Google Search: +htpasswd +WS_FTP.LOG filetype:log
L0om rates this entry 6 out of 10.
Submitted: 2004-05-20 00:00:00
Added by: L0om
WS_FTP.LOG can be used in many ways to find more information about a server. This query is very flexible, just substitute “+htpasswd” for “+FILENAME” and you may get several hits that you hadn’t seen with the ‘normal’ search. Filenames suggested by the forum to explore are: phpinfo, admin, MySQL, password, htdocs, root, Cisco, Oracle, IIS, resume, inc, sql, users, mdb, frontpage, CMS, backend, https, editor, intranet . The list goes on and on..A different approach might be “allinurl: “some.host.com” WS_FTP.LOG filetype:log” which tells you more about who’s uploading files to a specific site.
2004-07-21 22:38:50 (warwick): BEWARE of viewing logs in your web browser!
Consider this GCIH Passing Practice: http://www.giac.org/practical/William_Bellamy_GCIH.zip
Granted this deals with weblogs but ya just never know what folks may put in these files.