Not that long ago I visited a client who was having repeated issues with getting hacked.
This being a white hat exercise (ethical hacking) I began by running a code scanner across the board to see what it would find.
Simultaneously I looked at the webroot of their web application servers.
As you may well know, when you do a ctrl-c and then a ctrl-v on a file it ends up looking like this: “nameoffile – Copy”. Do it again on the copied file and it looks like this: “nameoffile – Copy – Copy”.
To my horror I found multiple instances of this. To make matters worse they were PHP (v4!!!) files that contained database connection strings in clear code.
Subsequently it was discovered that multiple versions of multiple files that were out of date were low hanging fruit for hackers.
Advice for security professionals/SQA engineers – do not just test your web applications from the front end. Have at it from Dub Dub Dub (www, webroot).
The best of enumeration tools like the OWASP DirBuster are not going to find “nameoffile – Copy”. Especially not “nameoffile – Copy – Copy”.
Does this remove legitimacy from the penetration testing effort if you have complete access to the file system?
What if a thief gets in through other means and gets access?
The bottom line is that your webroot should be clean, sanitized and scrutinized. Cleansed.
What you do not know about is what can cause a serious breach of security.