diff --git a/Payloads/File-Names/README.md b/Payloads/File-Names/README.md new file mode 100644 index 00000000..411197ab --- /dev/null +++ b/Payloads/File-Names/README.md @@ -0,0 +1,35 @@ +## directory-traversal.zip + +This zip file containes files with filenames for directory traversal: + +- `..::..::;` +- `..::;` +- `..:;` +- `..;` +- `..;:` +- `..\:;` +- `.:..:` +- `.:..:;` +- `.:;` +- `.;` +- `.;:` +- `:..:;` +- `::..::;` +- `:;` +- `;` +- `;:` +- `;\:` + +> It's impossible to unzip this file on Windows, due to their arbitrary filename restrictions. It's possible to unzip it in WSL though. + + +## max-length.zip + +This zip file containes files with long filenames for testing buffer overflow vulnerabilities, or error-based access control vulnerabilities. This zip also includes a script to generate arbitrarily long filenames. + + +- `AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.php.gif` +- `AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA` +- `make-255.sh` + +> It's impossible to unzip this file on Windows, due to their arbitrary filename restrictions. It's possible to unzip it in WSL though. diff --git a/Payloads/File-Names/directory-traversal.zip b/Payloads/File-Names/directory-traversal.zip new file mode 100644 index 00000000..42111c36 Binary files /dev/null and b/Payloads/File-Names/directory-traversal.zip differ diff --git a/Payloads/File-Names/max-length.zip b/Payloads/File-Names/max-length.zip new file mode 100644 index 00000000..f91af979 Binary files /dev/null and b/Payloads/File-Names/max-length.zip differ diff --git a/Payloads/File-Names/max-length/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA b/Payloads/File-Names/max-length/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA deleted file mode 100644 index 4393b9d5..00000000 --- a/Payloads/File-Names/max-length/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +++ /dev/null @@ -1 +0,0 @@ -python -c 'print "A" *232' diff --git a/Payloads/File-Names/max-length/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.php.gif b/Payloads/File-Names/max-length/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.php.gif deleted file mode 100644 index 3ab5b05b..00000000 --- a/Payloads/File-Names/max-length/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.php.gif +++ /dev/null @@ -1,2 +0,0 @@ -GIF8; - diff --git a/Payloads/File-Names/max-length/make-255.sh b/Payloads/File-Names/max-length/make-255.sh deleted file mode 100755 index 80ec62b0..00000000 --- a/Payloads/File-Names/max-length/make-255.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh -#$ msf-pattern_create -l 255 -touch Aa0Aa1Aa2Aa3Aa4Aa5Aa6Aa7Aa8Aa9Ab0Ab1Ab2Ab3Ab4Ab5Ab6Ab7Ab8Ab9Ac0Ac1Ac2Ac3Ac4Ac5Ac6Ac7Ac8Ac9Ad0Ad1Ad2Ad3Ad4Ad5Ad6Ad7Ad8Ad9Ae0Ae1Ae2Ae3Ae4Ae5Ae6Ae7Ae8Ae9Af0Af1Af2Af3Af4Af5Af6Af7Af8Af9Ag0Ag1Ag2Ag3Ag4Ag5Ag6Ag7Ag8Ag9Ah0Ah1Ah2Ah3Ah4Ah5Ah6Ah7Ah8Ah9Ai0Ai1Ai2Ai3Ai4 - -echo 'GIF8;' > Aa0Aa1Aa2Aa3Aa4Aa5Aa6Aa7Aa8Aa9Ab0Ab1Ab2Ab3Ab4Ab5Ab6Ab7Ab8Ab9Ac0Ac1Ac2Ac3Ac4Ac5Ac6Ac7Ac8Ac9Ad0Ad1Ad2Ad3Ad4Ad5Ad6Ad7Ad8Ad9Ae0Ae1Ae2Ae3Ae4Ae5Ae6Ae7Ae8Ae9Af0Af1Af2Af3Af4Af5Af6Af7Af8Af9Ag0Ag1Ag2Ag3Ag4Ag5Ag6Ag7Ag8Ag9Ah0Ah1Ah2Ah3Ah4Ah5Ah6Ah7Ah8Ah9Ai0Ai1Ai2Ai.gif - -echo '' > Aa0Aa1Aa2Aa3Aa4Aa5Aa6Aa7Aa8Aa9Ab0Ab1Ab2Ab3Ab4Ab5Ab6Ab7Ab8Ab9Ac0Ac1Ac2Ac3Ac4Ac5Ac6Ac7Ac8Ac9Ad0Ad1Ad2Ad3Ad4Ad5Ad6Ad7Ad8Ad9Ae0Ae1Ae2Ae3Ae4Ae5Ae6Ae7Ae8Ae9Af0Af1Af2Af3Af4Af5Af6Af7Af8Af9Ag0Ag1Ag2Ag3Ag4Ag5Ag6Ag7Ag8Ag9Ah0Ah1Ah2Ah3Ah4Ah5Ah6Ah7Ah8Ah9Ai0Ai1Ai2Ai.php diff --git a/Payloads/File-Names/traversal/..::..::; b/Payloads/File-Names/traversal/..::..::; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/..::..::; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/..::; b/Payloads/File-Names/traversal/..::; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/..::; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/..:; b/Payloads/File-Names/traversal/..:; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/..:; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/..; b/Payloads/File-Names/traversal/..; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/..; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/..;: b/Payloads/File-Names/traversal/..;: deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/..;: +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git "a/Payloads/File-Names/traversal/..\\:;" "b/Payloads/File-Names/traversal/..