I have a web site hosted from my server. Sometimes, I upload database manipulati
ID: 661224 • Letter: I
Question
I have a web site hosted from my server. Sometimes, I upload database manipulation scripts to a folder which is three levels deep in the website and run them using my web browser. These scripts should not be accessed by outside users and I remove them within hours of uploading them. Is there a risk that these scripts will be found or crawled if no other page links to them? If so, then how can they be discovered?
I also have a test sub-domain located at user.mysite.com. Is it possible for outsiders that do not know the sub domain to discover the existence of the sub domain?
Explanation / Answer
I see four possibilities to path leak
1) bruteforce
2) malware on your host
3) accident =) you can share this path to someone or forgot to delete, or link this from some place by accident.
4) google chrome =) because google use information from chrome (and probably ff) to feed crawler
same thing is about dns. Relying on path is bad practice.