To illustrate how a penetration tester can take advantage of robots.txt, we will use vicnum, a vulnerable web application in vm_1, which contains three number and word guessing games. We will use information obtained through robots.txt to increase our chances of winning those games:
- Browse to http://192.168.56.11/vicnum/.
- Now, we add robots.txt to the URL and we will see the following:
This file tells search engines that the indexing of the directories jotto and cgi-bin is not allowed for every browser (User-agent). However, this doesn't mean that we cannot browse them.
- Let's browse to http://192.168.56.11/vicnum/cgi-bin/:
We can click and navigate directly to any of the Perl scripts (.pl files) in this directory.
- Let's browse to http://192.168.56.11/vicnum/jotto/.
- Click on the file named jotto. You will see something similar to the
following screenshot:
jotto is a game about guessing five-character words; could this be the list of possible answers? Play the game using words in that list as answers. We have already hacked the game: