what is a auth_user_file.txt?


I was reading about a security vulnerability and found that a lot of sites are having this file crawled and appearing in search results. It appears to be important but I don't know what it does/contains and I can't seem to find any information on it out there. Every search I do on the file returns results about the vulnerability.

What is this file, what does it contain, and what is it purpose?


Answers:


I assume that those crawlers are looking for auth_user_file.txt because its name is probably given in some tutorial for Apache's mod_authn_file module; when an admin makes the mistake of putting the file in the webserver's DOCROOT, then it is free for downloading by anyone who asks.

Once an attacker downloads the file, they can brute-force the password hashes, and gain access to the server's resources using the broken password and stolen username. (Or, maybe they'll just guess passwords based on the list of known good usernames; people have a habit of picking password and abc123...)