One of my co-workers and I do web development on the side (independently, for the most part), and we double-check each other's work from a pseudo-pentesting standpoint. (The mandatory "I have permission and it's not that I'm up to no good" introduction!)
Anyway, he has set up a few very basic directories (simple html site), but what is perplexing me is this:
domain.com/main/index.html is the landing page for "domain.com", and it appears with the full path in the address bar.
domain.com/main/contact.html, etc are the rest of the "public" pages
domain.com/members is protected with .htpasswd, and is basically the same as the main directory
"domain.com/terms-of-service" doesn't have a file extension. When I tried various extensions, it got even stranger:
.html shows the correct page, while .htm, .cfm, .asp/x, etc all result in a 404 error...
domain.com/terms-of-service.php" results in a blank white page with "No input file specified", and the URL in the TITLE area.
I'm still trying to wrap my head around this before I see him Monday and have to admit defeat... any thoughts? Do you think this could pose a weakness?