Home       Trees       Indices       Help   
Package pywebfuzz :: Module fuzzdb :: Class attack_payloads :: Class file_upload
[hide private]
[frames] | no frames]

Class file_upload

This implements the file-upload from fuzzdb

Class Variables [hide private]
  alt_extensions_asp = ['asp', 'aspx', 'asa', 'aSP', 'aSpx', 'aS...
  alt_extensions_coldfusion = ['cfm', 'cfml', 'cfc', 'dbm', 'cFm...
  alt_extensions_jsp = ['jsp', 'jspx', 'jsw', 'jsv', 'jspf', 'jS...
  alt_extensions_perl = ['pl', 'pm', 'cgi', 'pL', 'pM', 'cGi', '...
  alt_extensions_php = ['phtml', 'php', 'php3', 'php4', 'php5', ...
  file_ul_filter_bypass_commonly_writable_directories = ['templa...
  file_ul_filter_bypass_microsoft_asp_filetype_bf = ['{ASPSCRIPT...
  file_ul_filter_bypass_microsoft_asp = ['{ASPSCRIPT}', '{ASPSCR...
  file_ul_filter_bypass_ms_php = ['#<?php phpinfo(); ?>', '#----...
  file_ul_filter_bypass_x_platform_generic = ['%00index.html', '...
  file_ul_filter_bypass_x_platform_php = ['#-----', '{PHPSCRIPT}...
  invalid_filenames_linux = ['']
  invalid_filenames_microsoft = ['CON.{EXT}', 'PRN.{EXT}', 'AUX....
  invalid_filesystem_chars_microsoft = ['*', '.', '"', '/', '\\'...
  location = '/data/attack-payloads/file-upload/invalid-filesyst...
  invalid_filesystem_chars_osx = [':']
Class Variable Details [hide private]

alt_extensions_asp

Value:
['asp',
 'aspx',
 'asa',
 'aSP',
 'aSpx',
 'aSa',
 'asp%20%20%20',
 'aspx%20%20%20',
...

alt_extensions_coldfusion

Value:
['cfm',
 'cfml',
 'cfc',
 'dbm',
 'cFm',
 'cFml',
 'cFc',
 'dBm',
...

alt_extensions_jsp

Value:
['jsp',
 'jspx',
 'jsw',
 'jsv',
 'jspf',
 'jSp',
 'jSpx',
 'jSw',
...

alt_extensions_perl

Value:
['pl',
 'pm',
 'cgi',
 'pL',
 'pM',
 'cGi',
 'lib',
 'lIb',
...

alt_extensions_php

Value:
['phtml',
 'php',
 'php3',
 'php4',
 'php5',
 'inc',
 'pHtml',
 'pHp',
...

file_ul_filter_bypass_commonly_writable_directories

Value:
['templates_compiled',
 'templates_c',
 'templates',
 'temporary',
 'images',
 'cache',
 'temp',
 'files',
...

file_ul_filter_bypass_microsoft_asp_filetype_bf

Value:
['{ASPSCRIPT}',
 '{ASPSCRIPT}.{EXT}',
 '{ASPSCRIPT};',
 '{ASPSCRIPT};.{EXT}',
 '{ASPSCRIPT}%00',
 '{ASPSCRIPT}%00.{EXT}',
 '{ASPSCRIPT}::data%00.',
 '{ASPSCRIPT}::data%00.{EXT}']

file_ul_filter_bypass_microsoft_asp

Value:
['{ASPSCRIPT}',
 '{ASPSCRIPT};',
 '{ASPSCRIPT};.jpg',
 '{ASPSCRIPT};.pdf',
 '{ASPSCRIPT};.html',
 '{ASPSCRIPT};.htm',
 '{ASPSCRIPT};.txt',
 '{ASPSCRIPT};.xyz',
...

file_ul_filter_bypass_ms_php

Value:
['#<?php phpinfo(); ?>',
 '#-----',
 '{PHPSCRIPT}',
 '{PHPSCRIPT}.phtml',
 '{PHPSCRIPT}.php.html',
 '{PHPSCRIPT}.php::$DATA',
 '{PHPSCRIPT}.php.php.rar',
 '{PHPSCRIPT}.php.rar',
...

file_ul_filter_bypass_x_platform_generic

Value:
['%00index.html', ';index.html', '%00']

file_ul_filter_bypass_x_platform_php

Value:
['#-----',
 '{PHPSCRIPT}',
 '{PHPSCRIPT}.phtml',
 '{PHPSCRIPT}.php.html',
 '{PHPSCRIPT}.php.php.rar',
 '{PHPSCRIPT}.php.rar']

invalid_filenames_microsoft

Value:
['CON.{EXT}',
 'PRN.{EXT}',
 'AUX.{EXT}',
 'CLOCK$.{EXT}',
 'NUL.{EXT}',
 'COM1.{EXT}',
 'COM2.{EXT}',
 'COM3.{EXT}',
...

invalid_filesystem_chars_microsoft

Value:
['*', '.', '"', '/', '\\', '[', ']', ':', ';', '|', '=', ',']

location

Value:
'/data/attack-payloads/file-upload/invalid-filesystem-chars-osx.txt'

   Home       Trees       Indices       Help   
Generated by Epydoc 3.0.1 on Wed Oct 20 23:04:09 2010 http://epydoc.sourceforge.net