4 www-data > david

Reading https://www.gsp.com/cgi-bin/man.cgi?section=8&topic=NHTTPD#HOMEDIRS

Trying out http://traverxec.htb/~david/ Not allowed.

# HOMEDIRS [OPTIONAL]
homedirs                /home
homedirs_public         public_www

means public_www is what is served via nostromo.

Trying out /home/~david/public_www

cd /home/david/public_www
ls -la
total 16
drwxr-xr-x 3 david david 4096 Oct 25  2019 .
drwx--x--x 5 david david 4096 Oct 25  2019 ..
-rw-r--r-- 1 david david  402 Oct 25  2019 index.html
drwxr-xr-x 2 david david 4096 Oct 25  2019 protected-file-area

cd protected-file-area
ls -la
total 16
drwxr-xr-x 2 david david 4096 Oct 25  2019 .
drwxr-xr-x 3 david david 4096 Oct 25  2019 ..
-rw-r--r-- 1 david david   45 Oct 25  2019 .htaccess
-rw-r--r-- 1 david david 1915 Oct 25  2019 backup-ssh-identity-files.tgz
cat .htaccess
realm David's Protected File Area. Keep out!

Transferring backup-ssh-identity-files.tgz over to kali

Previous5 david > rootNext3 box enum

Last updated