\\:;" deleted file mode 100644 index 557db03d..00000000 --- "a/Payloads/File-Names/traversal/..\\:;" +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/.:..: b/Payloads/File-Names/traversal/.:..: deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/.:..: +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/.:..:; b/Payloads/File-Names/traversal/.:..:; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/.:..:; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/.:; b/Payloads/File-Names/traversal/.:; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/.:; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/.; b/Payloads/File-Names/traversal/.; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/.; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/.;: b/Payloads/File-Names/traversal/.;: deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/.;: +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/:..:; b/Payloads/File-Names/traversal/:..:; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/:..:; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/::..::; b/Payloads/File-Names/traversal/::..::; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/::..::; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/:; b/Payloads/File-Names/traversal/:; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/:; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/; b/Payloads/File-Names/traversal/; deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/; +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/File-Names/traversal/;: b/Payloads/File-Names/traversal/;: deleted file mode 100644 index 557db03d..00000000 --- a/Payloads/File-Names/traversal/;: +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git "a/Payloads/File-Names/traversal/;\\:" "b/Payloads/File-Names/traversal/;\\:" deleted file mode 100644 index 557db03d..00000000 --- "a/Payloads/File-Names/traversal/;\\:" +++ /dev/null @@ -1 +0,0 @@ -Hello World diff --git a/Payloads/PHPInfo.zip b/Payloads/PHPInfo.zip new file mode 100644 index 00000000..eea07d7c Binary files /dev/null and b/Payloads/PHPInfo.zip differ diff --git a/Payloads/PHPInfo/make-aio.sh b/Payloads/PHPInfo/make-aio.sh deleted file mode 100755 index 916c604d..00000000 --- a/Payloads/PHPInfo/make-aio.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh -zip phpinfo-aio.zip phpinfo*.{p*,txt,jp*g,gif} - -tar -cvf phpinfo-aio.tar phpinfo*.{p*,txt,jp*g,gif} - diff --git a/Payloads/PHPInfo/phpinfo-aio.tar b/Payloads/PHPInfo/phpinfo-aio.tar deleted file mode 100644 index 10898d55..00000000 Binary files a/Payloads/PHPInfo/phpinfo-aio.tar and /dev/null differ diff --git a/Payloads/PHPInfo/phpinfo-aio.zip b/Payloads/PHPInfo/phpinfo-aio.zip deleted file mode 100644 index 151f5c87..00000000 Binary files a/Payloads/PHPInfo/phpinfo-aio.zip and /dev/null differ diff --git a/Payloads/PHPInfo/phpinfo-metadata.gif b/Payloads/PHPInfo/phpinfo-metadata.gif deleted file mode 100644 index 67f5d453..00000000 Binary files a/Payloads/PHPInfo/phpinfo-metadata.gif and /dev/null differ diff --git a/Payloads/PHPInfo/phpinfo-metadata.jpg b/Payloads/PHPInfo/phpinfo-metadata.jpg deleted file mode 100644 index 580cf6f1..00000000 Binary files a/Payloads/PHPInfo/phpinfo-metadata.jpg and /dev/null differ diff --git a/Payloads/PHPInfo/phpinfo-shortsyntax.php b/Payloads/PHPInfo/phpinfo-shortsyntax.php deleted file mode 100644 index 52801137..00000000 --- a/Payloads/PHPInfo/phpinfo-shortsyntax.php +++ /dev/null @@ -1,3 +0,0 @@ -//tested on 7.2 -// even with short_open_tag=0 - diff --git "a/Payloads/PHPInfo/phpinfo.\"\"gif" "b/Payloads/PHPInfo/phpinfo.\"\"gif" deleted file mode 100644 index fc4c7547..00000000 --- "a/Payloads/PHPInfo/phpinfo.\"\"gif" +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git "a/Payloads/PHPInfo/phpinfo.\"gif" "b/Payloads/PHPInfo/phpinfo.\"gif" deleted file mode 100644 index fc4c7547..00000000 --- "a/Payloads/PHPInfo/phpinfo.