From ea352ed2ce39a3b5a8a0d58d4afdfa7807846ab7 Mon Sep 17 00:00:00 2001 From: toxydose Date: Fri, 7 Dec 2018 16:22:34 +0200 Subject: [PATCH] - sorted alphabetically - removed duplicates - merged unique with "ColdFusion.fuzz2.txt" - deleted "ColdFusion.fuzz2.txt" --- Discovery/Web-Content/CMS/ColdFusion.fuzz.txt | 196 ++++++++++++----- .../Web-Content/CMS/ColdFusion.fuzz2.txt | 203 ------------------ 2 files changed, 144 insertions(+), 255 deletions(-) delete mode 100644 Discovery/Web-Content/CMS/ColdFusion.fuzz2.txt diff --git a/Discovery/Web-Content/CMS/ColdFusion.fuzz.txt b/Discovery/Web-Content/CMS/ColdFusion.fuzz.txt index 551dd4c..0ff8e19 100644 --- a/Discovery/Web-Content/CMS/ColdFusion.fuzz.txt +++ b/Discovery/Web-Content/CMS/ColdFusion.fuzz.txt @@ -1,16 +1,86 @@ +/%00.cfm +/%2500.cfm +/404_106321.cfm +/admin/index.cfm?fuseaction=cLogin.main +/blazeds/messagebroker/http +/blazeds/messagebroker/httpsecure +/bluedragon/admin.cfm +/bluedragon.xml +/bluedragon.xml.bak.1 +/cfappman/index.cfm +/cfdocs/cfcache.map +/cfdocs/cfmlsyntaxcheck.cfm +/cfdocs/dochome.htm +/cfdocs/exampleapp/docs/sourcewindow.cfm +/cfdocs/exampleapp/docs/sourcewindow.cfm? +/cfdocs/exampleapp/email/application.cfm +/cfdocs/exampleapp/email/getfile.cfm? +/cfdocs/exampleapp/email/getfile.cfm?filename=c:\\boot.ini +/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini +/cfdocs/exampleapp/publish/admin/addcontent.cfm +/cfdocs/exampleapp/publish/admin/application.cfm +/cfdocs/exampleapps/sorry.htm +/cfdocs/examples/cvbeans/beaninfo.cfm +/cfdocs/examples/httpclient/mainframeset.cfm/CFIDE/Administrator/ +/cfdocs/examples/parks/detail.cfm +/cfdocs/expelval/openfile.cfm +/cfdocs/expeval/displayopenedfile.cfm +/cfdocs/expeval/eval.cfm +/cfdocs/expeval/exprcalc.cfm +/cfdocs/expeval/exprcalc.cfm? +/cfdocs/expeval/openfile.cfm +/cfdocs/expeval/sendmail.cfm +/cfdocs/expressions.cfm +/cfdocs/MOLE.CFM +/cfdocs/root.cfm +/cfdocs/snippets/evaluate.cfm +/cfdocs/snippets/fileexists.cfm +/cfdocs/snippets/gettempdirectory.cfm +/cfdocs/snippets/viewexample.cfm +/cfdocs/TOXIC.CFM +/cfdocs/zero.cfm +/CFFileServlet/ +/CFFormGateway/ +/cfform-internal +/CFIDE/adminapi/ +/CFIDE/adminapi/administrator.cfc +/CFIDE/adminapi/Application.cfm +/CFIDE/adminapi/base.cfc +/CFIDE/adminapi/base.cfc?wsdl +/CFIDE/adminapi/customtags/ +/CFIDE/adminapi/customtags/l10n.cfm +/CFIDE/adminapi/customtags/resources +/CFIDE/adminapi/customtags/resources/ +/CFIDE/adminapi/_datasource/ +/CFIDE/adminapi/datasource.cfc +/CFIDE/adminapi/_datasource/formatjdbcurl.cfm +/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm +/CFIDE/adminapi/_datasource/geturldefaults.cfm +/CFIDE/adminapi/_datasource/setdsn.cfm +/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm +/CFIDE/adminapi/_datasource/setsldatasource.cfm +/CFIDE/adminapi/debugging.cfc +/CFIDE/adminapi/eventgateway.cfc +/CFIDE/adminapi/extensions.cfc +/CFIDE/adminapi/mail.cfc +/CFIDE/adminapi/runtime.cfc +/CFIDE/adminapi/security.cfc /CFIDE/Administrator/ -/CFIDE/Administrator/Application.cfm -/CFIDE/Administrator/index.cfm /CFIDE/administrator/aboutcf.cfm +/CFIDE/Administrator/Application.cfm /CFIDE/Administrator/checkfile.cfm /CFIDE/Administrator/enter.cfm /CFIDE/Administrator/header.cfm /CFIDE/Administrator/homefile.cfm /CFIDE/Administrator/homepage.cfm +/CFIDE/administrator/index.cfm +/CFIDE/Administrator/index.cfm +/CFIDE/administrator/logging/settings.cfm?locale=../../../../sha1.js%00en /CFIDE/Administrator/login.cfm /CFIDE/Administrator/logout.cfm /CFIDE/Administrator/navserver.cfm /CFIDE/Administrator/right.cfm +/cfide/Administrator/startstop.html /CFIDE/Administrator/tabs.cfm /CFIDE/Administrator/welcome.cfm /CFIDE/Administrator/welcomedoc.cfm @@ -18,89 +88,61 @@ /CFIDE/Administrator/welcomefooter.cfm /CFIDE/Administrator/welcomegetstart.cfm /CFIDE/Application.cfm -/CFIDE/adminapi/ -/CFIDE/adminapi/Application.cfm -/CFIDE/adminapi/_datasource/ -/CFIDE/adminapi/_datasource/formatjdbcurl.cfm -/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm -/CFIDE/adminapi/_datasource/geturldefaults.cfm -/CFIDE/adminapi/_datasource/setdsn.cfm -/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm -/CFIDE/adminapi/_datasource/setsldatasource.cfm -/CFIDE/adminapi/administrator.cfc -/CFIDE/adminapi/base.cfc -/CFIDE/adminapi/customtags/ -/CFIDE/adminapi/customtags/l10n.cfm -/CFIDE/adminapi/customtags/resources -/CFIDE/adminapi/customtags/resources/ -/CFIDE/adminapi/datasource.cfc -/CFIDE/adminapi/debugging.cfc -/CFIDE/adminapi/eventgateway.cfc -/CFIDE/adminapi/extensions.cfc -/CFIDE/adminapi/mail.cfc -/CFIDE/adminapi/runtime.cfc -/CFIDE/adminapi/security.cfc /CFIDE/classes/ -/CFIDE/classes/cf-j2re-win.cab /CFIDE/classes/cfapplets.jar +/CFIDE/classes/cf-j2re-win.cab /CFIDE/classes/images /CFIDE/componentutils/ /CFIDE/componentutils/Application.cfm -/CFIDE/componentutils/_component_cfcToHTML.cfm -/CFIDE/componentutils/_component_cfcToMCDL.cfm? -/CFIDE/componentutils/_component_style.cfm -/CFIDE/componentutils/_component_utils.cfm /CFIDE/componentutils/cfcexplorer.cfc /CFIDE/componentutils/cfcexplorer_utils.cfm +/CFIDE/componentutils/_component_cfcToHTML.cfm +/CFIDE/componentutils/_component_cfcToMCDL.cfm? /CFIDE/componentutils/componentdetail.cfm /CFIDE/componentutils/componentdoc.cfm /CFIDE/componentutils/componentlist.cfm +/CFIDE/componentutils/_component_style.cfm +/CFIDE/componentutils/_component_utils.cfm /CFIDE/componentutils/gatewaymenu /CFIDE/componentutils/gatewaymenu/ /CFIDE/componentutils/gatewaymenu/menu.cfc /CFIDE/componentutils/gatewaymenu/menunode.cfc /CFIDE/componentutils/login.cfm +/CFIDE/componentutils/login.cfm?_cf_containerID=blahblah' /CFIDE/componentutils/packagelist.cfm /CFIDE/componentutils/utils.cfc /CFIDE/debug/ +/CFIDE/debug/cf_debugFr.cfm +/CFIDE/debug/cf_debugFr.cfm?userPage=http%3A%2F%2Fgoogle.com /CFIDE/debug/images/ /CFIDE/debug/includes/ +/CFIDE/GraphData.cfm /CFIDE/images/ /CFIDE/images/skins/ /CFIDE/install.cfm /CFIDE/installers/ /CFIDE/installers/CFMX7DreamWeaverExtensions.mxp /CFIDE/installers/CFReportBuilderInstaller.exe +/CFIDE/main/ide.cfm /CFIDE/probe.cfm /CFIDE/scripts/ +/CFIDE/scripts/ajax/FCKeditor/editor/dialog/fck_about.html +/CFIDE/scripts/ajax/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.cfm +/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ +/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/cf_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ +/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/upload/cfm/upload.cfm +/CFIDE/scripts/ajax/FCKeditor/fckeditor.cfm +/CFIDE/scripts/cfform.js /CFIDE/scripts/css/ /CFIDE/scripts/xsl/ /CFIDE/wizards/ /CFIDE/wizards/common/ +/CFIDE/wizards/common/_authenticatewizarduser.cfm +/CFIDE/wizards/common/_logintowizard.cfm +/CFIDE/wizards/common/_logintowizard.cfm?<\"'> +/CFIDE/wizards/common/_logintowizard.cfm?%3C%22'%3E /CFIDE/wizards/common/utils.cfc -/cfappman/index.cfm -/cfdocs/MOLE.CFM -/cfdocs/TOXIC.CFM -/cfdocs/cfmlsyntaxcheck.cfm -/cfdocs/exampleapp/docs/sourcewindow.cfm -/cfdocs/exampleapp/email/application.cfm -/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini -/cfdocs/exampleapp/publish/admin/addcontent.cfm -/cfdocs/exampleapp/publish/admin/application.cfm -/cfdocs/examples/cvbeans/beaninfo.cfm -/cfdocs/examples/parks/detail.cfm -/cfdocs/expeval/displayopenedfile.cfm -/cfdocs/expeval/eval.cfm -/cfdocs/expeval/exprcalc.cfm -/cfdocs/expeval/openfile.cfm -/cfdocs/expeval/sendmail.cfm -/cfdocs/expressions.cfm -/cfdocs/root.cfm -/cfdocs/snippets/evaluate.cfm -/cfdocs/snippets/fileexists.cfm -/cfdocs/snippets/gettempdirectory.cfm -/cfdocs/snippets/viewexample.cfm -/cfdocs/zero.cfm +/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=389&vstart=&vusername=&vpassword=&returnformat=json /cfusion/cfapps/forums/data/forums.mdb /cfusion/cfapps/forums/forums_.mdb /cfusion/cfapps/security/data/realm.mdb @@ -109,3 +151,53 @@ /cfusion/database/cfsnippets.mdb /cfusion/database/cypress.mdb /cfusion/database/smpolicy.mdb +/cgi/cfdocs/expeval/ExprCalc.cfm? +/compass/logon.jsp +/databasenotes.html +/docs/showtemp.cfm? +/FCKeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ +/FCKeditor/editor/filemanager/connectors/cfm/cf_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ +/flash/java/javabean/FlashJavaBean.html +/flashservices/gateway +/flex2gateway/ +/flex2gateway/amf +/flex2gateway/amfpolling +/flex2gateway/cfamfpolling +/flex2gateway/http +/flex2gateway/httpsecure +/getFile.cfm +/index.cfm +/jrunscripts +/jstl-war/index.html +/lcds/messagebroker/http +/lcds/messagebroker/httpsecure +/lcds-samples/messagebroker/http +/lcds-samples/messagebroker/httpsecure +/manager/status +/messagebroker/http +/messagebroker/httpsecure +/_mmServerScripts/MMHTTPDB.php +/_mmServerScripts/MMSERVERINFO.cfm +/nul.dbm +/null.dbm +/page.cfm +/railo-context/admin/server.cfm +/railo-context/admin/web.cfm +/railo-context/templates/display/debugging-console.cfm +/railo-context/templates/display/debugging-console-output.cfm?requestID=1 +/railo-context/templates/display/debugging-console-output.cfm?requestID=1&_debug_action=store +/railo-context/test.cfm +/samples/messagebroker/http +/samples/messagebroker/httpsecure +/script/databases/makered97.mdb +/script/databases/makered.mdb +/SmarTicketApp/index.html +/techniques/servlets/index.html +/travelnet/home.jsp +/version.txt +/WEB-INF/webapp.properties +/WEB-INF/web.xml +/worldmusic/action/catalog +/worldmusic/action/cdlist +/ws-client/loanCalculation.jsp +/WSRPProducer/ diff --git a/Discovery/Web-Content/CMS/ColdFusion.fuzz2.txt b/Discovery/Web-Content/CMS/ColdFusion.fuzz2.txt deleted file mode 100644 index aec52cf..0000000 --- a/Discovery/Web-Content/CMS/ColdFusion.fuzz2.txt +++ /dev/null @@ -1,203 +0,0 @@ -/%00.cfm -/%2500.cfm -/404_106321.cfm -/_mmServerScripts/MMHTTPDB.php -/_mmServerScripts/MMSERVERINFO.cfm -/admin/index.cfm?fuseaction=cLogin.main -/blazeds/messagebroker/http -/blazeds/messagebroker/httpsecure -/bluedragon.xml -/bluedragon.xml.bak.1 -/bluedragon/admin.cfm -/cfappman/index.cfm -/cfdocs/cfcache.map -/cfdocs/cfmlsyntaxcheck.cfm -/cfdocs/dochome.htm -/cfdocs/exampleapp/docs/sourcewindow.cfm -/cfdocs/exampleapp/docs/sourcewindow.cfm? -/cfdocs/exampleapp/email/application.cfm -/cfdocs/exampleapp/email/getfile.cfm? -/cfdocs/exampleapp/email/getfile.cfm?filename=c:\\boot.ini -/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini -/cfdocs/exampleapp/publish/admin/addcontent.cfm -/cfdocs/exampleapp/publish/admin/application.cfm -/cfdocs/exampleapps/sorry.htm -/cfdocs/examples/cvbeans/beaninfo.cfm -/cfdocs/examples/httpclient/mainframeset.cfm/CFIDE/Administrator/ -/cfdocs/examples/parks/detail.cfm -/cfdocs/expelval/openfile.cfm -/cfdocs/expeval/displayopenedfile.cfm -/cfdocs/expeval/eval.cfm -/cfdocs/expeval/exprcalc.cfm -/cfdocs/expeval/exprcalc.cfm? -/cfdocs/expeval/openfile.cfm -/cfdocs/expeval/sendmail.cfm -/cfdocs/expressions.cfm -/cfdocs/MOLE.CFM -/cfdocs/root.cfm -/cfdocs/snippets/evaluate.cfm -/cfdocs/snippets/fileexists.cfm -/cfdocs/snippets/gettempdirectory.cfm -/cfdocs/snippets/viewexample.cfm -/cfdocs/TOXIC.CFM -/cfdocs/zero.cfm -/CFFileServlet/ -/cfform-internal -/CFFormGateway/ -/CFIDE/adminapi/ -/CFIDE/adminapi/_datasource/ -/CFIDE/adminapi/_datasource/formatjdbcurl.cfm -/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm -/CFIDE/adminapi/_datasource/geturldefaults.cfm -/CFIDE/adminapi/_datasource/setdsn.cfm -/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm -/CFIDE/adminapi/_datasource/setsldatasource.cfm -/CFIDE/adminapi/administrator.cfc -/CFIDE/adminapi/Application.cfm -/CFIDE/adminapi/base.cfc -/CFIDE/adminapi/base.cfc?wsdl -/CFIDE/adminapi/customtags/ -/CFIDE/adminapi/customtags/l10n.cfm -/CFIDE/adminapi/customtags/resources -/CFIDE/adminapi/customtags/resources/ -/CFIDE/adminapi/datasource.cfc -/CFIDE/adminapi/debugging.cfc -/CFIDE/adminapi/eventgateway.cfc -/CFIDE/adminapi/extensions.cfc -/CFIDE/adminapi/mail.cfc -/CFIDE/adminapi/runtime.cfc -/CFIDE/adminapi/security.cfc -/CFIDE/Administrator/ -/CFIDE/administrator/aboutcf.cfm -/CFIDE/Administrator/Application.cfm -/CFIDE/Administrator/checkfile.cfm -/CFIDE/Administrator/enter.cfm -/CFIDE/Administrator/header.cfm -/CFIDE/Administrator/homefile.cfm -/CFIDE/Administrator/homepage.cfm -/CFIDE/administrator/index.cfm -/CFIDE/Administrator/index.cfm -/CFIDE/administrator/logging/settings.cfm?locale=../../../../sha1.js%00en -/CFIDE/Administrator/login.cfm -/CFIDE/Administrator/logout.cfm -/CFIDE/Administrator/navserver.cfm -/CFIDE/Administrator/right.cfm -/cfide/Administrator/startstop.html -/CFIDE/Administrator/tabs.cfm -/CFIDE/Administrator/welcome.cfm -/CFIDE/Administrator/welcomedoc.cfm -/CFIDE/Administrator/welcomeexapps.cfm -/CFIDE/Administrator/welcomefooter.cfm -/CFIDE/Administrator/welcomegetstart.cfm -/CFIDE/Application.cfm -/CFIDE/classes/ -/CFIDE/classes/cf-j2re-win.cab -/CFIDE/classes/cfapplets.jar -/CFIDE/classes/images -/CFIDE/componentutils/ -/CFIDE/componentutils/_component_cfcToHTML.cfm -/CFIDE/componentutils/_component_cfcToMCDL.cfm? -/CFIDE/componentutils/_component_style.cfm -/CFIDE/componentutils/_component_utils.cfm -/CFIDE/componentutils/Application.cfm -/CFIDE/componentutils/cfcexplorer.cfc -/CFIDE/componentutils/cfcexplorer_utils.cfm -/CFIDE/componentutils/componentdetail.cfm -/CFIDE/componentutils/componentdoc.cfm -/CFIDE/componentutils/componentlist.cfm -/CFIDE/componentutils/gatewaymenu -/CFIDE/componentutils/gatewaymenu/ -/CFIDE/componentutils/gatewaymenu/menu.cfc -/CFIDE/componentutils/gatewaymenu/menunode.cfc -/CFIDE/componentutils/login.cfm -/CFIDE/componentutils/login.cfm?_cf_containerID=blahblah' -/CFIDE/componentutils/packagelist.cfm -/CFIDE/componentutils/utils.cfc -/CFIDE/debug/ -/CFIDE/debug/cf_debugFr.cfm -/CFIDE/debug/cf_debugFr.cfm?userPage=http%3A%2F%2Fgoogle.com -/CFIDE/debug/images/ -/CFIDE/debug/includes/ -/CFIDE/GraphData.cfm -/CFIDE/images/ -/CFIDE/images/skins/ -/CFIDE/install.cfm -/CFIDE/installers/ -/CFIDE/installers/CFMX7DreamWeaverExtensions.mxp -/CFIDE/installers/CFReportBuilderInstaller.exe -/CFIDE/main/ide.cfm -/CFIDE/probe.cfm -/CFIDE/scripts/ -/CFIDE/scripts/ajax/FCKeditor/editor/dialog/fck_about.html -/CFIDE/scripts/ajax/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.cfm -/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ -/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/cf_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ -/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/upload/cfm/upload.cfm -/CFIDE/scripts/ajax/FCKeditor/fckeditor.cfm -/CFIDE/scripts/cfform.js -/CFIDE/scripts/css/ -/CFIDE/scripts/xsl/ -/CFIDE/wizards/ -/CFIDE/wizards/common/ -/CFIDE/wizards/common/_authenticatewizarduser.cfm -/CFIDE/wizards/common/_logintowizard.cfm -/CFIDE/wizards/common/_logintowizard.cfm?%3C%22'%3E -/CFIDE/wizards/common/_logintowizard.cfm?<\"'> -/CFIDE/wizards/common/utils.cfc -/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=389&vstart=&vusername=&vpassword=&returnformat=json -/cfusion/cfapps/forums/data/forums.mdb -/cfusion/cfapps/forums/forums_.mdb -/cfusion/cfapps/security/data/realm.mdb -/cfusion/cfapps/security/realm_.mdb -/cfusion/database/cfexamples.mdb -/cfusion/database/cfsnippets.mdb -/cfusion/database/cypress.mdb -/cfusion/database/smpolicy.mdb -/cgi/cfdocs/expeval/ExprCalc.cfm? -/compass/logon.jsp -/databasenotes.html -/docs/showtemp.cfm? -/FCKeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ -/FCKeditor/editor/filemanager/connectors/cfm/cf_connector.cfm?command=GetFoldersAndFiles&type=Image¤tFolder=/ -/flash/java/javabean/FlashJavaBean.html -/flashservices/gateway -/flex2gateway/ -/flex2gateway/amf -/flex2gateway/amfpolling -/flex2gateway/cfamfpolling -/flex2gateway/http -/flex2gateway/httpsecure -/getFile.cfm -/index.cfm -/jrunscripts -/jstl-war/index.html -/lcds-samples/messagebroker/http -/lcds-samples/messagebroker/httpsecure -/lcds/messagebroker/http -/lcds/messagebroker/httpsecure -/manager/status -/messagebroker/http -/messagebroker/httpsecure -/nul.dbm -/null.dbm -/page.cfm -/railo-context/admin/server.cfm -/railo-context/admin/web.cfm -/railo-context/templates/display/debugging-console-output.cfm?requestID=1 -/railo-context/templates/display/debugging-console-output.cfm?requestID=1&_debug_action=store -/railo-context/templates/display/debugging-console.cfm -/railo-context/test.cfm -/samples/messagebroker/http -/samples/messagebroker/httpsecure -/script/databases/makered.mdb -/script/databases/makered97.mdb -/SmarTicketApp/index.html -/techniques/servlets/index.html -/travelnet/home.jsp -/version.txt -/WEB-INF/web.xml -/WEB-INF/webapp.properties -/worldmusic/action/catalog -/worldmusic/action/cdlist -/ws-client/loanCalculation.jsp -/WSRPProducer/