renancouto/exploit-urls.md

Last active February 1, 2023 09:36

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/renancouto/0ad35842f1c536c1dbbe.js"></script>
Save renancouto/0ad35842f1c536c1dbbe to your computer and use it in GitHub Desktop.

Download ZIP

A collection of weird URLs that I think are used to exploit security vulnerabilities on web apps

Raw

exploit-urls.md

    /manager/html (Apache Tomcat)
http://123.249.24.233/POST_ip_port.php
/tmUnblock.cgi
/HNAP1/
/phpMyAdmin/scripts/setup.php (PHPMyAdmin)
/pma/scripts/setup.php
/myadmin/scripts/setup.php
/MyAdmin/scripts/setup.php
/vyvy/vyv/vy.php
/cgi-sys/php5
/cgi-bin/test-cgi
/cgi-bin/printenv
/cgi-bin/test.cgi
/cgi-bin/test.pl
/cgi-bin/test.sh
/cgi-bin/teste.pl
/cgi-bin/teste.cgi
/cgi-bin/teste.sh
/cgi-bin/print-env
/cgi-bin/print.pl
/cgi-bin/print.cgi
/cgi-bin/printenv.sh
/dpdp/dpd/dp.php
/upup/upu/up.php
/admin/fckeditor/editor/filemanager/browser/default/connectors/test.html
/web-console/ServerInfo.jsp
/vtigercrm/
/operator/basic.shtml (AXIS 206 Network Camera)
/secure/ltx_conf.htm (M30X / M306 Wireless Ethernet Monitor)
/syslog.htm (Linux?)


  

theLufenk commented Jul 7, 2015

Bloddy Chinese Spammers!!1
I made my server live for the first time, and within 5 minutes these requests started flowing in.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment