查找可能泄露的密码.md

查找纯文本用户名和密码

>grep -i user [filename]
>grep -i pass [filename]
>grep -C 5 "password" [filename]
>find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password"   # Joomla
>cat ~/.bash_history
>cat ~/.nano_history
>cat ~/.atftp_history
>cat ~/.mysql_history
>cat ~/.php_history
>grep --color=auto -rnw '/' -ie "PASSWORD" --color=always 2> /dev/null
>find . -type f -exec grep -i -I "PASSWORD" {} /dev/null \;

尝试查找私钥

>cat ~/.ssh/authorized_keys
>cat ~/.ssh/identity.pub
>cat ~/.ssh/identity
>cat ~/.ssh/id_rsa.pub
>cat ~/.ssh/id_rsa
>cat ~/.ssh/id_dsa.pub
>cat ~/.ssh/id_dsa
>cat /etc/ssh/ssh_config
>cat /etc/ssh/sshd_config
>cat /etc/ssh/ssh_host_dsa_key.pub
>cat /etc/ssh/ssh_host_dsa_key
>cat /etc/ssh/ssh_host_rsa_key.pub
>cat /etc/ssh/ssh_host_rsa_key
>cat /etc/ssh/ssh_host_key.pub
>cat /etc/ssh/ssh_host_key