Added path traversal

maurosoria · Oct 24, 2024 · 0256509 · 0256509
1 parent b03f12d
commit 0256509
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 3 deletions.
diff --git a/db/400_blacklist.txt b/db/400_blacklist.txt
@@ -1,8 +1,9 @@
 %2e%2e//google.com
 %ff
+%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
 %2e%2e;/test
 %3f/
 %C0%AE%C0%AE%C0%AF
-.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
+../../../../../../etc/passwd
 ..;/
 cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
diff --git a/db/403_blacklist.txt b/db/403_blacklist.txt
@@ -1,8 +1,9 @@
 %2e%2e//google.com
 %ff
+%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
 %2e%2e;/test
 %3f/
 %C0%AE%C0%AE%C0%AF
-.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
+../../../../../../etc/passwd
 ..;/
 cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
diff --git a/db/500_blacklist.txt b/db/500_blacklist.txt
@@ -1,6 +1,8 @@
 %ff
+%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
 %3f/
 %C0%AE%C0%AE%C0%AF
 %2e%2e;/test
+../../../../../../etc/passwd
 ..;/
 
diff --git a/db/dicc.txt b/db/dicc.txt
@@ -2,6 +2,7 @@
 !.htaccess
 !.htpasswd
 %2e%2e//google.com
+%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
 %2e%2e;/test
 %3f/
 %C0%AE%C0%AE%C0%AF
@@ -38,7 +39,7 @@
 +CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua
 +CSCOT+/translation
 +CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../
-.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
+../../../../../../etc/passwd
 ..;/
 .0
 .7z