\"gif" +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git a/Payloads/PHPInfo/phpinfo.''gif b/Payloads/PHPInfo/phpinfo.''gif deleted file mode 100644 index fc4c7547..00000000 --- a/Payloads/PHPInfo/phpinfo.''gif +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git a/Payloads/PHPInfo/phpinfo.'gif b/Payloads/PHPInfo/phpinfo.'gif deleted file mode 100644 index fc4c7547..00000000 --- a/Payloads/PHPInfo/phpinfo.'gif +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git a/Payloads/PHPInfo/phpinfo.jpg.php b/Payloads/PHPInfo/phpinfo.jpg.php deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.jpg.php +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.php b/Payloads/PHPInfo/phpinfo.php deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.php +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.php-1.gif b/Payloads/PHPInfo/phpinfo.php-1.gif deleted file mode 100644 index fc4c7547..00000000 --- a/Payloads/PHPInfo/phpinfo.php-1.gif +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git a/Payloads/PHPInfo/phpinfo.php-2.gif b/Payloads/PHPInfo/phpinfo.php-2.gif deleted file mode 100644 index 4872e8d7..00000000 --- a/Payloads/PHPInfo/phpinfo.php-2.gif +++ /dev/null @@ -1 +0,0 @@ -GIF89a1 diff --git "a/Payloads/PHPInfo/phpinfo.php.\"\"gif" "b/Payloads/PHPInfo/phpinfo.php.\"\"gif" deleted file mode 100644 index fc4c7547..00000000 --- "a/Payloads/PHPInfo/phpinfo.php.\"\"gif" +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git "a/Payloads/PHPInfo/phpinfo.php.\"gif" "b/Payloads/PHPInfo/phpinfo.php.\"gif" deleted file mode 100644 index fc4c7547..00000000 --- "a/Payloads/PHPInfo/phpinfo.php.\"gif" +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git a/Payloads/PHPInfo/phpinfo.php.''gif b/Payloads/PHPInfo/phpinfo.php.''gif deleted file mode 100644 index fc4c7547..00000000 --- a/Payloads/PHPInfo/phpinfo.php.''gif +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git a/Payloads/PHPInfo/phpinfo.php.'gif b/Payloads/PHPInfo/phpinfo.php.'gif deleted file mode 100644 index fc4c7547..00000000 --- a/Payloads/PHPInfo/phpinfo.php.'gif +++ /dev/null @@ -1,2 +0,0 @@ -GIF89a1 - diff --git a/Payloads/PHPInfo/phpinfo.php3 b/Payloads/PHPInfo/phpinfo.php3 deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.php3 +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.php4 b/Payloads/PHPInfo/phpinfo.php4 deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.php4 +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.php5 b/Payloads/PHPInfo/phpinfo.php5 deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.php5 +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.php7 b/Payloads/PHPInfo/phpinfo.php7 deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.php7 +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.php;.txt b/Payloads/PHPInfo/phpinfo.php;.txt deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.php;.txt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.phpt b/Payloads/PHPInfo/phpinfo.phpt deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.phpt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.pht b/Payloads/PHPInfo/phpinfo.pht deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.pht +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.phtml b/Payloads/PHPInfo/phpinfo.phtml deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.phtml +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/PHPInfo/phpinfo.txt b/Payloads/PHPInfo/phpinfo.txt deleted file mode 100644 index 147cebcd..00000000 --- a/Payloads/PHPInfo/phpinfo.txt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/Payloads/README.md b/Payloads/README.md index 121453de..9e29f748 100644 --- a/Payloads/README.md +++ b/Payloads/README.md @@ -44,4 +44,39 @@ IE9: http://0me.me/demo/xss/xssproject.swf?js=w=window.open(‘invalidfileinvali ## POC_img_phpinfo File -Outlined here: https://www.secgeek.net/bookfresh-vulnerability/ \ No newline at end of file +Outlined here: https://www.secgeek.net/bookfresh-vulnerability/ + + +## PHPInfo.zip + +This zip file containes files with filenames for bypassing blacklists and accessing `phpinfo.php`: + +- ` make-aio.sh` +- ` phpinfo-aio.tar` +- ` phpinfo-aio.zip` +- `'phpinfo.""gif'` +- `'phpinfo."gif'` +- `"phpinfo.''gif"` +- `"phpinfo.'gif"` +- ` phpinfo.jpg.php` +- ` phpinfo-metadata.gif` +- ` phpinfo-metadata.jpg` +- ` phpinfo.php` +- ` phpinfo.php-1.gif` +- ` phpinfo.php-2.gif` +- ` phpinfo.php3` +- ` phpinfo.php4` +- ` phpinfo.php5` +- ` phpinfo.php7` +- `'phpinfo.php.""gif'` +- `'phpinfo.php."gif'` +- `"phpinfo.php.''gif"` +- `"phpinfo.php.'gif"` +- ` phpinfo.phpt` +- `'phpinfo.php;.txt'` +- ` phpinfo.pht` +- ` phpinfo.phtml` +- ` phpinfo-shortsyntax.php` +- ` phpinfo.txt` + +It's impossible to unzip this file on Windows, due to their arbitrary filename restrictions. It's possible to unzip it in WSL though.