contains a lot of people private data, such as photos, passwords, addresses..

So this is something that you can solve easily and absolutely your fault, we contacted many sites owner to resolve the issue, and only 10% did that in the past 6 months.

 

Details

  • .env files (mostly used by Laravel) may contains your database passwords and any sensitive data I really don't know why using dotfiles instead of PHP?
  • .git files, this is a Git Repository if this available to attackers they could grab your source code including passwords or even your SSL Certificates, API Keys.
  • .ini files sometimes a beginner PHP programmers uses .INI files to store passwords
  • .db / .sqlite We discovered many SQlite database available in websites that contains passwords or any sensitive datas.

 



If you like the article then don't forget to share!


nPulse.net going dark (again)

Back in time the most of the websites were DARK, specially the tech ones and forums. Then people started to use more slick, curved and light..


sysAdmin ToolBox v2.3.0

We just uploaded the very new release of this application.We added new function called: WiFi Discovery I'm sure everyone will love that, so..


New Software (PFR)

Our new Software released under Open Source license. PFR is a cross-platform easy-to-use powerfull tool to recover broken files that caused HDD..


BVCP for FreeBSD Bhyve Released today!

I'm happily announce that, one of our greatest product just released for the public! BVCP is a Webcontrol interface for FreeBSD Bhyve aka..


Upgrade into FreeBSD Bhyve was successfull

As I told before we were started to migrate our infrastructure from Linux/KVM (FreeBSD) into FreeBSD/Bhyve (FreeBSD). I announce that we..


Hello Bhyve, Im moving in ...

We are performing an update at this weekend, there will be some interrupts in our services. Please be patient! ..


Launched BVCP Today!

FreeBSD Bhyve Web Control Panel launched today as planned as pre-release.Project started at 2021.05 month and yet ready for production use..


bhyve webadmin, web control panel

FreeBSD uses bhyve as hypervisor! So.. no questions we are using FreeBSD for web, mailing, devel, for everything.Now we would like to drop KVM /..


Side Quest, BVCP WebUI for FreeBSD Bhyve

Okay, so we are in middle to upgrade and realign our infrastructure and happened days ago with a random facebook talk, someone hinted FreeBSD..


Corrupted innoDB on linux ext4, data recovery

I could say I saw a everthing but not, here is the case: There is a VM Host with ZFS Storage, direct attached, and there is a Linux VPS with ext4..

All rights reserved nPulse.net 2009 - 2021
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD